Pen test was able to apparently obtain some password hashes by catching packets during scans

while scanning with credentials. In a pen test the tester was able to apparently obtain some password hashes by catching packets during scans.What kinds of authentication passing are being used during scanning?

This is a configuration issue, some one allowed insecure use of credentials :wink:

Normally credentials are only passed to the target via encrypted channels, but if you tick “allow insecure use” then it will be transmitted not securely.

Additional a large default password database is used, did your pen tester validated the hash against the default password list ?

1 Like