nerdexam
EC-Council

312-50V10 · Question #657

What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.

The correct answer is D. L0phtcrack. L0phtcrack can passively sniff Windows LM/NTLM authentication hashes from SMB traffic and crack them offline without injecting any packets.

System Hacking

Question

What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.

Options

  • AThis is not possible
  • BNetbus
  • CNTFSDOS
  • DL0phtcrack

How the community answered

(24 responses)
  • C
    4% (1)
  • D
    96% (23)

Why each option

L0phtcrack can passively sniff Windows LM/NTLM authentication hashes from SMB traffic and crack them offline without injecting any packets.

AThis is not possible

Passive SMB hash capture followed by offline cracking is a well-documented and practical attack technique, making this claim factually incorrect.

BNetbus

Netbus is a remote access Trojan designed for backdoor control of a compromised host - it has no network sniffing or password cracking capability.

CNTFSDOS

NTFSDOS is a local disk utility for reading NTFS volumes from a DOS environment - it performs no network traffic capture or authentication hash cracking.

DL0phtcrackCorrect

L0phtcrack includes a built-in network sniffer that captures SMB challenge-response exchanges containing LM/NTLM password hashes, then applies dictionary, brute-force, or hybrid attack modes to recover plaintext passwords - accomplishing the entire attack passively from observed network traffic.

Concept tested: Passive SMB hash capture and offline cracking with L0phtcrack

Source: https://attack.mitre.org/techniques/T1040/

Topics

#L0phtcrack#SMB password cracking#network sniffing#password hashes

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice