Symantec Dumps L0phtcrack Password Cracker

Outsmart Malicious Hackers


Man this blows.

It seems it happened quite a while ago, I only just found out about it recently though when I was checking to see if L0phtcrack had been updated past version 5.

Symantec has quietly pulled the plug on sales of L0phtCrack, the venerable password auditing and recovery application.

The decision to discontinue support for L0phtCrack, also known as LC5, comes just months after Symantec stopped selling the application to customers outside the United States and Canada out of concerns that it violated cryptography export controls.

It is a shame as this was without doubt the best password cracker around, fastest for LM hashes by quite a long way.

Luckily there are some good alternatives, even a free alternative for L0phtcrack itself called LCP which we mentioned in our Rainbow Crack and Rainbow Tables article.

There are other good alternative too, my favourite being Cain and Abel then probably John the Ripper. I’ll do an article about Password Crackers soon, a run down of the options.

“There was always going to be a double-edged sword for Symantec. L0phtCraft is valuable as a good password-strength auditing tool but it’s also popular with [malicious] hackers who used it to break passwords and attack networks,” Fleming said in an interview with eWEEK.

He said Digital Defense used L0phtCraft in its penetrating testing products to identify and remediate security vulnerabilities that result from the use of weak or easily guessed passwords.

L0phtCraft can also be used to recover Windows and Unix account passwords to access user and administrator accounts whose passwords are lost or to streamline migration of users to newer authentication systems.

It is a tough call for a ‘security company’ especially such a large one that has to take a lot of care about reputation and corporate image.

I’m sad to see it go however.

Source: Eweek

Posted in: Hacking News

, , , , , ,


Latest Posts:


OSSIM Download - Open Source SIEM Tools & Software OSSIM Download – Open Source SIEM Tools & Software
OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.
What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.
VHostScan - Virtual Host Scanner With Alias & Catch-All Detection VHostScan – Virtual Host Scanner With Alias & Catch-All Detection
VHostScan is a Python-based virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.


8 Responses to Symantec Dumps L0phtcrack Password Cracker

  1. John Preston April 20, 2006 at 12:47 pm #

    I knew Symantec had bought out @stake, but I didn’t know they were dumping it! You’re right, this does suck. I wonder if I can get a torrent file for it… =)

  2. Cliff Hill April 20, 2006 at 12:58 pm #

    Wow, is this ever old news. This was written about as far back as January. http://www.liquidmatrix.org/blog/2006/03/05/lc5-dies-and-the-world-fails-to-mourn/

  3. Darknet April 21, 2006 at 4:58 am #

    John Preston: Yah same here, I knew about the aquisition, but didnt know they were dumping it..

    Cliff Hill: Because it’s old, does it make it any less interesting :P That post is from March btw, not THAT old, it just references a rumour from January.

  4. hyper mike April 22, 2006 at 5:28 pm #

    Hi!!!

    I need a companion to play network hacking !!!

    Anyone could beat me?

    Hyper Cool
    City Crazh
    Zero Cool
    The Never Beat

  5. safwan May 2, 2006 at 11:45 am #

    Hi!!!

    I need a companion to play network hacking !!!

    Anyone could beat me?

  6. jim May 4, 2006 at 5:55 am #

    i can bet aby1 in network security things i have even kicked ankit fadia’s assss so no SAFWAN can beat me even any 1 thinks +ve then contact me…..

  7. Jason August 16, 2006 at 4:12 am #

    A buddy of mine met the creator of L0phtcrack (mudge) at Black Hat this year, he told me that if symantec doesn’t do anything with @stake within a year it goes back to him.

  8. Gouki August 16, 2006 at 2:48 pm #

    … that would be good!