Yup we came out with l0phtCrack v2.0

Mudgenski Von Splat (mudge@L0PHT.COM)
Thu, 12 Feb 1998 18:44:34 -0500

[somebody posted the URL a day ago - though we hadn't made it publicly
available at the time as we were working out some minor bugs. This is
the official release. Sorry for any confusion and our appologies to
anyone who D/L'd the next to final rev that we had up for a day.
Just grab the newest version and remove the registry key from any previous
versions - HKEY_CURRENT_USER\Software\L0pht before you install. .mudge]

Document: L0pht Security Announcement
URL Origin: http://www.l0pht.com/l0phtcrack/
Release Date: February 12th, 1998
Application: Windows NT, SAMBA running on Unix machines
Severity: New release of l0phtcrack v2.0
Author: mudge@l0pht.com, weld@l0pht.com
Operating Sys: Windows NT, Windows 95

L0phtCrack 2.0 Released

It's big. It's bad. It cuts through NT passwords like a diamond
tipped, steel blade. It ferrets them out from the registry, from
repair disks, and by sniffing the net like an anteater on
dexadrene.

For the six months since L0phtCrack 1.5 was first demonstrated publicly
we have been doing usability testing and listening to the L0phtCrack
user community for feature ideas. Thanks for your input. We hope you
are happy with the improvements in functionality and performance.

New features

The long awaited SMB session network sniffer is bundled in.
Collect LANMAN password hashes without administrator rights.

Use built-in SAMDUMP funtion to extract the password hashes
from the registry SAM file on the hard disk, an emergency repair
disk, or a backup tape.

Ability to save and restore a partially completed brute force
attempt. Current iteration and character set are saved with the
partial results. File is automatically saved every 5 minutes.

When one of the halves of a LANMAN password is found it is
displayed. Great for 8-12 character passwords where the 2nd
half of the password is quickly brute forced.

Custom character sets for brute forcing are supported.

Multiprocessing brute force algorithm. Benchmarked brute force
at 6 hours for A-Z characters and 62 hours for A-Z, 0-9 on a
quad Pentium Pro 200.

Exponential speedup for large numbers of users due to faster
search algorithm. It is now feasible to brute force 10,000 users
at a time,

L0phtCrack is now a friendly background process. It runs at
below normal priority and has the ability to completly hide and
be restored with a hotkey: Ctrl-Alt-L.

L0phtCrack 2.0 is shareware

L0phtCrack was originally envisioned as an experimental research tool.
Many system administrators, security auditors, and tiger teams have
asked for specific features to make L0phtCrack a more powerful and
easier to use tool. We have decided to give L0phtCrack the quality and
feature set needed by computer security professionals and distribute it
as shareware.

The trial period is 15 days, after which the product must be registered
for $50. A command-line, stripped down version of the program is
available for free with source code.

cheers,

mudge@l0pht.com - weld@l0pht.com