NET-NTLMV1 RAINBOW TABLES

Alpha · #1 01-19-2026, 23:15

Essentially, if an attacker can obtain a Net-NTLMv1 hash without Extended Session Security (ESS) for the known plaintext of 1122334455667788, a cryptographic attack, referred to as a known plaintext attack (KPA), can be applied. This guarantees recovery of the key material used. Since the key material is the password hash of the authenticating Active Directory (AD) object—user or computer—the attack results can quickly be used to compromise the object, often leading to privilege escalation.

Rainbow tables for NTLMV1 can be downloaded at around 200gb in blocks of 2.1gb

Info and links in txt

sandalik · #2 01-20-2026, 02:22

Can be downloaded from here:

The unsorted dataset can be downloaded using gsutil -m cp -r gs://net-ntlmv1-tables/tables or through the Google Cloud Research Dataset portal:

Quote:

https://research.google/resources/datasets/?dataset_types=other&search=Net-NTLMv1&

The SHA512 hashes of the tables can be checked by first downloading the checksums gsutil -m cp gs://net-ntlmv1-tables/tables.sha512 then checked by sha512sum -c tables.sha512

The password cracking community has already created derivative work and is also hosting the ready to use tables.

OFFICIAL SOURCE:

Quote:

https://cloud.google.com/blog/topics/threat-intelligence/net-ntlmv1-deprecation-rainbow-tables

Related News Article :

Quote:

https://arstechnica.com/security/2026/01/mandiant-releases-rainbow-table-that-cracks-weak-admin-password-in-12-hours/

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

The Following 2 Users Say Thank You to Alpha For This Useful Post:
Hypnz (01-20-2026), niculaita (01-20-2026)

The Following 2 Users Say Thank You to sandalik For This Useful Post:
Hypnz (01-20-2026), niculaita (01-21-2026)