CompTIA PenTest+ (PT0-003) — Question 27

A penetration tester needs to collect information transmitted over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?

Answer options

• A. ntlmrelayx.py -t 192.168.1.0/24 -l 1234
• B. nc -tulpn 1234 192.168.1.2
• C. responder.py -I eth0 -wP
• D. crackmapexec smb 192.168.1.0/24 -u "user" -p "pass123"

Correct answer: C

Explanation

The correct answer is C, as responder.py is designed to capture and analyze network traffic, particularly for protocols like LLMNR and mDNS, which can help in gathering sensitive information. Options A and D focus on relaying and exploiting SMB, which are not primarily aimed at passive information gathering. Option B is using netcat to listen on a specific port, but it does not actively collect information from the network like responder.py does.