CompTIA PenTest+ (PT0-002) — Question 302

A penetration tester wants to crack MD5 hashes more quickly. The tester knows that the first part of the password is Winter followed by four digits and a special character at the end. Which of the following commands should the tester use?

Answer options

• A. john hash.txt --format=MD5 --wordlist=seasons.txt --fork=8 --rules=base64
• B. hashcat hash.txt -m 0 -a 6 seasons.txt ?d?d?d?d?s
• C. john hash.txt --format=Raw-MD5 --rules=jumbo --wordlist=seasons.txt
• D. hashcat hahs.txt -m 500 -a 7 --force -) -w 4 --opencl-device-types 1,2

Correct answer: B

Explanation

The correct answer is B because it uses hashcat with the appropriate mode and attack type to efficiently crack the specified pattern of the password. Option A does not target the correct format and rules for this scenario, while C also fails to apply the correct attack strategy. Option D has a typo in the file name and uses an incorrect hash mode for MD5.