ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v10 All Questions

View all questions & answers for the 312-50v10 exam
Go to Exam

Exam 312-50v10 topic 1 question 114 discussion

Actual exam question from ECCouncil's 312-50v10
Question #: 114
Topic #: 1
[All 312-50v10 Questions]

In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.
Which of the following is true hash type and sort order that is used in the psexec module's 'smbpass' option?

  • A. LM:NT
  • B. NTLM:LM
  • C. NT:LM
  • D. LM:NTLM
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Gibby_Toni at Aug. 24, 2020, 7:07 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Vincent_Lu
6 months, 2 weeks ago
Selected Answer: D
D. LM:NTLM
upvoted 1 times
...
Yebi
1 year, 3 months ago
Selected Answer: D
Correct Answer should be :"D. LM:NTLM" https://marc.info/?l=metasploit-framework&m=120801903514927
upvoted 2 times
...
[Removed]
2 years ago
Selected Answer: D
LM:NTLM
upvoted 1 times
...
datastream
3 years, 3 months ago
The order is that undoubtedly LM is first. As regards NT or NTLM......this is a Metasploit question and they call it NTLM https://www.offensive-security.com/metasploit-unleashed/psexec-pass-hash/ the order is undoubtedly that LM is first. As regards
upvoted 1 times
...
devag
3 years, 5 months ago
A is correct - https://medium.com/@petergombos/lm-ntlm-net-ntlmv2-oh-my-a9b235c58ed4
upvoted 1 times
...
goodlife
3 years, 7 months ago
Correct answer is D (see https://en.wikipedia.org/wiki/Pass_the_hash)
upvoted 1 times
...
hasib125
3 years, 7 months ago
D: LM:NTLM also correct !
upvoted 1 times
...
Gibby_Toni
3 years, 8 months ago
ermm... shouldnt the ans be D (LM:NTLM)
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago