nerdexam
EC-Council

312-50V13 · Question #129

How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

The correct answer is B. The right most portion of the hash is always the same. This question tests knowledge about the well-known weaknesses of the Windows LM hash, specifically how it handles passwords shorter than 8 characters.

Submitted by tom_us· Mar 6, 2026System Hacking

Question

How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

Options

  • AThere is no way to tell because a hash cannot be reversed
  • BThe right most portion of the hash is always the same
  • CThe hash always starts with AB923D
  • DThe left most portion of the hash is always the same
  • EA portion of the hash will be all 0's

How the community answered

(34 responses)
  • A
    3% (1)
  • B
    91% (31)
  • D
    6% (2)

Why each option

This question tests knowledge about the well-known weaknesses of the Windows LM hash, specifically how it handles passwords shorter than 8 characters.

AThere is no way to tell because a hash cannot be reversed

While a hash cannot be reversed to plaintext, specific patterns in weak hashing algorithms like LM can reveal properties about the original password, such as its length relative to 8 characters.

BThe right most portion of the hash is always the sameCorrect

When an LM hash is generated for a password less than 8 characters, the password is padded with null characters to 14 bytes, then split into two 7-byte halves, each hashed independently. The second 7-byte half (representing the rightmost portion) will always be a hash of the null-padded string, resulting in a constant, predictable hash value (AADCFAA4076C87AA) for that half, revealing the password's short length.

CThe hash always starts with AB923D

The LM hash does not always start with a fixed sequence like AB923D; its beginning varies significantly based on the first 7 characters of the password.

DThe left most portion of the hash is always the same

The left-most portion of the hash varies significantly depending on the first seven characters of the password, thus it is not always the same.

EA portion of the hash will be all 0's

While the process involves padding with null characters, the hash itself does not become all zeros; it produces a specific, constant hash value for the second half when the password is short.

Concept tested: LM hash weakness; short passwords

Source: learn.microsoft.com/en-us/troubleshoot/windows-server/identity/windows-password-hashing-function

Topics

#LM hash weaknesses#password length#hash analysis#Windows passwords

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice