Symantec Dumps L0phtcrack Password Cracker

Keep on Guard!


Man this blows.

It seems it happened quite a while ago, I only just found out about it recently though when I was checking to see if L0phtcrack had been updated past version 5.

Symantec has quietly pulled the plug on sales of L0phtCrack, the venerable password auditing and recovery application.

The decision to discontinue support for L0phtCrack, also known as LC5, comes just months after Symantec stopped selling the application to customers outside the United States and Canada out of concerns that it violated cryptography export controls.

It is a shame as this was without doubt the best password cracker around, fastest for LM hashes by quite a long way.

Luckily there are some good alternatives, even a free alternative for L0phtcrack itself called LCP which we mentioned in our Rainbow Crack and Rainbow Tables article.

There are other good alternative too, my favourite being Cain and Abel then probably John the Ripper. I’ll do an article about Password Crackers soon, a run down of the options.

“There was always going to be a double-edged sword for Symantec. L0phtCraft is valuable as a good password-strength auditing tool but it’s also popular with [malicious] hackers who used it to break passwords and attack networks,” Fleming said in an interview with eWEEK.

He said Digital Defense used L0phtCraft in its penetrating testing products to identify and remediate security vulnerabilities that result from the use of weak or easily guessed passwords.

L0phtCraft can also be used to recover Windows and Unix account passwords to access user and administrator accounts whose passwords are lost or to streamline migration of users to newer authentication systems.

It is a tough call for a ‘security company’ especially such a large one that has to take a lot of care about reputation and corporate image.

I’m sad to see it go however.

Source: Eweek


Posted in: Hacking Tools

, , , , , ,

Latest Posts:


BSQLinjector - Blind SQL Injection Tool Download BSQLinjector – Blind SQL Injection Tool Download in Ruby
BSQLinjector is an easy to use Blind SQL Injection tool in Ruby, that uses blind methods to retrieve data from SQL databases.
CCleaner Hack - Spreading Malware To Specific Tech Companies CCleaner Hack – Spreading Malware To Specific Tech Companies
The CCleaner Hack is blowing up, initially estimated to be huge, it's hit at least 700k computers & is specifically targeting 20 top tech organisations.
AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds


8 Responses to Symantec Dumps L0phtcrack Password Cracker

  1. John Preston April 20, 2006 at 12:47 pm #

    I knew Symantec had bought out @stake, but I didn’t know they were dumping it! You’re right, this does suck. I wonder if I can get a torrent file for it… =)

  2. Cliff Hill April 20, 2006 at 12:58 pm #

    Wow, is this ever old news. This was written about as far back as January. http://www.liquidmatrix.org/blog/2006/03/05/lc5-dies-and-the-world-fails-to-mourn/

  3. Darknet April 21, 2006 at 4:58 am #

    John Preston: Yah same here, I knew about the aquisition, but didnt know they were dumping it..

    Cliff Hill: Because it’s old, does it make it any less interesting :P That post is from March btw, not THAT old, it just references a rumour from January.

  4. hyper mike April 22, 2006 at 5:28 pm #

    Hi!!!

    I need a companion to play network hacking !!!

    Anyone could beat me?

    Hyper Cool
    City Crazh
    Zero Cool
    The Never Beat

  5. safwan May 2, 2006 at 11:45 am #

    Hi!!!

    I need a companion to play network hacking !!!

    Anyone could beat me?

  6. jim May 4, 2006 at 5:55 am #

    i can bet aby1 in network security things i have even kicked ankit fadia’s assss so no SAFWAN can beat me even any 1 thinks +ve then contact me…..

  7. Jason August 16, 2006 at 4:12 am #

    A buddy of mine met the creator of L0phtcrack (mudge) at Black Hat this year, he told me that if symantec doesn’t do anything with @stake within a year it goes back to him.

  8. Gouki August 16, 2006 at 2:48 pm #

    … that would be good!