Exam PT0-001 topic 1 question 96 discussion

Actual exam question from CompTIA's PT0-001

Question #: 96
Topic #: 1

A tester has captured a NetNTLMv2 hash using Responder. Which of the following commands will allow the tester to crack the hash using a mask attack?

A. hashcat -m 5600 -r rules/bestG4.rule hash.txt wordlist.txt
B. hashcat -m 5600 hash.txt
C. hashcat -m 5600 -a 3 hash.txt ?a?a?a?a?a?a?a?a
D. hashcat -m 5600 -o results.text hash.txt wordlist.txt

Show Suggested Answer

Suggested Answer: C 🗳️

by mr_robot at April 15, 2020, 10:54 p.m.

Comments

Submit Cancel

mr_robot

Highly Voted 5 years, 1 month ago

I would go for C. https://laconicwolf.com/2018/09/29/hashcat-tutorial-the-basics-of-cracking-passwords-with-hashcat/ -m 5600 --> specifies NetNTLMv2 as the hash type -a 3 --> specifies a mask attack, hash.txt --> file containing the hashes ?a?a?a?a?a?a?a?a --> this particular mask will attempt to bruteforce an 8 character password where all characters can be uppercase, lowercase, digits and can have space, symbols, etc. https://www.4armed.com/blog/perform-mask-attack-hashcat/ https://hashcat.net/wiki/doku.php?id=hashcat https://hashcat.net/wiki/doku.php?id=mask_attack https://www.cyberpratibha.com/hashcat-tutorial-for-password-cracking/

upvoted 14 times

...

miabe

Most Recent 2 years, 10 months ago

Selected Answer: C

looks good to me

upvoted 1 times

...

Cock

3 years, 3 months ago

It was on the exam

upvoted 2 times

...