Mandiant releases rainbow table that cracks weak admin password in 12 hours

Security firm Mandiant has released a database that allows any administrative password protected by Microsoft’s NTLM.v1 hash algorithm to be hacked in an attempt to nudge users who continue using the deprecated function despite known weaknesses.

The database comes in the form of a rainbow table, which is a precomputed table of hash values linked to their corresponding plaintext. These generic tables, which work against multiple hashing schemes, allow hackers to take over accounts by quickly mapping a stolen hash to its password counterpart. NTLMv1 rainbow tables are particularly easy to construct because of NTLMv1’s limited keyspace, meaning the relatively small number of possible passwords the hashing function allows for. NTLMv1 rainbow tables have existed for two decades but typically require large amounts of resources to make any use of them.

New ammo for security pros

On Thursday, Mandiant said it had released an NTLMv1 rainbow table ...