UGN Security Forums UGN Security: Knowledge Base Operating Systems Windows & Windows Security LC4 *windows password recovery tool*

recovery is the same damn thing as crack...anywho...

Anybody had a chance to try this program out? Basically it can crack windows passwords on a network or local machine. I must say...i'm rather impressed with it. I've been testing it out and exploring some of it's features. It's works well for the most part. If the password is a word or basically anything in the dictionary it'll crack the PW in under 10 seconds. Once it's done checking those out if it still hasn't cracked the password it moves onto a brute force hack. attempts nearly 4million configurations a second (the part I was impressed by). It took it a lil while (5 - 7 minutes) for it to crack a random # password I had (7 character password)set on one of my windows accounts.


anybody else have any thoughts on this?

<img border="0" alt="" title="" src="graemlins/Cool.gif" />

L0pht is the defacto password cracker on the internet. There is none better.

The last time I used it it was to crack the admin password on the laptop I'm renting from my school. They used special characters in it, so it took 3 days to get it. If you leave it long enough, it will crack anything.

Infinite

I didn't know it could do special characters. That's pretty cool...3 days is kind of a long time but overall that's cool

--matt

3 days isn't that long. It had to brute force it, and if it had tried every combination before it got it it would have taken 72 days. When you are talking about letters, numbers, and special characters you are talking about a hell of a lot of combinations for even an 8 character pass.

Infinite

this is true

I used to use this to do monthly password audits at my last job.

The last time I've used LC was fall of 2000 I think. I don't know if this is still the case, but at the time it had this unique ability to split a hash into 2 parts and crack at it. That means a 14 character password can take just as long to crack as a 7 character password. I had cracked randomly generated upper & lower case alpha-numeric passwords of 14 characters in length. At the time 14 characters was the longest a password can be. The user of the computer I had cracked tried to make his password ultimately secure - and failed.