nerdexam
EC-Council

312-50V11 · Question #345

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient way to crack the passwords for the AD users?

The correct answer is C. Perform an attack with a rainbow table.. Windows Server 2003 Active Directory stored passwords using weak LM (LAN Manager) hashes by default, making rainbow table attacks the most efficient cracking method due to precomputed hash lookups.

System Hacking

Question

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient way to crack the passwords for the AD users?

Options

  • APerform a dictionary attack.
  • BPerform a brute force attack.
  • CPerform an attack with a rainbow table.
  • DPerform a hybrid attack.

How the community answered

(18 responses)
  • B
    6% (1)
  • C
    89% (16)
  • D
    6% (1)

Why each option

Windows Server 2003 Active Directory stored passwords using weak LM (LAN Manager) hashes by default, making rainbow table attacks the most efficient cracking method due to precomputed hash lookups.

APerform a dictionary attack.

Dictionary attacks try words from a wordlist and are slower than rainbow tables because hashes must be computed at attack time rather than looked up from precomputed tables.

BPerform a brute force attack.

Brute force attacks try every possible character combination and are the least efficient method, especially as password length grows.

CPerform an attack with a rainbow table.Correct

Windows Server 2003 used LM hashes, which split passwords into two 7-character chunks and encrypt them with DES - a scheme with a very limited keyspace. Rainbow tables contain precomputed hash-to-plaintext mappings for the entire LM hash space, allowing near-instant lookups rather than computing hashes on the fly. This makes rainbow table attacks dramatically faster than any other method against LM hashes.

DPerform a hybrid attack.

Hybrid attacks combine dictionary words with brute force mutations, which is still slower than a precomputed rainbow table lookup against the weak LM hash scheme.

Concept tested: LM hash weakness and rainbow table attacks

Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change

Topics

#rainbow table#password cracking#Active Directory#LM hash

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice