In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case. Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values. Which of the following is true hash type and sort order that is used in the psexec module's 'smbpass' option? A. LM:NT B. NTLM:LM C. NT:LM D. LM:NTLM Â Suggested Answer: A Community Answer: D This question is in 312-50V10 EC-Council Certified Ethical Hacker v10 Exam For getting EC-Council Certified Ethical Hacker (CEH) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by EC-Council. Trademarks, certification & product names are used for reference only and belong to EC-Council. The website does not contain actual questions and answers from EC-Council's Certification Exams.
Please login or Register to submit your answer
