LAN Manager (LM) hashes use the DES (Data Encryption Standard) algorithm to hash passwords. Here's how LM hashing works:
The password is converted to uppercase and padded/truncated to 14 characters.
Split into two 7-character halves.
Each half is used as a DES key to encrypt a constant string ("KGS!@#$%")—resulting in a 16-byte LM hash.
From CEH v13 Courseware:
Module 6: Malware Threats
Topic: Windows Password Storage & Cracking
CEH v13 Study Guide states:
“LM hashes use the DES encryption algorithm to create password hashes. Due to this method, they are highly vulnerable to brute-force attacks, particularly because they split the password into two 7-character blocks.”
Incorrect Options:
A: MD4 is used in NTLM hashes.
C: SHA is not used in LM.
D: SSL is a transport security protocol, not a hashing algorithm.
[Reference:CEH v13 Study Guide – Module 6: Password Storage and Hashing AlgorithmsMicrosoft Documentation – LM vs. NTLM Authentication, ==================================================================, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit