CompTIA
PT0-001 · Question #187
PT0-001 Question #187: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-001 to reveal the answer and full explanation for question #187. The question stem and answer options stay visible for context.
Post-exploitation and lateral movement
Question
During an internal network penetration test the tester is able to compromise a Windows system and recover the NTLM hash for a local wrltsrnAdrain account Attempting to recover the plaintext password by cracking the hash has proved to be unsuccessful, and the tester has decided to try a pass-the-hash attack to see if the credentials are reused on other in-scope systems Using the Medusa tool the tester attempts to authenticate to a list of systems, including the originally compromised host, with no success Given the output below: Which of the following Medusa commands would potentially provide better results?
Options
- A#medusa -h hosts.txt -U usera.txt -P hashes, txt -M smbnt. -m GROP:LOCAL -O out.txt -m
- B#medusa -H hosts.txt -U users, txt -P hashes, txt -M smbnt -m PASS:HASH -o out. txt
- C#medusa -H hosts.txt -u WrkStnAdmin -p
- D#medusa -H hosts.txt -C creds.txt -M mssq1 -m GROUP: DOMAIN -o out.txt
Unlock PT0-001 to see the answer
You've previewed enough free PT0-001 questions. Unlock PT0-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#pass-the-hash#NTLM#Medusa#lateral movement