312-50V11 · Question #675
How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?
The correct answer is B. The right most portion of the hash is always the same. LM hashing splits a password into two independent 7-character halves; a password under 8 characters produces a fixed, predictable right-side hash due to null-byte padding.
Question
How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?
Options
- AThere is no way to tell because a hash cannot be reversed
- BThe right most portion of the hash is always the same
- CThe hash always starts with AB923D
- DThe left most portion of the hash is always the same
- EA portion of the hash will be all 0's
How the community answered
(32 responses)- B94% (30)
- C3% (1)
- E3% (1)
Why each option
LM hashing splits a password into two independent 7-character halves; a password under 8 characters produces a fixed, predictable right-side hash due to null-byte padding.
Due to LM's split-hashing design, length information can be inferred from the right half, so the claim that no information can be derived from the hash is incorrect.
The LM algorithm pads a password to 14 characters and splits it into two 7-character halves, hashing each independently with DES. If the password is 7 characters or fewer, the second half is entirely null bytes, which always produces the fixed DES output 'AAD3B435B51404EE' - so the rightmost portion of the LM hash being this constant value reliably indicates the password is 7 or fewer characters long.
LM hashes do not begin with a fixed prefix like 'AB923D'; the left portion varies based on whatever the first 7 characters of the password are.
The leftmost portion reflects the first 7 characters of the password and changes with different passwords, so it is not a fixed indicator of short password length.
Short passwords do not produce an all-zero right half; the null-padded DES computation outputs the specific non-zero fixed value 'AAD3B435B51404EE', not all zeros.
Concept tested: LM hash structure and password length inference
Source: https://learn.microsoft.com/en-us/windows-server/security/kerberos/passwords-technical-overview
Topics
Community Discussion
No community discussion yet for this question.