Yup we came out with l0phtCrack v2.0

[mudge () L0PHT COM (Mudgenski Von Splat)]

[somebody posted the URL a day ago - though we hadn't made it publicly
 available at the time as we were working out some minor bugs. This is
 the official release. Sorry for any confusion and our appologies to
 anyone who D/L'd the next to final rev that we had up for a day.
 Just grab the newest version and remove the registry key from any previous
 versions - HKEY_CURRENT_USER\Software\L0pht before you install. .mudge]

      Document:  L0pht Security Announcement
    URL Origin:  http://www.l0pht.com/l0phtcrack/
  Release Date:  February 12th, 1998
   Application:  Windows NT, SAMBA running on Unix machines
      Severity:  New release of l0phtcrack v2.0
        Author:  mudge () l0pht com, weld () l0pht com
 Operating Sys:  Windows NT, Windows 95

 L0phtCrack 2.0 Released

 It's big. It's bad. It cuts through NT passwords like a diamond
 tipped, steel blade. It ferrets them out from the registry, from
 repair disks, and by sniffing the net like an anteater on
 dexadrene.


 For the six months since L0phtCrack 1.5 was first demonstrated publicly
 we have been doing usability testing and listening to the L0phtCrack
 user community for feature ideas. Thanks for your input. We hope you
 are happy with the improvements in functionality and performance.

 New features

 The long awaited SMB session network sniffer is bundled in.
 Collect LANMAN password hashes without administrator rights.

 Use built-in SAMDUMP funtion to extract the password hashes
 from the registry SAM file on the hard disk, an emergency repair
 disk, or a backup tape.

 Ability to save and restore a partially completed brute force
 attempt. Current iteration and character set are saved with the
 partial results. File is automatically saved every 5 minutes.

  When one of the halves of a LANMAN password is found it is
  displayed. Great for 8-12 character passwords where the 2nd
  half of the password is quickly brute forced.

  Custom character sets for brute forcing are supported.

  Multiprocessing brute force algorithm. Benchmarked brute force
  at 6 hours for A-Z characters and 62 hours for A-Z, 0-9 on a
  quad Pentium Pro 200.

  Exponential speedup for large numbers of users due to faster
  search algorithm. It is now feasible to brute force 10,000 users
  at a time,

  L0phtCrack is now a friendly background process. It runs at
  below normal priority and has the ability to completly hide and
  be restored with a hotkey: Ctrl-Alt-L.


L0phtCrack 2.0 is shareware

L0phtCrack was originally envisioned as an experimental research tool.
Many system administrators, security auditors, and tiger teams have
asked for specific features to make L0phtCrack a more powerful and
easier to use tool. We have decided to give L0phtCrack the quality and
feature set needed by computer security professionals and distribute it
as shareware.

The trial period is 15 days, after which the product must be registered
for $50. A command-line, stripped down version of the program is
available for free with source code.


cheers,

mudge () l0pht com - weld () l0pht com