GCIH · Question #518
An attacker has gained the ability to sniff client traffic on a local subnet. Which technique would they use to cause clients to reauthenticate to internal applications in an attempt to capture user c
The correct answer is D. Inject crafted RESET packets with the clients' and servers' IP addresses. An attacker can use crafted RESET packets to drop a connection, forcing victims into setting up a connection again. When they set up a new connection, they will likely reauthenticate, giving the attacker a chance to grab authentication information.
Question
An attacker has gained the ability to sniff client traffic on a local subnet. Which technique would they use to cause clients to reauthenticate to internal applications in an attempt to capture user credentials?
Options
- ADecrement the TTL values of client requests to application servers
- BSpoof client DNS queries for application server lookups
- CReplay captured DHCP client requests and server responses on the network
- DInject crafted RESET packets with the clients' and servers' IP addresses
How the community answered
(32 responses)- A22% (7)
- B6% (2)
- C9% (3)
- D63% (20)
Explanation
An attacker can use crafted RESET packets to drop a connection, forcing victims into setting up a connection again. When they set up a new connection, they will likely reauthenticate, giving the attacker a chance to grab authentication information.
Topics
Community Discussion
No community discussion yet for this question.