312-50V13 · Question #103
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the c
The correct answer is C. Eve is trying to carry out a password crack for user Administrator. Given the use of the ENUM tool and the context of port 445 (SMB) being open, Eve is attempting to carry out a password crack against the 'Administrator' user, likely using enumeration to gather information for the attack.
Question
Options
- AEve is trying to connect as a user with Administrator privileges
- BEve is trying to enumerate all users with Administrative privileges
- CEve is trying to carry out a password crack for user Administrator
- DEve is trying to escalate privilege of the null user to that of Administrator
How the community answered
(39 responses)- A3% (1)
- B15% (6)
- C74% (29)
- D8% (3)
Why each option
Given the use of the ENUM tool and the context of port 445 (SMB) being open, Eve is attempting to carry out a password crack against the 'Administrator' user, likely using enumeration to gather information for the attack.
Connecting as an administrator would require knowing the password or exploiting a different vulnerability, not primarily enumerated by ENUM for a direct connection attempt.
Enumerating users with administrative privileges is a *part* of what ENUM does, but 'carrying out a password crack' is a more specific and advanced objective that enumeration often leads to, especially when the target is the powerful 'Administrator' account.
While the ENUM tool is primarily for enumeration (gathering user, group, and share information on Windows systems, often via SMB on port 445), it can be used in conjunction with other tools or scripts to launch password cracking attempts against enumerated accounts, including the default 'Administrator'. Without the specific command, 'password crack for user Administrator' is the most aggressive attack scenario related to enumeration that fits the context of 'enum tool' and an 'active and listening' system.
Escalating privileges for a 'null user' (an unauthenticated session) to Administrator typically involves exploiting a specific vulnerability, not a direct action of the ENUM tool itself in the manner of a password crack.
Concept tested: ENUM tool usage for password cracking
Topics
Community Discussion
No community discussion yet for this question.