L0phtCrack is a Windows NT password-auditing tool (intended for Windows NT/95/98). Its purpose is to compute Windows NT user passwords from the cryptographic hashes that are stored in the system registry. The operating system does not store the user passwords in their original clear text form for security reasons. The actual user passwords are encrypted into hashes because they are sensitive information that can be used to impersonate any user, including the administrator of the operating system. L0phtCrack computes the password from a variety of sources using a variety of methods. The end result is a state of the art tool for recovering the passwords users use.
There are many uses for computing user passwords. The system administrator usually wants to verify the strength of the users' passwords. There are password filters available for Windows NT but how do you know how well your filter is? Without testing the passwords generated by users against a real world password cracker you can only guess how much time it will take an external attacker or malicious insider to discover the passwords. Other uses include recovering a forgotten password, retrieving the password of a user in order to impersonate them, or migrating from Windows NT to another platform such as Unix.
The new version of the tool, L0phtCrack 2.50 has been improved to increase its cracking speed by 450%, making it one of the fastest PC based cracking utilities. Version also 2.50 includes a built-in SMB Packet capturing device driver that runs on any Windows NT/95/98 machine. The device driver makes it possible to capture LANMAN (Network based authentication) hashes (Enabling the administrator to crack usernames and passwords without having to connect to a Windows NT host to download the usernames and passwords).
