Exam 312-50v13 topic 1 question 142 discussion

Correct: C o Since Windows Vista/Server 2008, insecure LM hashes are not stored – this means that there is BLANK password – i. e. NULL character. o LM password is always padded up to 14 characters by appending NULL characters. o This means that in this case, NULL password is padded with another 13 NULL characters up to 14 NULL characters. o LM hash is computed so that the 14 characters are splits into two 7-character chunks and each is hashed individually before sticking them back together to form final LM hash. o LM-hashed 7-character NULL string = AAD3B435B51404EE – concatenate two of these and you get AAD3B435B51404EEAAD3B435B51404EE (two same hashes AAD3B435B51404EE connected together) = LM hash of EMPTY (BLANK) PASSWORD – this is alwas the same as LM hashing doesn't use salt. o Also if password exceeds 14 characters, LM hash is not stored (you will see again BLANK password hash in the SAM database - as shown above), so option B) could be also correct, but BLANK password is NOT considered “dummy value” as B) suggests, so correct is C).

LAN Manager (LM) hashes are considered weak and highly vulnerable to attacks (such as rainbow table attacks). Starting with Windows Vista and later versions, LM hash storage was disabled by default due to security concerns.