Certified Ethical Hacker (CEH v13) — Question 240

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.
Which file do you have to clean to clear the password?

Answer options

• A. .xsession-log
• B. .profile
• C. .bashrc
• D. .bash_history

Correct answer: D

Explanation

The correct answer is D, .bash_history, because this file stores the command history for the bash shell, which would include any plaintext passwords entered during the session. The other files, like .profile and .bashrc, are configuration files and do not log command history, while .xsession-log is related to X session logs and not relevant to command inputs.