L0phtCrack was one of the original and greatest hacking and auditing tools of the 90's.... It was a very sad day when Symantec bought out atstake.com in 2004, who owned the rights to the venerable cracker and shortly thereafter killed it, but L0phtcrack is now back in the capable hands of the original creators.
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
L0phtCrack is back!
1. L0phtCrack is back!
L0phtCrack was one of the original and greatest hacking and auditing tools of the 90’s, essentially creating the modern
LM/NTLM password auditing landscape. L0pht Heavy Industries – the creators of the tool – were instrumental in raising
awareness of both the ease of cracking passwords as well the obviousness of how poorly people choose passwords.
It was easily the most visible password cracking and auditing tool of its time, and was responsible for many administrators and
hackers alike raising awareness of password issues to management-types. It ranked high on Fyodors Top 100 Network Security
Tools list multiple times.
It was a very sad day when Symantec bought out atstake.com in 2004, who owned the rights to the venerable cracker
and shortly thereafter killed it.
But L0phtcrack is now back in the capable hands of the original creators, after an extended absence and presumably much pain
wrangling it back from the monolithic Symantec corporation.
Version 6.0 came out last year, and the new updated 6.0.10a dropped last week.
Security Admins, Penetration Testers, Script Kiddies and CISSP types now have a sweet new tool in their arsenal.
This is what it looks like
WEB PHONE EMAIL
WWW.REDSPIN.COM 800-721-9177 INFO@REDSPIN.COM
2. Thing’s I like:
Nice friendly wizard helps n00bs
64 bit target support
Rainbow Tables support
GPU acceleration
A few gripes I’ve got about it:
Could use more reporting. I’d like to be able to create custom reports detailing passwords under a certain length,
passwords meeting complexity requirements or not, and other issues I’m concerned about.
Can’t export reports.
It’s Windows only
Expensive
Overall this is a great tool if you’re a sysadmin or security geek at a large corporation and have some bucks to spend. Weak
passwords continue to be one of the easiest ways an attacker or unauthorized user gains access to critical systems. With a decent
password cracking tool at your disposal it is much easier to bring this very real risk to your boss or internal security groups
attention.
For the Linux and and Open Source fans, Ophcrack has a fair amount of the same functionality without the price tag. It does
have some shortcomings but most can be overcome with some creative scripting and post-processing of the actual crack.
Happy Cracking.
Written by Redspin Engineer, Mark Marshall, aka Fulg0re
WEB PHONE EMAIL
WWW.REDSPIN.COM 800-721-9177 INFO@REDSPIN.COM