CompTIA PenTest+ (PT1-002) — Question 45

A tester who is performing a penetration test on a website receives the following output:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62
Which of the following commands can be used to further attack the website?

Answer options

• A. <script>var adr= '../evil.php?test=' + escape(document.cookie);</script>
• B. ../../../../../../../../../../etc/passwd
• C. /var/www/html/index.php;whoami
• D. 1 UNION SELECT 1, DATABASE(),3--

Correct answer: D

Explanation

The correct answer is D because it uses a SQL injection technique to extract the database name, which can further compromise the database's security. Option A is an XSS attack that does not exploit the SQL issue, B attempts to access a sensitive file directly but is not related to SQL injection, and C is an attempt to execute a command but does not target the SQL vulnerability.