[bigfatkitten]

NTLMv1 rainbow tables have been available for 15-20 years. The only thing new is that Google are publishing theirs.

[coopreme]

NTLM is often used for more of the underlying technologies, some more secure than others… nthash, net-ntlmv1, net-ntlmv2. There’s a little more complexity here and this is different than the stuff that was out 15 years ago

[bri3d]

> this is different than the stuff that was out 15 years ago

This stuff was out at least 10-15 years ago. It’s different from the ancient local ntlm hash cracking everyone used to get admin in high school, yes, but it’s not a novel technique.

on cursory google, https://github.com/NotMedic/NetNTLMtoSilverTicket/blob/maste... is 6 years old and was old news when it was committed, and https://crack.sh/netntlm/ has been around online for at least 10 and I think more like 15+ years.

[patmorgan23]

Microsoft has deprecated NTLM and is actively ripping it out of windows.

https://support.microsoft.com/en-us/topic/upcoming-changes-t...

Windows 11 is probably the last version that will contain NTLM (and hopefully NTLMv2). Going forward everything will be Kerberos or Oauth based.

[bigfatkitten]

Ironically enough, the things that tend to break first when you try to turn off NTLM are still Microsoft products like ADCS.

[reincarnate0x14]

You're not wrong, I just want to point out this is net-lmvm1, which is different and more complex. Not functionally meaningfully more complex to an adversary with a few hundred USD (almost typed LSD) in monies. But technically larger tables. That being said I'm in agreement that this has been known problem for 10+ years, and Google is just saying the horses are so long out of the barn their grandchildren are grazing.