What two files are commonly attacked using offline brute-force attacks?

The two files commonly attacked using offline brute-force attacks are the Windows Security Account Manager (SAM) and the Linux /etc/shadow file.

The Windows SAM file stores hashed passwords for local user accounts on a Windows operating system. When an attacker gains access to the SAM file, they can perform an offline brute-force attack, attempting to guess the passwords by comparing potential passwords against the hashed values stored in the SAM. This method is particularly effective since it does not require the attacker to interact with the system in real-time, allowing them to use significant computational resources to attempt to crack the hashes.

Similarly, the /etc/shadow file in Linux contains hashed password information along with relevant password expiry data. This file is generally more secure because it is accessible only by privileged users. However, when an attacker can access the /etc/shadow file, they can also perform offline brute-force attacks to identify user passwords based on the hash values.

The other options include files that either do not contain password information or are structured in a way that makes them less viable targets for offline brute-force attacks. For example, the Windows registry contains various system settings rather than password hashes, while /etc/passwd, while containing user account information, generally holds less secure, non-h