L0phtCrack – the venerable Windows system password auditing tool has now been released as an open-source utility.
Christien Rioux (DilDog), one of the original authors of L0phtCrack announced to have plans to release an open source version of the tool in early August on Twitter.
First released in 1997, L0phtCrack can be used to test password strength and recover lost Windows passwords via dictionary, brute-force, and other types of attacks.
It was developed originally by Peiter Zatko. L0pth then merged with @stake, which was acquired by Symantec in 2004. It was owned by Symantec between 2004 and 2009, when it was acquired from the cybersecurity firm by Zatko and other original authors. By that time, Symantec had stopped selling the tool, according to sources.
In July 1, 2021, the company said L0phtCrack software is no longer owned by Terahash, LLC. It has been repossessed by the previous owners, formerly known as L0pht Holdings, LLC for Terahash defaulting on the installment sale loan.
“L0phtCrack is no longer being sold. The current owners have no plans to sell licenses or support subscriptions for the L0phtCrack software.”
However on October 17, they officially announced the open source availability of L0phtCrack version 7.2.0. The open sourced project is looking for both maintainers and contributors.