What makes Net-NTLMv1 more vulnerable than Net-NTLMv2?

Net-NTLMv1's encryption is weaker because it splits the user's NTLM hash into three 7‑byte keys used for 3DES encryption of an 8‑byte Challenge. This structure allows attackers who can control the Challenge (e.g., via a man‑in‑the‑middle tool) to recover the NTLM hash in seconds using precomputed rainbow tables, as described in the original article. Net‑NTLMv2 uses stronger HMAC‑MD5 and a variable Challenge, making such attacks infeasible.