Cracking Passwords for $600: The Mandiant NTLMv1 rainbow table database Release
Mandiant has released an NTLMv1 rainbow table database, allowing passwords to be cracked in under 12 hours with $600 hardware. A wake-up call for legacy security.
Legacy security just met its executioner. Cybersecurity firm Mandiant has released a massive rainbow table database designed to crack any administrative password protected by Microsoft’s aging NTLMv1 hashing algorithm.
Mandiant NTLMv1 rainbow table database: A death sentence for legacy auth
By making this database public, Mandiant is essentially forcing the hands of IT administrators who haven't yet migrated to more secure protocols. NTLMv1 has been known to be weak for over two decades, but its limited keyspace makes it an easy target for precomputed hash matching. Mandiant’s release drastically lowers the barrier to entry for such attacks.
| Metric | Requirement / Result |
|---|---|
| Hardware Cost | Under $600 USD |
| Cracking Time | Less than 12 hours |
| Platform | Google Cloud |
| Target | Net-NTLMv1 (SMB, Network Auth) |
New ammo for security professionals and hackers alike
According to Mandiant, the database allows researchers to recover passwords in under 12 hours using consumer-grade hardware. While intended as a tool for defenders to prove vulnerabilities, it’s equally accessible to malicious actors. The data specifically targets Net-NTLMv1 passwords used in network authentication, such as SMB file sharing.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Nicholas Moore pleaded guilty to hacking the U.S. Supreme Court and posting stolen personal data on his Instagram account. Read about the 2026 cybercrime case details.
Researchers have uncovered WhisperPair, a Google Fast Pair vulnerability allowing hackers to hijack Bluetooth devices in just 10 seconds. Affects major brands like Sony and JBL.
Researchers discover WhisperPair, a vulnerability in Google Fast Pair affecting 17 devices from brands like Sony and JBL, allowing 15-second audio hijacking and tracking.
Betterment confirmed a data breach on January 9, 2026, involving customer names and addresses. Hackers used a social engineering attack to send crypto scams.
Nicholas Moore pleaded guilty to hacking the U.S. Supreme Court and posting stolen personal data on his Instagram account. Read about the 2026 cybercrime case details.
Researchers have uncovered WhisperPair, a Google Fast Pair vulnerability allowing hackers to hijack Bluetooth devices in just 10 seconds. Affects major brands like Sony and JBL.
Researchers discover WhisperPair, a vulnerability in Google Fast Pair affecting 17 devices from brands like Sony and JBL, allowing 15-second audio hijacking and tracking.
Betterment confirmed a data breach on January 9, 2026, involving customer names and addresses. Hackers used a social engineering attack to send crypto scams.