14 DAY TRIAL // The rights for L0phtCrack, one of the favorite tools of now old-school hackers, have been reacquired by its original developers from Symantec. They plan to release version 6 of the application at the upcoming SOURCE Conference in Boston, on March 11th.
To have a glimpse at the history of L0phtCrack, we have to go back in time to around 1992, when a bunch of students from Boston formed a group named L0pht Heavy Industries, which was later to become one of the most famous hacking collectives in the history of the Internet.
The hacking outfit was headquartered in a loft apartment, hence its name, from where it ran various websites and released hacking software. L0pht Heavy Industries was one of the few underground hacking groups to evolve into a security consultancy company.
Its members included the likes of Christien "Dildog" Rioux, former Symantec researcher and author of the controverted Back Orifice 2000 remote administration application, Peiter "Mudge" Zatko, who was summoned by President Clinton, along with other security professionals in 2000 to discuss the major DDoS attacks on the Internet at the time, Chris "Weld Pond" Wysopal, named in 2008 by eWeek one of the "100 Most Influential People in IT" for his achievements and contribution to the industry along the years, and Joe "Kingpin" Grand, electrical engineer and inventor, currently one of the stars of Discovery Channel's "Prototype This!" TV series.
The group members are also famous for testifying in 1998 before the U.S. Senate that they could bring the Internet down in 30 minutes. The L0pht underground hacking think tank came to an end in 2000, when it merged into a security company known as @stake, which was acquired by Symantec in 2004 along with the successful L0phtCrack password auditing tool.
L0phtCrack was much appreciated by the hacking community for its ability to use dictionary and brute-force attacks, as well as rainbow tables in order to crack weak passwords. The graphical interface version required purchasing a license, however, the command-line one was offered for free. Symantec discontinued sales of and support for the product in 2006, allegedly because it was conflicting with regulations in the U.S.
"Space Rogue," one of the former L0pht members, announced yesterday on his blog that "L0phtCrack, the original and still the best password auditing tool for MS windows based systems, will be re-released at Source Boston by the original authors." Meanwhile, the l0phtcrack.com website confirms the come-back. "At a special information session at SOURCE Boston (Thursday, 10:15am), the team that brought you L0phtCrack will be releasing version 6 of the highly-acclaimed Windows password auditing tool," the website announces.
Details on the new version are scarce, but, according to "Space Rogue," new features include support for 64-bit platform and upgraded rainbow tables. "Details on potential additional new features, and pricing have not yet been released, but you can bet that it will be better than Symantec’s," the former-hacker writes.
