GCIH · Question #754
What is the outcome of the command below? hashcat -m 0 -a 3 ntds.dat --potfile-path ntds.potfile -1 ?d?d?d?d?d?d
The correct answer is A. Brute force an md5 hash whose input was numbers. The hashcat command performs a brute force mask attack against MD5 hashes using a six-digit numeric pattern.
Question
What is the outcome of the command below? hashcat -m 0 -a 3 ntds.dat --potfile-path ntds.potfile -1 ?d?d?d?d?d?d
Options
- ABrute force an md5 hash whose input was numbers
- BCrack six digit LANMAN passwords
- CRemove the encryption from the ntds.dat file
- DCreate a dictionary of 3000 usernames
How the community answered
(47 responses)- A81% (38)
- B6% (3)
- C11% (5)
- D2% (1)
Why each option
The hashcat command performs a brute force mask attack against MD5 hashes using a six-digit numeric pattern.
The flag '-m 0' specifies MD5 as the hash type, and '-a 3' selects the mask/brute force attack mode. The pattern '?d?d?d?d?d?d' defines a six-position mask where each character is a digit (0-9), so hashcat systematically tries all six-digit numeric combinations as candidate MD5 inputs.
LANMAN hashes require '-m 3000' in hashcat, not '-m 0', and LANMAN operates on uppercase ASCII-split strings rather than purely numeric six-digit inputs.
Hashcat is a hash-cracking tool that recovers plaintext values; it does not decrypt or modify the ntds.dat Active Directory database file itself.
Hashcat does not generate username dictionaries; '-a 3' is a mask-based brute force attack mode, not a list generation or enumeration function.
Concept tested: Hashcat MD5 brute force mask attack parameter interpretation
Source: https://hashcat.net/wiki/doku.php?id=hashcat
Topics
Community Discussion
No community discussion yet for this question.