The next fastest method for retrieving simple passwords is a dictionary crack. L0phtCrack 7 tests all the words in a dictionary or wordfile against the password hashes. It also permutes the words with the characters users often substitute, prepend or append to words when creating passwords. Once L0phtCrack 7 finds a correct password, the result is displayed.
L0phtCrack 7 includes four wordlist files of increasing size: wordlist-small.txt, wordlist-medium.txt, wordlist-large.txt, wordlist-huge.txt. The word list files are text files with one word per line, so they are easy to customize. We recommend doing so, or adding an additional word list, so that you can include your organization name, local team names, or any other words or names specific to your organization and location that users might be basing passwords off of.
The wordlist files and permutation types are specified in a dictionary crack preset which is selected from the Preset list. When you select a preset you will see the configuration of the preset in the Preset Configuration to the right of the preset list. The configuration is grayed out unless you are editing the preset.
There are four included presets:
Below the Presets list is a set of buttons that are used to create a preset, remove a preset, edit a preset, and duplicate a preset.
To create a new preset press the + button and then add a name and description. In the Preset Configuration, select a Wordlist, an Encoding, the Permutation Rules, and a Duration. When you are satisfied with your settings press the checkmark button to save the preset.
You may also duplicate the included presets and modify the duplicate. You cannot edit or remove the included presets. They are displayed in an italic font.
If you have already imported the password hashes to audit and you are satisfied with your audit technique and configuration, press the Run Audit Immediately button to begin your audit.