Uploaded bycwysopal
PPTX, PDF3,106 views

History of L0phtCrack

This document summarizes the history of L0phtCrack from 1997 to early 2016. It describes the origins and early releases of L0phtCrack by Mudge and others in 1997-2000. It then discusses later versions released by @stake from 2001-2004. After being purchased back by the original developers in 2009, L0phtCrack saw updates through 2015. An early 2016 release completely overhauled the codebase and added support for GPU, Unix, and open plugins. The document outlines future plans like Mac support, integration with other tools, and expanded reporting.

Software
In this document
Powered by AI

Introduction to L0phtCrack's journey from its inception in 1997 and a playful note about its legal drinking age.

Introduction to Hobbit's CIFS research paper in January 1997, laying groundwork for future developments.

Releases of pwdump, NTCrack, and the origins of L0phtCrack, highlighting its capabilities to crack password hashes.

Explanation of LANMAN and NTLM hash storage mechanisms that influenced L0phtCrack's functionality.

Details about L0phtCrack 1.0 and 1.5, including core features and GUI improvements made to aid administrators.

Advancements in L0phtCrack 2.0 and 2.5, focusing on built-in functionalities like registry import and enhanced attack methodologies.

Overview of the transition to LC branding for L0phtCrack, including various professional versions and features added.

LC4 and LC5 updates including GUI improvements, better packet sniffing, and new features like rainbow tables.

Details on L0phtCrack 6 and 7, focusing on modernization, feature expansion, support for multiple OS, and API integration.

Closing remarks and future goals of L0phtCrack including support for more platforms and advanced features.

Embed presentation

Downloaded 17 times
THE STORY OF FROM 1997 TO 2015 Yes, L0phtCrack can drink legally now.
HOBBIT'S CIFS RESEARCH PAPER JANUARY 1997
Jeremy Allison released pwdump on 3/24/1997 Inspired to reverse engineer for Linux to NT interoperability for SAMBA Can dump password hashes from Windows NT registry but not crack Jonathan Wilkins released NTCrack on 3/28/1997 Can crack LANMAN hashes only Mudge released L0phtCrack on 4/11/1997 Cracks both LANMAN and NTLM hashes Origins of L0phtCrack
For each user, LANMAN hashes stored alongside NTLM for backwards compatibility. LANMAN Passwords uppercased and split into two 7 character passwords for hashing. This scheme persisted until Windows Vista shipped Jan 2007! Windows NT Password Hash Refresher
L0PHTCRACK 1.0 4/11/1997 • Core engine written by Mudge • GUI version written by Weld Pond • Imports hashes from Jeremy Allison's PWDUMP • Microsoft responds with SYSKEY on 5/15/1997 in NT4 SP3
• Windows administrators need a GUI • Put the tools for password cracking in one program L0phtCrack 1.5 Pivots from POC to Administrator/Pen Tester Tool
L0PHTCRACK 1.5 7/12/1997 • GUI update to fix Brute Forcing bugs • Challenge/Response hash cracking added • Built-in hash dumping • Shareware license • U.S. Government Accounting Office becomes first paying customer
L0PHTCRACK 2.0 2/16/1998 • Built-in sniffing for challenge/response • Ability to import SAM registry hive added • First commercial version with 14-day trial license
L0PHTCRACK 2.5 1/13/1999 • DilDog joins L0pht as to work on L0phtCrack full- time. • DES core rewritten with optimized assembly algorithm. • Hybrid dictionary/brute attack added
January 2000
L0PHTCRACK 3.0 (PRE) 1/24/2000 • Never Released • Last Version with L0pht branding • Added session-based interface • Added L0phtCrack Wizard • Added import from remote registry
LC3 (SST) 4/6/2001 • Released by "Security Software Technologies" • Added 'distributed' cracking • SST not allowed to use L0pht name on L0phtCrack, 'LC' used instead.
LC3 (@stake) 5/18/2001 • Three versions: Professional, Admin, and Consultant
LC4 (@stake) 5/14/2002 • Rob Cheyne added to team • GUI improvements: sorting, exporting, SCBS code pages • Hybrid mode improved to use more combinations • Multiple dictionary support
LC5 (@stake) 9/2/2004 • Ian Melven added to team, uncredited • Windows 2003 update, better packet sniffer • Rainbow Tables added • Audit Scheduling • Windows Domain Remediation • Support Options
September 16, 2004
FOUR YEARS PASS...
December 31, 2008
L0phtCrack 6 3/11/2009 • Original development team, DilDog, Weld Pond, Mudge, purchase LC back from Symantec. • UI Modernization • 21 Service releases and updates through to 2015 • Support for 64-bit, Windows Vista, and Windows 7, and Windows Server up to 2012r2 • Basic Unix Hash Support
Goals Of L0phtCrack Today • Put all the tools for password auditing in one program • Make it easy for the enterprise to adopt with remediation and reports • Support modern hardware, operating systems, and hash formats • Support more than just Windows • Include more of the security community!
Challenges • Better ways to extract hashes. • Remote extraction is more difficult these days, remote UAC, firewalls • Sniffer out of date • GPU challenges: Keeping the GPU fully busy. Not all GPUs are that fast, CPU can be faster!
ANNOUNCING Early 2016
L0phtCrack 7 Early 2016 • Complete code overhaul by DilDog. 100% new codebase. • Converted from MFC to Qt for eventual portability • New cracking engine based on John The Ripper • Multi-GPU OpenCL, CUDA and CPU multi-core • SSSE3, SSE4.1, AVX, XOP, AVX2 optimizations,
L0phtCrack 7 Early 2016 • JtR complex wordlist rules • Full Unicode and character set support • Queue-based operation • Completely overhauled scheduler • Full Unix support for Linux, Solaris, BSD and AIX hashes w/ssh remote extraction. • Automatic update notification
L0phtCrack 7 Early 2016 Calibration selects which hardware and algorithms fastest
Completely Pluggable API • Open Source API allows third-party plugins to work with L0phtCrack. Beginning of a software ecosystem • All features in L0phtCrack are implemented as plugins using the API. • API is beta, will be released shortly after launch, available on GitHub. • Non-core features to be moved to plugins Pluggable Units of IBM 604 calculator from 1948. Ran at 50 kHz.
Future Directions • Mac OS X support. • Port GUI to OS X and Linux • Support for other cracking engines. • Hint: hashcat and oclHashcat now open source • Enterprise reporting/analytics • More import modules, such as creddump, mimikatz, volume shadow copy, etc. • Wireshark plugin for sniffing • Database hashes • More than just password cracking! • Add support for Nmap • Network inventory
THANK YOU! Chris Wysopal @weldpond support@l0phtcrack.com

More Related Content

PDF
Kubernetes Introduction
byPeng Xiao
 
PDF
〈야생의 땅: 듀랑고〉 서버 아키텍처 Vol. 3
byHeungsub Lee
 
PDF
클라우드의 대세 쿠버네티스란 무엇인가?(윤성훈 클라우드 솔루션 아키텍트) - Webinar
byNAVER CLOUD PLATFORMㅣ네이버 클라우드 플랫폼
 
PPTX
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
bySeungYong Oh
 
PDF
[KGC 2012]Boost.asio를 이용한 네트웍 프로그래밍
by흥배 최
 
PPTX
What is component in reactjs
bymanojbkalla
 
PDF
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
bySeungYong Oh
 
PDF
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
bySANG WON PARK
 
Kubernetes Introduction
byPeng Xiao
 
〈야생의 땅: 듀랑고〉 서버 아키텍처 Vol. 3
byHeungsub Lee
 
클라우드의 대세 쿠버네티스란 무엇인가?(윤성훈 클라우드 솔루션 아키텍트) - Webinar
byNAVER CLOUD PLATFORMㅣ네이버 클라우드 플랫폼
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
bySeungYong Oh
 
[KGC 2012]Boost.asio를 이용한 네트웍 프로그래밍
by흥배 최
 
What is component in reactjs
bymanojbkalla
 
Elastic Stack 을 이용한 게임 서비스 통합 로깅 플랫폼 - elastic{on} 2019 Seoul
bySeungYong Oh
 
Apache kafka 모니터링을 위한 Metrics 이해 및 최적화 방안
bySANG WON PARK
 

What's hot

PPTX
API
byMasters Academy
 
PPTX
Dockers and containers basics
bySourabh Saxena
 
PDF
Node.js API 서버 성능 개선기
byJeongHun Byeon
 
PPTX
[넥슨] kubernetes 소개 (2018)
by용호 최
 
PDF
Hello, kafka! (an introduction to apache kafka)
byTimothy Spann
 
PPTX
Rancher and Kubernetes Best Practices
byAvinash Patil
 
PDF
The Log of All Logs: Raft-based Consensus Inside Kafka | Guozhang Wang, Confl...
byHostedbyConfluent
 
PDF
서버 성능에 대한 정의와 이해
by중선 곽
 
PDF
[2018] 오픈스택 5년 운영의 경험
byNHN FORWARD
 
PPTX
GitLab과 Kubernetes를 통한 CI/CD 구축
by철구 김
 
PDF
해외 사례로 보는 Billing for OpenStack Solution
byNalee Jang
 
PDF
Iocp 기본 구조 이해
byNam Hyeonuk
 
PDF
Introduction to Kong API Gateway
byYohann Ciurlik
 
PDF
Automatisierte infrastruktur mit ansible
byStephan Hochhaus
 
PDF
Demystfying container-networking
byBalasundaram Natarajan
 
PDF
AWS로 게임의 공통 기능 개발하기! - 채민관, 김민석, 한준식 :: AWS Game Master 온라인 세미나 #2
byAmazon Web Services Korea
 
PDF
Apache Kafka Architecture & Fundamentals Explained
byconfluent
 
PDF
Taller docker _es-cl
byFelipe de Morais
 
PDF
KSQL: Open Source Streaming for Apache Kafka
byconfluent
 
PDF
모두의 쿠버네티스 (Kubernetes for everyone)
byEunwoo Cho
 
API
byMasters Academy
 
Dockers and containers basics
bySourabh Saxena
 
Node.js API 서버 성능 개선기
byJeongHun Byeon
 
[넥슨] kubernetes 소개 (2018)
by용호 최
 
Hello, kafka! (an introduction to apache kafka)
byTimothy Spann
 
Rancher and Kubernetes Best Practices
byAvinash Patil
 
The Log of All Logs: Raft-based Consensus Inside Kafka | Guozhang Wang, Confl...
byHostedbyConfluent
 
서버 성능에 대한 정의와 이해
by중선 곽
 
[2018] 오픈스택 5년 운영의 경험
byNHN FORWARD
 
GitLab과 Kubernetes를 통한 CI/CD 구축
by철구 김
 
해외 사례로 보는 Billing for OpenStack Solution
byNalee Jang
 
Iocp 기본 구조 이해
byNam Hyeonuk
 
Introduction to Kong API Gateway
byYohann Ciurlik
 
Automatisierte infrastruktur mit ansible
byStephan Hochhaus
 
Demystfying container-networking
byBalasundaram Natarajan
 
AWS로 게임의 공통 기능 개발하기! - 채민관, 김민석, 한준식 :: AWS Game Master 온라인 세미나 #2
byAmazon Web Services Korea
 
Apache Kafka Architecture & Fundamentals Explained
byconfluent
 
Taller docker _es-cl
byFelipe de Morais
 
KSQL: Open Source Streaming for Apache Kafka
byconfluent
 
모두의 쿠버네티스 (Kubernetes for everyone)
byEunwoo Cho
 

Viewers also liked

PDF
Nigerian design and digital marketing agency
bySamson Aligba
 
PDF
VideoLan VLC Player App Artifact Report
byAziz Sasmaz
 
PDF
Machine Learning and Hadoop: Present and Future
byData Science London
 
PDF
Intro to linux performance analysis
byChris McEniry
 
PDF
Samsung mobile root
byBlack Peacocks
 
PDF
脆弱性診断って何をどうすればいいの?(おかわり)
by脆弱性診断研究会
 
PDF
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
byFalgun Rathod
 
PPTX
Dangerous google dorks
byWitgie Solutions
 
PDF
How to Setup A Pen test Lab and How to Play CTF
byn|u - The Open Security Community
 
PDF
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
byGiovanni Marco Dall'Olio
 
PPTX
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
byRavi Rajput
 
PDF
Hacking in shadows By - Raghav Bisht
byRaghav Bisht
 
PPT
Learning sed and awk
byYogesh Sawant
 
PDF
Nmap Basics
byamiable_indian
 
PPTX
Nmap 9 truth "Nothing to say any more"
byabend_cve_9999_0001
 
PDF
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
PDF
Linux intro 4 awk + makefile
byGiovanni Marco Dall'Olio
 
PDF
Linux intro 5 extra: makefiles
byGiovanni Marco Dall'Olio
 
PDF
Linux intro 2 basic terminal
byGiovanni Marco Dall'Olio
 
PDF
Linux intro 5 extra: awk
byGiovanni Marco Dall'Olio
 
Nigerian design and digital marketing agency
bySamson Aligba
 
VideoLan VLC Player App Artifact Report
byAziz Sasmaz
 
Machine Learning and Hadoop: Present and Future
byData Science London
 
Intro to linux performance analysis
byChris McEniry
 
Samsung mobile root
byBlack Peacocks
 
脆弱性診断って何をどうすればいいの?(おかわり)
by脆弱性診断研究会
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
byFalgun Rathod
 
Dangerous google dorks
byWitgie Solutions
 
How to Setup A Pen test Lab and How to Play CTF
byn|u - The Open Security Community
 
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
byGiovanni Marco Dall'Olio
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
byRavi Rajput
 
Hacking in shadows By - Raghav Bisht
byRaghav Bisht
 
Learning sed and awk
byYogesh Sawant
 
Nmap Basics
byamiable_indian
 
Nmap 9 truth "Nothing to say any more"
byabend_cve_9999_0001
 
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
Linux intro 4 awk + makefile
byGiovanni Marco Dall'Olio
 
Linux intro 5 extra: makefiles
byGiovanni Marco Dall'Olio
 
Linux intro 2 basic terminal
byGiovanni Marco Dall'Olio
 
Linux intro 5 extra: awk
byGiovanni Marco Dall'Olio
 

Similar to History of L0phtCrack

PDF
Hackers manual 2015 revised edition
byMD. Monzurul Karim Shanchay
 
PDF
Intrusion Techniques
byFestival Software Livre
 
PDF
Cuda cracking
byRohit Shaw
 
PDF
Thug: a new low-interaction honeyclient
byAngelo Dell'Aera
 
PDF
Hack Attack! An Introduction to Penetration Testing
bySteve Phillips
 
PDF
Hacking school computers for fun profit and better grades short
byVincent Ohprecio
 
PDF
Free Computer Forensic Software's list - by Forensic Control
byraiyankhair47
 
PPT
4.Tools-and-Methods-Used-in-Cybercrime-part-1.ppt
byKalvikarasiR19
 
PPTX
Mis 450 final presentation
byGianna Passarelli
 
PDF
Autopsy 3.0 - Open Source Digital Forensics Conference
byBasis Technology
 
PPTX
Auditing System Password Using L0phtcrack
byVishal Kumar
 
PDF
Hide and seek - interesting uses of forensics and covert channels.
bytkisason
 
PDF
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
byChris Gates
 
PDF
CarolinaCon 2008 Rootkits Then and Now
byTyler Shields
 
PDF
Hacking
bySahilGothoskar
 
PDF
OS Mélange
byguest9006ab
 
PPTX
powe point presentation on kali linux and ethical hacking
bydhruvpawar010
 
PPTX
Password cracking
byIlan Mindel
 
PDF
DefCon 2012 - Rooting SOHO Routers
byMichael Smith
 
PPTX
Course 101 - Password Recovery in Forensic.pptx
byRoNTertainmentTV
 
Hackers manual 2015 revised edition
byMD. Monzurul Karim Shanchay
 
Intrusion Techniques
byFestival Software Livre
 
Cuda cracking
byRohit Shaw
 
Thug: a new low-interaction honeyclient
byAngelo Dell'Aera
 
Hack Attack! An Introduction to Penetration Testing
bySteve Phillips
 
Hacking school computers for fun profit and better grades short
byVincent Ohprecio
 
Free Computer Forensic Software's list - by Forensic Control
byraiyankhair47
 
4.Tools-and-Methods-Used-in-Cybercrime-part-1.ppt
byKalvikarasiR19
 
Mis 450 final presentation
byGianna Passarelli
 
Autopsy 3.0 - Open Source Digital Forensics Conference
byBasis Technology
 
Auditing System Password Using L0phtcrack
byVishal Kumar
 
Hide and seek - interesting uses of forensics and covert channels.
bytkisason
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
byChris Gates
 
CarolinaCon 2008 Rootkits Then and Now
byTyler Shields
 
Hacking
bySahilGothoskar
 
OS Mélange
byguest9006ab
 
powe point presentation on kali linux and ethical hacking
bydhruvpawar010
 
Password cracking
byIlan Mindel
 
DefCon 2012 - Rooting SOHO Routers
byMichael Smith
 
Course 101 - Password Recovery in Forensic.pptx
byRoNTertainmentTV
 

Recently uploaded

PDF
DSD-INT 2025 Stochastic flood event generation using wflow and a diffusion do...
byDeltares
 
PDF
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
PDF
Solved First Semester B.C.A. C Programming Question Paper – Jan/Feb 2025
byKuvempu University
 
PPTX
OTT Content Analytics Enhanced by ALTBalaji Data Scraping.pptx
byyashpatric
 
PDF
How Modern Custom Software is Revolutionizing Mortgage Lending Processes -Ma...
byMatellio
 
PPTX
SAP FICO Training Agenda for new learners
bysasidhar unnagiri
 
PDF
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
PDF
Microservices-Final !!!!!!!!!!!!!!!!.pdf
bydoquangminh962004
 
PDF
Jeremy Millul - An NYU Computer Science Graduate
byJeremy Millul
 
PPTX
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
PDF
DSD-INT 2025 Managing low flows in the International Meuse Basin with Nature-...
byDeltares
 
PDF
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
PDF
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
PDF
Manual vs Automated Accessibility Testing – What to Choose in 2025.pdf
bykalichargn70th171
 
PPTX
AI Agent Overview - Why we need AI Agent
byAlokGope
 
PDF
How NetSuite Cloud ERP Helps Businesses Overcome Legacy System Downtime.
byTechWize
 
PDF
DSD-INT 2025 Hydrological Modelling in Society Assumptions, Impacts, and Appl...
byDeltares
 
PPTX
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
PDF
Coding Assessment Tools .pdf
byCodexpro
 
PDF
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
DSD-INT 2025 Stochastic flood event generation using wflow and a diffusion do...
byDeltares
 
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
Solved First Semester B.C.A. C Programming Question Paper – Jan/Feb 2025
byKuvempu University
 
OTT Content Analytics Enhanced by ALTBalaji Data Scraping.pptx
byyashpatric
 
How Modern Custom Software is Revolutionizing Mortgage Lending Processes -Ma...
byMatellio
 
SAP FICO Training Agenda for new learners
bysasidhar unnagiri
 
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
Microservices-Final !!!!!!!!!!!!!!!!.pdf
bydoquangminh962004
 
Jeremy Millul - An NYU Computer Science Graduate
byJeremy Millul
 
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
DSD-INT 2025 Managing low flows in the International Meuse Basin with Nature-...
byDeltares
 
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
Manual vs Automated Accessibility Testing – What to Choose in 2025.pdf
bykalichargn70th171
 
AI Agent Overview - Why we need AI Agent
byAlokGope
 
How NetSuite Cloud ERP Helps Businesses Overcome Legacy System Downtime.
byTechWize
 
DSD-INT 2025 Hydrological Modelling in Society Assumptions, Impacts, and Appl...
byDeltares
 
NSF Converter Software to Convert NSF to PST, EML, MSG
byNSF Converter Software
 
Coding Assessment Tools .pdf
byCodexpro
 
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 

History of L0phtCrack

  • 1.
    THE STORY OF FROM1997 TO 2015 Yes, L0phtCrack can drink legally now.
  • 3.
    HOBBIT'S CIFS RESEARCHPAPER JANUARY 1997
  • 4.
    Jeremy Allison releasedpwdump on 3/24/1997 Inspired to reverse engineer for Linux to NT interoperability for SAMBA Can dump password hashes from Windows NT registry but not crack Jonathan Wilkins released NTCrack on 3/28/1997 Can crack LANMAN hashes only Mudge released L0phtCrack on 4/11/1997 Cracks both LANMAN and NTLM hashes Origins of L0phtCrack
  • 5.
    For each user,LANMAN hashes stored alongside NTLM for backwards compatibility. LANMAN Passwords uppercased and split into two 7 character passwords for hashing. This scheme persisted until Windows Vista shipped Jan 2007! Windows NT Password Hash Refresher
  • 6.
    L0PHTCRACK 1.0 4/11/1997 •Core engine written by Mudge • GUI version written by Weld Pond • Imports hashes from Jeremy Allison's PWDUMP • Microsoft responds with SYSKEY on 5/15/1997 in NT4 SP3
  • 7.
    • Windows administratorsneed a GUI • Put the tools for password cracking in one program L0phtCrack 1.5 Pivots from POC to Administrator/Pen Tester Tool
  • 8.
    L0PHTCRACK 1.5 7/12/1997 •GUI update to fix Brute Forcing bugs • Challenge/Response hash cracking added • Built-in hash dumping • Shareware license • U.S. Government Accounting Office becomes first paying customer
  • 9.
    L0PHTCRACK 2.0 2/16/1998 •Built-in sniffing for challenge/response • Ability to import SAM registry hive added • First commercial version with 14-day trial license
  • 10.
    L0PHTCRACK 2.5 1/13/1999 •DilDog joins L0pht as to work on L0phtCrack full- time. • DES core rewritten with optimized assembly algorithm. • Hybrid dictionary/brute attack added
  • 11.
  • 12.
    L0PHTCRACK 3.0 (PRE)1/24/2000 • Never Released • Last Version with L0pht branding • Added session-based interface • Added L0phtCrack Wizard • Added import from remote registry
  • 13.
    LC3 (SST) 4/6/2001 •Released by "Security Software Technologies" • Added 'distributed' cracking • SST not allowed to use L0pht name on L0phtCrack, 'LC' used instead.
  • 14.
    LC3 (@stake) 5/18/2001 •Three versions: Professional, Admin, and Consultant
  • 15.
    LC4 (@stake) 5/14/2002 •Rob Cheyne added to team • GUI improvements: sorting, exporting, SCBS code pages • Hybrid mode improved to use more combinations • Multiple dictionary support
  • 16.
    LC5 (@stake) 9/2/2004 •Ian Melven added to team, uncredited • Windows 2003 update, better packet sniffer • Rainbow Tables added • Audit Scheduling • Windows Domain Remediation • Support Options
  • 17.
  • 18.
  • 19.
  • 20.
    L0phtCrack 6 3/11/2009 •Original development team, DilDog, Weld Pond, Mudge, purchase LC back from Symantec. • UI Modernization • 21 Service releases and updates through to 2015 • Support for 64-bit, Windows Vista, and Windows 7, and Windows Server up to 2012r2 • Basic Unix Hash Support
  • 21.
    Goals Of L0phtCrackToday • Put all the tools for password auditing in one program • Make it easy for the enterprise to adopt with remediation and reports • Support modern hardware, operating systems, and hash formats • Support more than just Windows • Include more of the security community!
  • 22.
    Challenges • Better waysto extract hashes. • Remote extraction is more difficult these days, remote UAC, firewalls • Sniffer out of date • GPU challenges: Keeping the GPU fully busy. Not all GPUs are that fast, CPU can be faster!
  • 23.
  • 24.
    L0phtCrack 7 Early2016 • Complete code overhaul by DilDog. 100% new codebase. • Converted from MFC to Qt for eventual portability • New cracking engine based on John The Ripper • Multi-GPU OpenCL, CUDA and CPU multi-core • SSSE3, SSE4.1, AVX, XOP, AVX2 optimizations,
  • 25.
    L0phtCrack 7 Early2016 • JtR complex wordlist rules • Full Unicode and character set support • Queue-based operation • Completely overhauled scheduler • Full Unix support for Linux, Solaris, BSD and AIX hashes w/ssh remote extraction. • Automatic update notification
  • 26.
    L0phtCrack 7 Early2016 Calibration selects which hardware and algorithms fastest
  • 27.
    Completely Pluggable API •Open Source API allows third-party plugins to work with L0phtCrack. Beginning of a software ecosystem • All features in L0phtCrack are implemented as plugins using the API. • API is beta, will be released shortly after launch, available on GitHub. • Non-core features to be moved to plugins Pluggable Units of IBM 604 calculator from 1948. Ran at 50 kHz.
  • 28.
    Future Directions • MacOS X support. • Port GUI to OS X and Linux • Support for other cracking engines. • Hint: hashcat and oclHashcat now open source • Enterprise reporting/analytics • More import modules, such as creddump, mimikatz, volume shadow copy, etc. • Wireshark plugin for sniffing • Database hashes • More than just password cracking! • Add support for Nmap • Network inventory
  • 29.

Editor's Notes

  • #2 Personal intro Its been a bit of a cat and mouse game with Microsoft over many years. Surprisingly L0phtCrack has been owned by 5 organizations over the years.
  • #3 I saw this sign on my way home from the pub last night in Cambridge so of course I had to use it.
  • #4 Many think windows password crackers started with Jeremy Allison but Hobbits research was a precursor. Dan Farmer’s pwc which was part of COPS in 1990 and Alec Muffet’s crack (1993) were the first password crackers for Unix.
  • #5 NTLM is easy once you have the LANMAN as you can just cycle through all the casing posibilities.
  • #6 Microsoft had originally claimed it would take years to crack. Even though they used no salt. Reverse engineering and attack tools are a requirement for assessing security. Making the theoretical practical.
  • #7 SYSKEY of course was just security theater. It took 10 years for microsoft to remove lanman hash by default
  • #8 Creating a GUI enabled another class of users. Windows administrators.
  • #10 Samdump functionality. Of course the licensing was cracked right away.
  • #11 Revenue from selling L0phtCrack now allows some of the L0pht members to become full time employees.
  • #12 Didn’t sell any tools or technology. Just the people and brand.
  • #13 Not allowed to use the l0pht brand.
  • #16 You can see from the look and feel it is losing its underground edge. And frankly it was falling a bit behind the state of the art. John the ripper had better wordlist rules.
  • #18 This almost doomed L0phtCrack. A funny thing happened along the way. McAfee started flagging lc5 as a malicious tool!
  • #19 Symantec End of Lifes LC5. We approach Symantec and purchase the technology and name.
  • #21 L0phtCrack gets its name back! In the transaction we also got the l0pht name back.
  • #22 So I am happy to say L0phtCrack is alive and well today and we are still developing it.
  • #30 So you can tell from the investment we are making in L0phtCrack 7 that we think passwords in Windows and Unix will be around for a long time. It was 10 years before Microsoft felt safe removing LM hash.