Replies

Man in the middle attacks are pretty simple. On a local Ethernet, a simple ARP cache poisoning can allow you to insert yourself between two parties. There are more sophisticated approaches to man in the middle for SSH sessions too. I've done all of those in SANS security classes. Why stop with a password? We actually stole an entire VMware VM as a class exercise. If you throw in a web site, you have a whole new set of attack surfaces. Javascript and SQL injection attacks. Click jacking. Remote path traversal. There are many more means of attack. Master them and take your exam as a Certified Ethical Hacker. It's a valid career path in today's world of cyber warfare.

Which makes me wonder again. Why ask for the hash files if they can just get the passwords the old fashioned way?