[somebody posted the URL a day ago - though we hadn't made it publicly available at the time as we were working out some minor bugs. This is the official release. Sorry for any confusion and our appologies to anyone who D/L'd the next to final rev that we had up for a day. Just grab the newest version and remove the registry key from any previous versions - HKEY_CURRENT_USER\Software\L0pht before you install. .mudge] Document: L0pht Security Announcement URL Origin: http://www.l0pht.com/l0phtcrack/ Release Date: February 12th, 1998 Application: Windows NT, SAMBA running on Unix machines Severity: New release of l0phtcrack v2.0 Author: mudgeat_private, weldat_private Operating Sys: Windows NT, Windows 95 L0phtCrack 2.0 Released It's big. It's bad. It cuts through NT passwords like a diamond tipped, steel blade. It ferrets them out from the registry, from repair disks, and by sniffing the net like an anteater on dexadrene. For the six months since L0phtCrack 1.5 was first demonstrated publicly we have been doing usability testing and listening to the L0phtCrack user community for feature ideas. Thanks for your input. We hope you are happy with the improvements in functionality and performance. New features The long awaited SMB session network sniffer is bundled in. Collect LANMAN password hashes without administrator rights. Use built-in SAMDUMP funtion to extract the password hashes from the registry SAM file on the hard disk, an emergency repair disk, or a backup tape. Ability to save and restore a partially completed brute force attempt. Current iteration and character set are saved with the partial results. File is automatically saved every 5 minutes. When one of the halves of a LANMAN password is found it is displayed. Great for 8-12 character passwords where the 2nd half of the password is quickly brute forced. Custom character sets for brute forcing are supported. Multiprocessing brute force algorithm. Benchmarked brute force at 6 hours for A-Z characters and 62 hours for A-Z, 0-9 on a quad Pentium Pro 200. Exponential speedup for large numbers of users due to faster search algorithm. It is now feasible to brute force 10,000 users at a time, L0phtCrack is now a friendly background process. It runs at below normal priority and has the ability to completly hide and be restored with a hotkey: Ctrl-Alt-L. L0phtCrack 2.0 is shareware L0phtCrack was originally envisioned as an experimental research tool. Many system administrators, security auditors, and tiger teams have asked for specific features to make L0phtCrack a more powerful and easier to use tool. We have decided to give L0phtCrack the quality and feature set needed by computer security professionals and distribute it as shareware. The trial period is 15 days, after which the product must be registered for $50. A command-line, stripped down version of the program is available for free with source code. cheers, mudgeat_private - weldat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:35 PDT