HostedDB - Dedicated UNIX Servers
nt-part2_86 Analysis of the Security of  Windows NT 1 March 1999 86 D Utility Programs In this appendix, we will present some utilities that we believe could be useful for an NT administrator. Some of them were used during our study. We categories them according to the structure presented in section 6. D.1  Security Analysis Programs D.1.1  L0phtcrack L0phtcrack (pronounced “loftcrack”), is as far as we know, the most popular password cracking program for NT, which can be used to recover both the Lan Manager pass- word and the NT password, stored in the SAM database. Version 1.x of this program takes as input a file with user information, including both the username and the pass- word.   Such   a   file   can   be   created   by   the   PWDump   utility,   see   appendix   D.2.3. L0phtCrack can optionally take a dictionary file as input. This type of attack is often referred to as a dictionary attack. Alternatively, L0phtCrack gives the attacker the capability to apply a brute force attack on the entire key space. The utility is distributed with both a graphic and a character user interface. Recently, a new version, 2.x, of this program has been announced. The creators have tuned version 1.x as well as added new functionality. First, L0phtCrack takes advan- tage of multiprocessor machines. Second, version 2 is able to retrieve password hashes from the network. Third, the new version even accepts the SAM database as input. Forth, it has become a commercial product. D.1.2  Crack for NT The very popular UNIX password cracking program, called Crack, is nowadays ported to, and freely available for, NT. However, we have not used it in our experiments, because we have been fully satisfied with the functionality offered by L0phtCrack. D.1.3  C2CONFIG The C2 configuration tool can be used to compare the current configuration of an NT system with the C2 level security requirements, see [65]. C2CONFIG is shipped on Microsoft's Windows NT Resource Kit, which is available in bookstores. D.1.4  DumpACL The DumpACL utility reports various security information about a particular NT installation. A trail version of this program is available at Somarsofts Web site, see appendix E. DumpACL offers a number of features, including: •   Dumps permissions for file systems, shares, Registry and printers. •   Dumps policies, rights and trusts. •   Dumps users and groups.