ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 154 discussion

Actual exam question from CompTIA's PT0-001
Question #: 154
Topic #: 1
[All PT0-001 Questions]

A tester was able to retrieve domain users' hashes. Which of the following tools can be used to uncover the users' passwords? (Choose two.)

  • A. Hydra
  • B. Mimikatz
  • C. Hashcat
  • D. John the Ripper
  • E. PSExec
  • F. Nessus
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
Reference:
https://pentestlab.blog/2018/07/04/dumping-domain-password-hashes/
by Matherson at May 2, 2021, 3:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
macr0sss
Highly Voted 3 years, 11 months ago
out of the options I will go with C & D. hashcat and john the ripper have ability to crack passwords from hashes. mimikatz is used to retrieve the hashes (but hashes were already captured), psexec more for pass the hash.
upvoted 10 times
...
kloug
Most Recent 2 years, 2 months ago
b,cccccccccccccccc
upvoted 1 times
...
miabe
2 years, 9 months ago
Selected Answer: CD
looks good to me
upvoted 1 times
...
anonamphibian
3 years, 2 months ago
This Question is in regards to cracking the "hashed passwords" not to grab more hashes or uncover clear text credentials. With that said, C and D are the proper choices.
upvoted 1 times
...
Moytra
3 years, 5 months ago
I found this, sounds a bit logic Mimikatz is a popular post-exploitation tool that dumps passwords, hashes, PINs, and Kerberos tickets from memory. It also allows for pass-the-hash, pass-the-ticket, and the creation of Golden Kerberos tickets, which are all useful attacks. This facilitates attackers' post-exploitation lateral mobility inside a network. PSExec is used by attackers for the same reasons: it allows them to travel laterally and communicate with distant machines while using compromised credentials. When used in conjunction with mimikatz, psexec enables attackers to make a lateral move without the need for a plaintext password.
upvoted 1 times
...
CapCrunch
3 years, 9 months ago
C, D The tester already has the hashs next is to crack the hashs
upvoted 2 times
...
smalltech
3 years, 10 months ago
C,D :Hashcat is a very fast cracking tool that uses CPUs or GPUs to perform hash cracking. Typically, John the Ripper is the go-to for CPU-based cracking. However, when Hashcat uses GPUs for cracking, it can be much faster than CPU cracking, even with John.
upvoted 1 times
...
Matherson
3 years, 12 months ago
https://www.offensive-security.com/metasploit-unleashed/psexec-pass-hash/ I was uncertain of PSExec, according to this yes?
upvoted 1 times
catastrophie
3 years, 10 months ago
PSExec by itself it just a command line interface. Metasploit has module called psexec_ntdsgrab which is used to to basically grab a current snapshot of current Active Directory HIVE files which will contain your hashes. The hashes can then be passed to JtR or HC for cracking attempts. So with that being said the question is asking what can be used to UNCOVER usernames / passwords. That would be the programs that can break the hash. Answer is C&D.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago