During a penetration test, you have successfully dumped password hashes from a compromised system. Which of the following techniques is the most effective method for revealing the original plaintext passwords from these hashes?
Use an offline dictionary attack to compare the captured hashes against a wordlist.
Change the system's cryptographic protocol to force the existing hashes to revert to plaintext.
Deploy a keylogger to capture credentials as users type them.
Alter the system to store passwords in an unencrypted format for any new accounts.
Offline password cracking techniques, such as a dictionary attack, involve comparing the captured password hashes against a list of pre-computed hashes from common words and phrases. This is the standard method for attempting to recover plaintext passwords from hashes. Altering the system to store future passwords insecurely or using a keylogger are different attack methods that do not help in cracking existing hashes. Hashing is a one-way function, so changing cryptographic protocols will not revert existing hashes to plaintext.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a dictionary attack in password cracking?
Open an interactive chat with Bash
Why can’t hashes be reverted to plaintext directly?
Open an interactive chat with Bash
How does an offline dictionary attack differ from a brute-force attack?