LCP - Windows Account Passwords Auditing

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Windows operating systems keep their passwords into an encrypted form called "hashes". Passwords cannot be retrieved directly from hashes. To recover passwords it is necessary to compute hashes by possible passwords and compare them to the existing hashes. Password auditing includes check of possible ways to retrieve user accounts information. Result of password recovery is passwords in case-sensitive form.

There are several ways to obtain password hashes, depending on their location and existing access. Password hashes can be obtained from SAM file or its backup, directly from local or remote computer registry, from registry or Active Directory on local or remote computer by means of DLL injection, from a network sniffer.