What is a web-based script that provides access to a web server for attackers?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

What is a web-based script that provides access to a web server for attackers?

Explanation:
A web shell is a web-accessible backdoor script that an attacker places on a compromised web server to gain remote control. Once uploaded in a web language like PHP, ASP, or JSP, it provides a command-line interface and file-management capabilities through a browser, allowing the attacker to run commands, upload or download files, and maneuver within the server environment from anywhere via HTTP. This exact setup—a script on the web server that gives ongoing access for control and exploration—makes it the best match for the description. Other options don’t fit that role. A Launch Daemon is simply a background service on macOS that starts at boot, not a tool an attacker uses to access a web server. Sudo is a privilege-elevation command on Unix-like systems, not a web-based backdoor. InSpectre relates to detecting or exploiting the Spectre vulnerability, not providing ongoing web-based access to a server.

A web shell is a web-accessible backdoor script that an attacker places on a compromised web server to gain remote control. Once uploaded in a web language like PHP, ASP, or JSP, it provides a command-line interface and file-management capabilities through a browser, allowing the attacker to run commands, upload or download files, and maneuver within the server environment from anywhere via HTTP. This exact setup—a script on the web server that gives ongoing access for control and exploration—makes it the best match for the description.

Other options don’t fit that role. A Launch Daemon is simply a background service on macOS that starts at boot, not a tool an attacker uses to access a web server. Sudo is a privilege-elevation command on Unix-like systems, not a web-based backdoor. InSpectre relates to detecting or exploiting the Spectre vulnerability, not providing ongoing web-based access to a server.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy