Certified Ethical Hacker (CEH v11) — Question 56

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.
Which file do you have to clean to clear the password?

Answer options

• A. .xsession-log
• B. .profile
• C. .bashrc
• D. .bash_history

Correct answer: D

Explanation

The correct answer is D, .bash_history, because this file logs the commands entered in the shell, which could include sensitive information like passwords. The other options, while they may contain configuration settings or session logs, do not typically record command history in a way that would expose plaintext passwords entered during the session.