Virtual Labs

Tools

Aim

Theory

Pretest

Procedure

Simulation

Posttest

References

Feedback

Aim

Theory

Pretest

Procedure

Simulation

Posttest

References

Feedback

OS command injection

Choose difficulty:

Beginner

Intermediate

Advanced

What is OS command injection?

a: A way to speed up command execution Explanation

Explanation

b: A vulnerability allowing execution of arbitrary commands Explanation

Explanation

c: A method for improving system performance Explanation

Explanation

d: A technique for optimizing queries Explanation

Explanation

Which of the following can help mitigate OS command injection?

a: Running commands with root privileges Explanation

Explanation

b: Using parameterized commands Explanation

Explanation

c: Avoiding input validation Explanation

Explanation

d: Directly incorporating user input in commands Explanation

Explanation

What does the following user input indicate: 'file.txt && cat /etc/passwd'?

a: An attempt to view a file and list its contents Explanation

Explanation

b: An attempt to execute multiple commands Explanation

Explanation

c: A benign file reading operation Explanation

Explanation

d: A syntax error in the command Explanation

Explanation

Which function is considered unsafe when executing shell commands in Python?

a: subprocess.run() with shell=False Explanation

Explanation

b: os.system() Explanation

Explanation

c: shutil.copy() Explanation

Explanation

d: open() Explanation

Explanation

What is one common goal of an OS command injection attack?

a: To speed up system processes Explanation

Explanation

b: To execute arbitrary commands on the system Explanation

Explanation

c: To improve database queries Explanation

Explanation

d: To optimize network performance Explanation

Explanation

Which is an example of a safe way to execute commands in a web application?

a: Sanitizing user input and using parameterized functions Explanation

Explanation

b: Allowing user input directly in shell commands Explanation

Explanation

c: Running commands as an admin user Explanation

Explanation

d: Disabling all security checks Explanation

Explanation

Community Links Sakshat Portal Outreach Portal FAQ: Virtual Labs

AGPL 3.0 & Creative Commons (CC BY-NC-SA 4.0)