Seminal password tool rises from Symantec ashes More than three years after Symantec unceremoniously pulled the plug on L0phtcrack, the seminal tool for auditing and cracking passwords is back with a set of new capabilities. Starting Wednesday, L0phtcrack 6 is available from the same team of hackers who introduced it to the world a decade ago. The program was pulled from …
I remember doing a week long course that a large finincial company I used to work for commissioned from @stake, all about IT security incident response. It was great, particualrly the guy who took it, an unashamed geek - all the logs that we worked from had servernames like 'zen', 'servilan', 'orac', which he confessed were his home computers. (I can hardly talk, mine are all named after the frinkiac7 in one way or another...
I remember using this about a decade ago. At the time I was helping the Admin at school to secure the network (he'd just started, and we all knew the holes, as we'd been using them for years).
I noticed while rooting around that the password database on the NT DC was left on an unsecured share and I made a copy and took it home.
A week(!) later I brought back 200 double-sided pages of A4 containing everyone's username and password, including administrator (except mine of course). He actually toyed with the idea of changing it so the users couldnt change passwords so he could just tell them their password when they forgot. Instead we implemented a password strength policy.
It was amusing seeing the headmistresses password was... password, and of course the first one picked up by l0phtcrack. How much fun I could have had, pity I'm such an honest guy.
...this fucking horrible GUI?
l0pt has totally lost it's edge. Apart from Rainbow table support in the expensive version, this has nothing that l0tpcrack 5 didn't. It's basically a new, unpleasant, GUI with rtgen/rainbowcrack hacked in somewhere around the back.
If you're a GUI kinda guy, you could have downloaded Cain & Able, which has every feature in the new l0pt and many more more...for free.
If you're like me and prefer to do things on the command line, where you can be a little more precise and know exactly what's going on, then you won't give two shits about this anyway.
Utter, utter crap.
Everything Symantec touches seems to get infinitely worse, apart from Norton, which was, and still is, at rock bottom (it does more damage the most aggressive virii).
More from these ashes:
http://www.l0phtcrack.com/disclaimer.html
"Disclaimer
Attention Overseas Customers As required by law, L0phtcrack is subject to United States export controls. L0phtCrack may not be downloaded or otherwise exported or re-exported outside the United State. By downloading or using L0phtCrack, you are agreeing to the foregoing and all applicable export control laws. You are also warranting that you are not under the control of, located in, or a resident or national of any country that is not the United States. The information on export laws provided herein is not necessarily complete. For more information on export laws, please refer to the United States Commerce Department Bureau of Export Administration at (202) 482-2440, or (202) 482-4811."
Tip of the century: If you don't want people outside the US to download/use your crap, forget about advertising at all and remove the @#$%!* site from the world wide web. Useless piece of shit littering the rest of the world's internet.
Second, the price they are peddling it at it's completely pointless in comparison to the (freely available!) tools that have been available on *nix systems for years and are just as good in the right hands, if not better. Old fogeys trying to rejoin the game, well you lost it already. Don't forget your walker on the way out.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
