New tools for old problems: Weak Windows passwords in our sights
Cybersecurity company Mandiant publishes freely accessible rainbow tables that can be used to quickly decrypt outdated NTLMv1 admin passwords.
The developers at Mandiant have published a large collection of so-called Rainbow Tables. This database consists of pre-calculated cryptographic values and makes it possible to decrypt outdated administration passwords of the Windows protocol Net-NTLMv1. The Rainbow Table is freely accessible on Google Drive.
What is the problem with NTLMv1?
NTLMv1 is a Microsoft authentication protocol from the 1980s. As early as the 1990s, however, analyses showed that the protocol had weaknesses. In 2012, the DEFCON security conference was held, at which the standard was finally declared insecure and therefore unusable. Microsoft itself replaced NTLMv1 with NTLMv2 several years ago and officially announced in 2022 that the old version would be discontinued. Nevertheless, NTLMv1 is still used in some networks for various reasons. By publishing the tables, Mandiant wants to show how easily old-style administrator passwords can be cracked. Security experts see this as a tool for tests and audits for IT managers.
It doesn't require expensive equipment or a lot of time
Mandiant claims that with the new Rainbow Tables, an administrative NTLMv1 password can be reconstructed in less than twelve hours. This «does not require expensive specialised hardware, but can work with hardware in the price range of less than 600 US dollars».
The rainbow tables can be used specifically against Net-NTLMv1 hashes. These can be used for authentication in the Windows network. As soon as an attacker has a valid hash, for example by intercepting data traffic or using other authentication enforcement tools, they can use the table to find the corresponding password.
How should those responsible react now?
Mandiant recommends that network operators immediately deactivate support for Net-NTLMv1 in their systems and switch to newer authentication mechanisms. This is the only way to permanently secure networks against such attacks.
I've been tinkering with digital networks ever since I found out how to activate both telephone channels on the ISDN card for greater bandwidth. As for the analogue variety, I've been doing that since I learned to talk. Though Winterthur is my adoptive home city, my heart still bleeds red and blue.
From the latest iPhone to the return of 80s fashion. The editorial team will help you make sense of it all.
Show all