L0phtCrack was one of the original and greatest hacking and auditing tools of the 90's, essentially creating the modern LM/NTLM password auditing landscape. L0pht Heavy Industries - the creators of the tool - were instrumental in raising awareness of both the ease of cracking passwords as well the obviousness of how poorly people choose passwords.
For those brave of heart, you can test and execute it directly by putting it in your URL location bar preceded by
The full details of this attack are on github: Hello, want to kill some time? including a bookmarklet that can run on any website. The attack can also be easily modified to demonstrate XSS vulnerabilities so you will never have to see another boring
alert(document.cookie) popup box again.