GIAC Penetration Tester (GPEN) — Question 67

You successfully compromise a target system's web application using blind command injection. The command you injected is ping-n 1 192.168.1.200. Assuming your machine is 192.168.1 200, which of the following would you see?

Answer options

• A. Ping-n 1 192.168.1 200 on the compromised system
• B. A 'Destination host unreachable' error message on the compromised system
• C. A packet containing 'Packets: Sent - 1 Received = 1, Loss = 0 (0% loss) on yoursniffer
• D. An ICMP Echo packet on your sniffer containing the source address of the target

Correct answer: A

Explanation

The correct answer is A because the command injected would run on the compromised system, which is trying to ping the attacker's machine at the given IP address. Option B is incorrect as that error would occur if the target could not reach the attacker's machine, which it can. Options C and D are also incorrect as they refer to the attacker's perspective rather than the compromised system's output.