GWAPT Practice Questions: Configuration, Command Injection & Flaws Domain
Test your GWAPT knowledge with 10 practice questions from the Configuration, Command Injection & Flaws domain. Includes detailed explanations and answers.
GWAPT Practice Questions
Master the Configuration, Command Injection & Flaws Domain
Test your knowledge in the Configuration, Command Injection & Flaws domain with these 10 practice questions. Each question is designed to help you prepare for the GWAPT certification exam with detailed explanations to reinforce your learning.
Question 1
During a web application penetration test, you identify a parameter that appears to be vulnerable to command injection. Which of the following payloads would you use to test for a basic command injection vulnerability in a Unix-based system?
Show Answer & Explanation
Correct Answer: A
Explanation: Option A '1; ls' is the correct answer. This payload attempts to terminate the current command and execute 'ls' to list directory contents, a common test for command injection vulnerabilities on Unix-based systems. Option B '1 OR 1=1' is an SQL injection payload, not relevant for command injection. Option C '1' UNION SELECT null --' is also related to SQL injection. Option D 'alert('test')' is a payload for testing cross-site scripting (XSS) vulnerabilities.
Question 2
You are using Burp Suite to test a web application and notice that a parameter in a URL is being passed to a shell script on the server. Which Burp Suite feature would you use to automate the testing of this parameter for command injection vulnerabilities?
Show Answer & Explanation
Correct Answer: B
Explanation: Option B is the correct answer because Burp Suite's Intruder tool is designed to automate the testing of web application parameters by sending multiple payloads to identify vulnerabilities like command injection. Repeater (Option A) is used for manual testing of requests. Decoder (Option C) is for encoding/decoding data, and Comparer (Option D) is for comparing responses, neither of which are suitable for automating injection tests.
Question 3
During a security assessment, you find that a web application is using outdated software configurations. Which of the following best describes the potential risk associated with this finding?
Show Answer & Explanation
Correct Answer: C
Explanation: Outdated software configurations can lead to an increased likelihood of Command Injection attacks if known vulnerabilities in older versions are not patched. While outdated software can also contribute to other risks, like unauthorized data exposure (Option D) or DoS (Option B), it specifically makes the application more susceptible to known vulnerabilities, including command injection. Option A is less directly related to outdated configurations.
Question 4
You are reviewing a web application's configuration and notice that it allows for remote command execution via a web interface. Which of the following is the best practice to mitigate command injection vulnerabilities?
Show Answer & Explanation
Correct Answer: C
Explanation: Option C 'Implement strict input validation and whitelisting' is the correct answer. Whitelisting ensures that only expected and safe inputs are allowed, effectively mitigating command injection risks. Option A 'Sanitize user input by removing all special characters' is not sufficient as attackers may find ways around it. Option B 'Use parameterized queries and prepared statements' is effective for SQL injection, not command injection. Option D 'Log all user inputs for later analysis' is useful for auditing but does not prevent the vulnerability.
Question 5
While assessing a web application, you find a configuration file exposed on the server. It contains the following line: `db_password=1234`. Which of the following best describes the security flaw present here?
Show Answer & Explanation
Correct Answer: B
Explanation: Option B is the correct answer because the exposure of sensitive information such as a database password in a configuration file represents a Sensitive Data Exposure vulnerability. Option A, Command Injection, involves executing arbitrary commands on the host. Option C, Cross-Site Scripting, involves injecting scripts into web pages. Option D, SQL Injection, involves manipulating SQL queries. None of these apply to the exposure of sensitive data in configuration files.
Question 6
While testing a web application, you discover a command injection vulnerability. Which tool would you use to automate exploitation of this vulnerability and potentially gain a reverse shell?
Show Answer & Explanation
Correct Answer: B
Explanation: Metasploit is a powerful tool that can be used to automate the exploitation of vulnerabilities, including command injection, and can help in setting up a reverse shell. Burp Suite (A) is primarily used for intercepting and modifying HTTP requests. SQLMap (C) is specialized for SQL injection, not command injection. OWASP ZAP (D) is similar to Burp Suite, focusing on web application security testing but doesn't specialize in automating command injection exploitation.
Question 7
You are using Burp Suite to test a web application for command injection vulnerabilities. You send the following payload: `test; ls -la`. The server responds with a directory listing. Which of the following best describes the vulnerability you have discovered?
Show Answer & Explanation
Correct Answer: C
Explanation: Option C is correct because the response shows that the server executed the command 'ls -la', indicating a command injection vulnerability. Option A is incorrect as SQL Injection involves database queries, not OS commands. Option B is incorrect because XSS targets client-side scripts, not server-side command execution. Option D is incorrect as IDOR involves unauthorized access to objects, not command execution.
Question 8
During a web application penetration test, you identify that the application is vulnerable to command injection. Which of the following is a best practice for reporting this finding?
Show Answer & Explanation
Correct Answer: B
Explanation: Option B is correct because a comprehensive report should include a detailed proof of concept to demonstrate the vulnerability and provide remediation recommendations to help the client fix the issue. Option A is incorrect because technical details alone are insufficient for a complete report. Option C is incorrect because providing a proof of concept is important for demonstrating the issue, and legal concerns can be addressed through proper authorization. Option D is incorrect because suggesting remediation steps is crucial for helping the client address the vulnerability.
Question 9
A web application allows users to upload images. During a security assessment, you notice that the application does not validate the file type. What is the best approach to exploit this misconfiguration?
Show Answer & Explanation
Correct Answer: B
Explanation: Option B is the correct answer because uploading a PHP shell with a .jpg extension exploits the lack of file type validation and can lead to remote code execution if the server executes the file. Option A (uploading a large image) might cause a denial of service but does not exploit the file type misconfiguration directly. Option C (malicious EXIF data) is less likely to be executed unless the application processes EXIF data insecurely. Option D (uploading a text file with SQL commands) is not applicable as it doesn't exploit the file upload functionality.
Question 10
Which of the following Burp Suite tools would you primarily use to automate the detection of command injection vulnerabilities in a web application?
Show Answer & Explanation
Correct Answer: C
Explanation: Option C 'Scanner' is the correct answer. Burp Suite's Scanner is designed to automatically detect vulnerabilities, including command injection, by sending various payloads and analyzing the responses. Option A 'Intruder' is used for customized attacks and brute force testing. Option B 'Repeater' is for manual testing of requests. Option D 'Decoder' is used for encoding and decoding data.
Ready to Accelerate Your GWAPT Preparation?
Join thousands of professionals who are advancing their careers through expert certification preparation with FlashGenius.
- ✅ Unlimited practice questions across all GWAPT domains
- ✅ Full-length exam simulations with real-time scoring
- ✅ AI-powered performance tracking and weak area identification
- ✅ Personalized study plans with adaptive learning
- ✅ Mobile-friendly platform for studying anywhere, anytime
- ✅ Expert explanations and study resources
Already have an account? Sign in here
About GWAPT Certification
The GWAPT certification validates your expertise in configuration, command injection & flaws and other critical domains. Our comprehensive practice questions are carefully crafted to mirror the actual exam experience and help you identify knowledge gaps before test day.
Practice Tests — Focused, timed, domain-based
Sharpen skills with domain-specific practice questions and timed exam simulations tailored for GWAPT on FlashGenius. Below pages have some sample questions
Tip: use the domain practice tests for targeted drilling and the cheat sheet for quick remediation notes after each mock.