An attacker gains access to an older company's network and begins footprinting the environment. The attacker discovers that the network is still using NTLM for authentication due to the presence of Windows XP and Server $2003$ machines. The attacker is able to intercept the authentication stream and resend the encoded password to gain access to various systems.

Which of the following MOST likely occurred in this scenario?

A

Rainbow table attack

B

Pass the hash attack

C

Birthday attack

D

Dictionary attack