AOH :: IS1842.HTM

After years in eclipse, L0phtCrack 6 re-released

After years in eclipse, L0phtCrack 6 re-released
After years in eclipse, L0phtCrack 6 re-released 

By Angela Gunn
March 17, 2009

A Windows password-auditing tool acquired by Symantec only to be shelved 
when the lawyers got a look at the thing has been re-acquired by its 
original authors, who have released a long-awaited Version 6 to the 
public. L0phtCrack languished for years after the company decided that 
the tool, popular with hackers, could raise liability issues.

Once upon a time, Mudge, Dildog, and Weld Pond released L0phtCrack, 
which can be used as a password-auditing tool or, if you're playing 
offense, a tool for cracking passwords on systems not belonging to you. 
In 2000, the Boston-based L0pht Heavy Industries hacker collective (est. 
1992, and famous for telling Congress they could take the Internet down 
in 30 minutes) morphed into @stake, becoming a marginally more 
mainstream security consultancy. In 2004, Symantec acquired @stake. 

To the dismay of the research staff, the far more buttoned-down (and 
lawyered-up) Symantec took one look at L0phtCrack and declared that 
selling it would run afoul of US cryptographic export regulations. A 
fifth version was released as LC5, but since 2006 Symantec has neither 
sold nor supported the product. Rights to the software recently reverted 
to the original L0pht crew, and here we are today.

Sure, it's a hacker tool, but so's a keyboard. L0phtCrack tests 
passwords with multiple techniques -- hybrid attacks, dictionary 
attacks, rainbow tables, and the ever-popular brute-force approach. That 
flexibility has obvious uses for the bad guys, but white hats can also 
effectively deploy the software to check password strength, retrieve 
lost admin passwords, smooth migrations, and so forth.


Best Selling Security Books and More! 

Site design & layout copyright © 1986-2014 CodeGods