EIP-2026-103776

PRE-CVE

Google AD Sync Tool - Exposure of Sensitive Information

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103776. PoCs published by Sense of Security.

AI-analyzed exploit summary This advisory details a cryptographic weakness in Google Active Directory Sync (GADS) Tool, where hardcoded salt and iteration count in the PBEwithMD5andDES algorithm allow decryption of stored credentials. The proof of concept includes specific values (salt, iteration count, secret key) to decrypt passwords from XML configuration files.

Description

Google AD Sync Tool - Exposure of Sensitive Information

Exploits (1)

exploitdb WRITEUP

by Sense of Security · textlocalmultiple

https://www.exploit-db.com/exploits/24923

View Code ZIP pw:eip

This advisory details a cryptographic weakness in Google Active Directory Sync (GADS) Tool, where hardcoded salt and iteration count in the PBEwithMD5andDES algorithm allow decryption of stored credentials. The proof of concept includes specific values (salt, iteration count, secret key) to decrypt passwords from XML configuration files.

Classification

Writeup 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Google Active Directory Sync (GADS) Tool versions up to 3.1.3

No auth needed

Prerequisites: Access to the XML configuration file containing encrypted credentials

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026