eJPT - eLearnSecurity Junior Penetration Tester Web Application Penetration Testing Questions and Answers

Question 1

A penetration tester inputs the string `` into a search field on a web application. The subsequent results page immediately executes the script, and an alert box appears. The script is not stored on the server in any permanent way. What type of Cross-Site Scripting (XSS) vulnerability has been identified?

Accepted Answer

Reflected XSS

Answer

This is a Reflected XSS attack because the malicious script was sent to the web server as part of the request (in the search query) and was then immediately 'reflected' back and executed in the victim's browser without being permanently stored.

Question 2

A penetration tester needs to discover hidden directories and files on a web server by using a wordlist to brute-force common names. Which of the following command-line tools is specifically designed for this purpose and is known for its speed?

Accepted Answer

Gobuster

Answer

Gobuster is a tool written in Go that is used to brute-force URIs (directories and files), DNS subdomains, and virtual host names on web servers. Nmap is for network scanning, Wireshark is for packet analysis, and Metasploit is an exploitation framework.

Question 3

While testing a login form, a junior pentester enters `' OR 1=1 --` into the username field and a random string in the password field. They successfully bypass authentication and gain access to an account. This is a classic example of which vulnerability?

Accepted Answer

SQL Injection (SQLi)

Answer

This is a classic SQL Injection (SQLi) attack. The injected string `' OR 1=1 --` modifies the backend SQL query so that the condition is always true, and the `--` comments out the rest of the query (like the password check), allowing the attacker to bypass authentication.

Question 4

Within Burp Suite, which tool is primarily used to act as a man-in-the-middle, allowing a tester to intercept, view, and modify all HTTP/S requests and responses between their browser and the target application in real-time?

Accepted Answer

Proxy

Answer

The Burp Proxy tool is the core of Burp Suite and functions as an intercepting web proxy. It allows the user to intercept and modify traffic passing in both directions between the browser and the target server. Intruder is for automated attacks, Repeater is for manually re-sending and modifying individual requests, and Decoder is for data encoding/decoding.

Question 5

A tester discovers a URL `http://example.com/app/profile?view=user.php`. By changing the URL to `http://example.com/app/profile?view=../../../../etc/passwd`, the contents of the server's password file are displayed. Which vulnerability has been exploited?

Accepted Answer

Local File Inclusion (LFI)

Answer

This is a Local File Inclusion (LFI) vulnerability, often combined with a Path Traversal attack. The `../` sequence is used to navigate up the directory structure to access and display a sensitive file that exists locally on the server.

eLearnSecurity Junior Penetration Tester eJPT Practice Practice Test

eLearnSecurity Junior Penetration Tester eJPT Practice Practice Test

eJPT - eLearnSecurity Junior Penetration Tester Web Application Penetration Testing Questions and Answers