nerdexam
EC-Council

312-50V9 · Question #567

You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

The correct answer is B. DES. The LAN Manager (LM) hash algorithm uses DES to encrypt a fixed plaintext with each half of the password as the key, making DES the algorithm being attacked during LM hash cracking.

System Hacking

Question

You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

Options

  • AMD4
  • BDES
  • CSHA
  • DSSL

How the community answered

(27 responses)
  • B
    89% (24)
  • C
    7% (2)
  • D
    4% (1)

Why each option

The LAN Manager (LM) hash algorithm uses DES to encrypt a fixed plaintext with each half of the password as the key, making DES the algorithm being attacked during LM hash cracking.

AMD4

MD4 is the algorithm used to produce NTLM hashes from the Unicode password, not LM hashes.

BDESCorrect

LM hashing works by converting the password to uppercase, padding it to 14 characters, and splitting it into two 7-byte halves. Each 7-byte half is then used as a DES key to encrypt the fixed constant string 'KGS!@#$%', producing two 8-byte ciphertext blocks that are concatenated into the 16-byte LM hash. A brute-force tool targeting the SAM file LM hash is therefore breaking DES encryption, not a hash or asymmetric cipher.

CSHA

SHA (Secure Hash Algorithm) is not used in any stage of LM hash computation.

DSSL

SSL is a transport-layer security protocol and plays no role in how LM hashes are computed or stored.

Concept tested: LM hash construction using DES encryption

Source: https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password

Topics

#LM hash#DES encryption#Windows SAM#password cracking

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice