I know one thing for sure. You guys better go read some more. The answer is C. From what I see on here, lots of you are just memorizing the half ass wrong dumps. You might pass with luck and using this- tho I doubt it-, but lots of you have no idea what you are talking about or reading for that matter. Fun Fact. When brought in for an interview, you will be questioned. This cert is not the "end all". You will not get a job just because you passed these tests... If you provide answers and speculation like I see on here, you are screwed!!! If it isnt over your heads, read the following link.
https://www.blackhillsinfosec.com/a-toast-to-kerberoast/
I highly agree with you. I have supported a customer that had been targeted using Kerberoasting attack, which made me researched about it. Answer is definitely C. Kerberoasting dumps the hashed credentials not plaintext, you still need to crack it offline using hashcat.
The answer is C, because we used Kerberoasting in lateral movement and the doesn't dump password in plain text even if we cracked it offline is still depending on the complexity of the password
Would C be the best answer for this?
"Kerberoasting enables privilege escalation and lateral network movement. Kerberoasting is used by attackers once they are established inside an enterprise network and have begun reconnaissance for lateral movement. The technique allows the attackers, as valid domain users, to request a Kerberos service ticket for any service, capture that ticket granting service (TGS) ticket from memory, and then attempt to crack the service credential hash offline using any number of password-cracking tools, such as Hashcat, John the Ripper, and others."
https://www.qomplx.com/qomplx-knowledge-kerberoasting-attacks-explained/
The correct answer is D according to the CompTIA Pentest+ Practice Test, Sybex.
Note:
D. Kerberoasting is a technique that relies on requesting service tickets for service account
service principal names (SPNs). The tickets are encrypted with the password of the service
account associated with the SPN, meaning that once a tester has obtained the service
tickets by using a tool like Mimikatz, the tester can crack the tickets to obtain the service
account password using offline cracking tools. Kerberoasting is a four-step process:
1. Scan Active Directory for user accounts with service principal names (SPNs) set.
2. Request service tickets using the SPNs.
3. Extract the service tickets from memory and save to a file.
4. Conduct an offline brute-force attack against the passwords in the service tickets.
IMO D is the correct answer. Main aim of kerberoasting attack is to request the Ticket
Granting Ticket from a domain service account and crack the account's
plaintext password offline. You can use this information whatever you want: to create new
golden tickets, to escalate priviliges or leteral movement.
I would go with C.
"Kerberoasting is an efficient technique for hackers who have limited rights within a domain. Depending on the strength of the passwords, an attacker can quickly gain access to multiple accounts and then use them to launch additional attacks and collect data."
Site: https://www.scip.ch/en/?labs.20181011
D? I don't think a kerberosting attack dump plain-text passwords from the system. Rather, you get hashes which you can, possibly, crack offline. I don't know if I know of a better answer than D, but D does not seem quite right.
I guess you could say you can dump hashes and plaintext passwords with Kerberoasting when using Mimikatz. This is taken from Jason Dion's video: "Kerberoasting - Any domain user account that has a service principal name (SPN) set can have a service ticket (TGS). Ticket can be requested by any user in the domain and allows for offline cracking of the service account plaintext password."
And this is an example of this attack - https://www.youtube.com/watch?v=beRDcvBwTBw
PenTest+ Practice Tests Book - SYBEX
D. - Kerberoasting is a technique that relies on requesting service tickets for service
account service principal names (SPNs). The tickets are encrypted with the password
of the service account associated with the SPN, meaning that once a tester has
obtained the service tickets by using a tool like Mimikatz, the tester can crack the
tickets to obtain the service account password using offline cracking tools.
Kerberoasting is a four-step process:
1. Scan Active Directory for user accounts with service principal names (SPNs) set.
2. Request service tickets using the SPNs.
3. Extract the service tickets from memory and save to a file.
4. Conduct an offline brute-force attack against the passwords in the service
tickets.
SYBEX | Pentest Questions | Chapter 3 Attacks and Exploits | Question 176
D - The tester compromised an account and needs to dump hashes and plaintext
passwords from the system.
I believe so, I don't think the Comptia exam would double check the answers from the book however, I have noticed seeing the questions from the exam shorter compared to the book.
upvoted 3 times
...
...
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cooljane
Highly Voted 5 years, 4 months agowho__cares123456789___
4 years, 3 months agotester27
3 years, 10 months agoufovictim
4 years, 2 months agoftoon
3 years, 11 months agomr_robot
Highly Voted 4 years, 9 months agosomeguy1393
4 years, 4 months agokloug
Most Recent 2 years, 2 months agomiabe
2 years, 9 months agocvMikazuki
3 years, 6 months agoCybeSecN
3 years, 9 months agonakres64
4 years agokamaluchi
3 years, 9 months agockr8
4 years agokabwitte
4 years, 9 months agoD1960
4 years, 10 months agomr_robot
4 years, 10 months agomr_robot
5 years agojon34thna
5 years, 1 month agoD1960
5 years, 1 month agomr_robot
5 years ago