Mary, a penetration tester, has found password hashes in a client system she managed to breach. She needs to use these passwords to continue with the test, but she does not have time to find the passwords that correspond to these hashes.
Which type of attack can she implement in order to continue?
Pass the hash is an attack technique where the attacker uses the hash of a password to authenticate without needing to know the actual password. Since Mary has found password hashes, using a pass the hash attack would allow her to continue the penetration test by leveraging these hashes to gain unauthorized access to the system. This method is effective because it bypasses the need to crack the passwords, saving time while still achieving the goal of the test.
A. Pass the hash: An attack where the attacker uses a hashed value instead of the actual password to gain unauthorized access. B. Internal monologue attack: Stealing a user's internal thoughts or dialogues from a system to obtain sensitive information. C. LLMNR/NBT-NS poisoning: Exploiting vulnerabilities in LLMNR and NBT-NS protocols to redirect hostname resolution and potentially enable man-in-the-middle attacks or eavesdropping. D. Pass the ticket: Leveraging stolen authentication tickets to impersonate identities and gain unauthorized access to systems or services.
A. Pass the hash attack, where she can use the captured password hash to authenticate to the system without knowing the original password. This attack is commonly used when password cracking is not feasible. B is an internal monologue attack, C is LLMNR/NBT-NS poisoning, and D is Pass the ticket.
A. Pass the hash Like V11 Q399
A. Pass the hash
A hash injection/PtH attack allows an attacker to inject a compromised hash into a local session and use the hash to validate network resources The attacker finds and extracts a logged-on domain admin account hash The attacker uses the extracted hash to log on to the domain controller Module 06 Page 6 CEHV12
A. Pass the hash
A. Pass the hash