Which attack is generally more resource-efficient according to the material: sniffing or cracking the LANMAN hash?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which attack is generally more resource-efficient according to the material: sniffing or cracking the LANMAN hash?

Explanation:
The key idea here is how efficiently you can obtain the password once you have access to a LANMAN hash. Brute-forcing the LANMAN hash is typically the more resource-efficient path because you can take a captured hash and run offline, highly parallelizable cracking processes (often on GPUs) without needing continuous access to the network or chasing real-time traffic. This means you can invest compute time up front and churn through possibilities until you recover the password, with relatively predictable resource use and result time, compared to trying to sniff enough traffic and extract plaintext credentials directly, which can be slow, unreliable, and easily detected. Sniffing alone only collects data; it doesn’t directly yield the password and may require additional cracking anyway, plus it depends on network conditions and the amount of traffic observed. The other options—replaying a handshake, exploiting a buffer overflow, or using a Wi‑Fi side-channel—address different attack surfaces and don’t directly align with the goal of efficiently obtaining the password from the LANMAN hash.

The key idea here is how efficiently you can obtain the password once you have access to a LANMAN hash. Brute-forcing the LANMAN hash is typically the more resource-efficient path because you can take a captured hash and run offline, highly parallelizable cracking processes (often on GPUs) without needing continuous access to the network or chasing real-time traffic. This means you can invest compute time up front and churn through possibilities until you recover the password, with relatively predictable resource use and result time, compared to trying to sniff enough traffic and extract plaintext credentials directly, which can be slow, unreliable, and easily detected.

Sniffing alone only collects data; it doesn’t directly yield the password and may require additional cracking anyway, plus it depends on network conditions and the amount of traffic observed. The other options—replaying a handshake, exploiting a buffer overflow, or using a Wi‑Fi side-channel—address different attack surfaces and don’t directly align with the goal of efficiently obtaining the password from the LANMAN hash.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy