Which credential technique involves authenticating using a hash instead of a password?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which credential technique involves authenticating using a hash instead of a password?

Explanation:
Authenticating with a hash instead of a password is the essence of pass-the-hash. In this technique, an attacker uses a captured password hash (such as an NTLM hash) as the credential to prove identity to remote services, allowing access without ever needing the plaintext password. This enables lateral movement across systems within a Windows network because many services will accept a valid hash to authenticate, effectively letting the attacker impersonate the user. This differs from brute-force, password spraying, or dictionary attacks, which are about guessing or trying passwords to gain access rather than reusing a hash. Pass-the-hash relies on stealing the hash material itself and abusing the authentication protocol to authenticate with that hash.

Authenticating with a hash instead of a password is the essence of pass-the-hash. In this technique, an attacker uses a captured password hash (such as an NTLM hash) as the credential to prove identity to remote services, allowing access without ever needing the plaintext password. This enables lateral movement across systems within a Windows network because many services will accept a valid hash to authenticate, effectively letting the attacker impersonate the user.

This differs from brute-force, password spraying, or dictionary attacks, which are about guessing or trying passwords to gain access rather than reusing a hash. Pass-the-hash relies on stealing the hash material itself and abusing the authentication protocol to authenticate with that hash.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy