본문 바로가기

security/해킹 보안

패스워드 크랙킹 & 감사도구 L0phtcrack 6

예전에 L0phtcrack  이라는 제품은 윈도우의 패스워드 크랙툴 중 단연 압권의 성능을 가진 제품이었습니다.

취약한 패스워드는 물론  null 패스워드 탐지 , 사전 대입 공격 , 무차별 대입 공격 등을 수행할 수 있는 제품이었습니다.

예전에는 주로 atstake.com  에서 다운 받았는데 , 시만텍에 넘어간 뒤에는 관심이 떨어지고 , 무엇보다 Cain & Abel  같은 녀석이 나오면서 관심에서 사라졌었습니다.

근데 , 인터넷 서핑중에 간만에 발견했는데 버전이 6 더군요.


 
lc6setup.exe (16MB)
MD5 Hash: 7ad7197832f670f5b0d9494a4efdb066
SHA1 Hash: 21d568dd2f8200860d41716f843fb052b17c5e21

당연히 공개버전이며 컨설팅용 버전은 구매하셔야 합니다.

전체적으로 보니 UI 가 매우 좋아 졌네요.




아래는 L0phtcrack 의 프리젠테이션 동영상 입니다.  날짜를 보니 5월26일에 올린 것으로 보입니다.
꽤나 따끈한 정보 입니다..ㅎㅎ

 



하단은 L0phtcrack.com  에서 이야기하는 파워풀~한 기능입니다.

L0phtCrack 6 is packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Yet it is still the easiest to use password auditing and recovery software available.

Password Scoring
L0phtCrack 6 provides a scoring metric to quickly assess password quality. Passwords are measured against current industry best practices, and are rated as Strong, Medium, Weak, or Fail.

Pre-computed Dictionary Support
Pre-computed password files is a must have feature in password auditing. L0phtCrack 6 supports pre-computed password hashes. Password audits now take minutes instead of hours or days.

Windows & Unix Password Support
L0phtCrack 6 imports and cracks Unix password files. Perform network audits from a single interface.

Remote password retrieval
L0phtCrack 6 has a built-in ability to import passwords from remote Windows, including 64-bit versions of Vista, Windows 7, and Unix machines, without requiring a third-party utility.

Scheduled Scans
System administrators can schedule routine audits with L0phtCrack 6. Audits can be performed daily, weekly, monthly, or just once, depending on the organization's auditing requirements.

Remediation
L0phtCrack 6 offers remediation assistance to system administrators on how to take action against accounts that have poor passwords. Accounts can be disabled, or the passwords can be set to expire from within the L0phtCrack 6 interface. Remediation works for Windows user accounts only.

Updated Vista/Windows 7 Style UI
The user interface is improved and updated. More information is available about each user account, including password age, lock-out status, and whether the account is disabled, expired, or never expires. Information on L0phtCrack 6's current session is provided in an "immediate window" with a reporting tab providing up-to-the-minute status of the current auditing session.

Executive Level Reporting
L0phtCrack 6 has real-time reporting that is displayed in a separate, tabbed interface. Auditing results are displayed based on auditing method, risk severity, and password character sets.

Password Risk Status
Displays risk status in four different categories: Empty, High Risk, Medium Risk, and Low Risk.

Password Audit Method
Displays the completion of all four methods L0phtCrack 6 uses: Dictionary, Hybrid, Precomputed, and Brute Force.

Password Character Sets
Reports the completion of the various character sets being audited, including, Alpha, Alphanumeric, Alphanumeric/Symbol, Alphanumeric/Symbol/International.

Password Length Distribution
Reports the overall length of the discovered password by account.

Summary Report
Password Statistics as Locked, Disabled, Expired, or if the password is older than 180 days. Audit Summary
Number of Accounts cracked and the number of Domains audited.

Foreign Password Cracking
L0phtCrack 6 supports foreign character sets for Brute Force, as well as foreign dictionary files. Pull down menus change for language and character set. L0phtCrack 6 ships with several foreign dictionaries.

한번 정도는 사용해 보시는 것도 좋을 것 같네요~


http://cafe.naver.com/solatech
http://solatech.tistory.com
by  김재벌