For a pass-the-hash attack to work, what must the attacker obtain?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

For a pass-the-hash attack to work, what must the attacker obtain?

Explanation:
Pass-the-hash relies on using the actual hash value that a system stores or uses to verify a user, rather than the plaintext password. If an attacker obtains that hash, they can present it to authentication services and gain access as the user without ever knowing the real password. The plaintext password isn’t required for this technique, and just knowing the username isn’t enough to authenticate. A patched vulnerability is a defensive measure and doesn’t describe what the attacker needs to perform the attack itself. So, obtaining the password hash is the essential prerequisite for this attack.

Pass-the-hash relies on using the actual hash value that a system stores or uses to verify a user, rather than the plaintext password. If an attacker obtains that hash, they can present it to authentication services and gain access as the user without ever knowing the real password. The plaintext password isn’t required for this technique, and just knowing the username isn’t enough to authenticate. A patched vulnerability is a defensive measure and doesn’t describe what the attacker needs to perform the attack itself. So, obtaining the password hash is the essential prerequisite for this attack.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy