nerdexam
EC-Council

312-50V11 · Question #952

Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network. Ultimately, he succe

The correct answer is A. wash. The wash utility is a specialized command-line tool for enumerating WPS-enabled access points, including their WPS lock state, making it the correct choice for this wireless reconnaissance task.

Hacking Wireless Networks

Question

Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network. Ultimately, he succeeded with one special command-line utility. Which of the following command-line utilities allowed Morris to discover the WPS-enabled APs?

Options

  • Awash
  • Bntptrace
  • Cmacof
  • Dnet View

How the community answered

(27 responses)
  • A
    89% (24)
  • C
    7% (2)
  • D
    4% (1)

Why each option

The wash utility is a specialized command-line tool for enumerating WPS-enabled access points, including their WPS lock state, making it the correct choice for this wireless reconnaissance task.

AwashCorrect

wash is a passive scanning tool bundled with the Reaver suite (available in Kali Linux) that monitors beacon and probe response frames to enumerate WPS-enabled access points in range. It displays each AP's BSSID, channel, RSSI, WPS version, and crucially the WPS lock status, which is precisely the information Morris needed to determine whether target APs were in a locked state.

Bntptrace

ntptrace is a utility for tracing the hierarchy of NTP servers synchronizing time on a network and has no functionality related to wireless networks or WPS enumeration.

Cmacof

macof is a Layer 2 attack tool used to flood a switch's CAM table with fake MAC addresses to force the switch into fail-open (hub) mode, which is entirely unrelated to wireless WPS discovery.

Dnet View

net view is a Windows command for listing shared folders and computers in a workgroup or domain and has no capability for scanning wireless networks or identifying WPS-enabled access points.

Concept tested: WPS-enabled AP enumeration using wash utility

Source: https://www.kali.org/tools/wash/

Topics

#WPS#wash tool#wireless AP discovery#Wi-Fi hacking tools

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice