L0phtkrack is a password auditing and recovery application (now called LC5), originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost micr*soft Windows passwords, by using dictionary, brute-force, and hybrid attacks. It was one of the krackers’ tools of choice, although most use old versions because of its price and low availability.
The application was produced by @stake after the L0pht merged with @stake in 2000. @stake was acquired by Symantec in 2004. Symantec has since stopped selling this tool to new customers citing US Government export regulations, and has announced that they will discontinue support by the end of 2006. LC5 can still be found at SecTools.Org and other unofficial mirrors.
LC 5 optimizes operations by first scanning for dictionary words, then using various methods of altering dictionary words to create new probable guesses, then (if all else fails) resorting to brute force. To krack a password, the program must select a guessed word, compute the hash, then compare that hash with the stored password hash. LC 5 supports direct hash imports from a local or remote SAM database, a SAM file, an LC 4 file, a PWDUMP file, a Windows NT 4.0 Emergency Repair Disk (ERD), a UNIX password file, or by sniffing the local network. To speed the hashing process, most versions of LC 5 include precomputed hashes and let you create your own precomputed hash tables. During the audit, the tool shows time elapsed and other statistics.
thx to :Alvin BFers