Vulners
Lucene search
Google AD Sync Tool Vulnerability (GADS)
Due to a weakness in the way the Java encryption algorithm
(PBEwithMD5andDES) has been implemented in the GADS tool all
stored credentials can be decrypted into plain-text. This
includes all of the encrypted passwords stored in any end-users
saved XML configuration file, such as Active Directory accounts,
SMTP, Proxy details, LDAP and OAuth tokens, etc.
Proof of Concept.
Using the following information from the XML and GADS tool to
decrypt all encrypted passwords from any XML:
1. The hard coded salt:
SALT[] = { -87, -101, -56, 50, 86, 53, -29, 3 }
2. The hard coded DES interation count:
ITERATION_COUNT = 20
3. The Secret key derived from the uniqueID value in the XML:
6512630db9a74d90a5531f574b85f398
4. The cipher-text from the XML:
<encryptedAdminPassword>1edOUtamjNA=</encryptedAdminPassword>
5. The algorithm: PBEwithMD5andDES
The decrypted value is: winning!
# 0day.today [2017-12-31] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Apr 2013 00:00Current
6.9Medium risk
Vulners AI Score6.9