🔥 3-day streak
CompTIA PenTest+ (PT0-003)115 / 175
Question 115 of 175
During an internal engagement, you capture NTLMv2 authentication attempts using Responder but need to escalate beyond offline cracking, which is too slow given weak-password policy is enforced. You enumerate the domain and identify several hosts where SMB signing is not required. You want to leverage the captured authentication to gain command execution on one of these hosts. What is the MOST effective next step?
Reviewed for accuracy · Report an issueNext question