krissrex / google-authenticator-exporter Goto Github PK

View Code? Open in Web Editor NEW

377.0 5.0 49.0 110 KB

Get the TOTP secrets exported by Google Authenticator

License: MIT License

JavaScript 98.45% Dockerfile 1.55%

nodejs totp export decode migrate secret-keys 2fa mfa

google-authenticator-exporter's Introduction

Google Authenticator secret extractor

Note: This project and I are in no way affiliated with Google.

This lets you decode the URI generated by Google Authenticator.

Guide

Prerequisites:

Your phone with Google Authenticator
A camera
Nodejs installed
A QR scanner

Getting the secret keys:

Open the Google Authenticator app.
Click Settings (three dots, top right), and Transfer accounts.
Select Export accounts.
Authenticate, if prompted.
Select the accounts you want to export (default is all).
Click Next, and capture a picture of the QR code.
- Note: Screenshots are disabled by the app. Use your laptop webcam, a digital camera or another phone.
Click Next, and repeat step 6 for all QR codes shown (if you have many accounts).
Decode the QR codes to obtain the otpauth-migration://offline?data=... URI.
Clone/Download this repository.
Run npm install.
For generating json runnpm run start, for generating qr-codes run npm run start:qrcode.
Enter the URI when prompted
If you chose json and you want to save the output, enter y and accounts.json

Use a docker image

Prerequisites:

Build the docker image locally:

docker build . --tag google-authenticator-exporter:0.0.1

Decode an obtained QR code URI:

Run the docker container locally:

docker run -it --rm google-authenticator-exporter:0.0.1

Enter the URI when prompted
Since you haven't mounted a volume, you cannot save the output using the above command, so leave the next questions empty (hit Enter).
The output to json will be printed out to terminal.

References

I found the protobuff code in https://github.com/beemdevelopment/Aegis/pull/406/files. The opensource Google Authenticator does not seem to have this yet (5th May 2020): google/google-authenticator-android#118.

A QR scanner app for Android that works is https://play.google.com/store/apps/details?id=com.google.zxing.client.android.

The Base32 format is specified in https://tools.ietf.org/html/rfc3548. There are multiple ways to implement Base32.

License: MIT, BUT this uses GNU GPL 3 code as a dependency (https://github.com/alexbakker/Aegis/blob/56bde0e19b51568a7050f6cb56085a1bb38c5a9e/app/src/main/proto/google_auth.proto) (https://github.com/alexbakker/Aegis/blob/56bde0e19b51568a7050f6cb56085a1bb38c5a9e/LICENSE)

google-authenticator-exporter's People

Contributors

Stargazers

Watchers

Forkers

dohuta paulofellix 9hua trulsstenrud hendrisulistya njtuiwang serefayhan summerclear deepdesai003 georgeyord eversonl 349k flykye viakiba operkh wxf-wangxufeng noedgeatlife kenmyzhang exploit-3389 slightlycuban udovichenko ramene psehgaft xinjinzhang seekoeid dnshouse eliegkassouf plutoid malytien coinmars dmahmalat askmagicshell nathan-fourrier hakunek ponull gopi-e alum4u masjter ady109 1orz imkgh polaris95aspire andygoo yuanyuan06 mcliu1012 ftahmed landonmoss zhangziran hungddit

google-authenticator-exporter's Issues

RangeError: index out of range:

node:readline:1252
throw err;
^

RangeError: index out of range: 51 + 10 > 51
at indexOutOfRange (C:\Users\test\google-authenticator-exporter\node_modules\protobufjs\src\reader.js:13:12)
at BufferReader.read_uint32 [as uint32] (C:\Users\test\google-authenticator-exporter\node_modules\protobufjs\src\reader.js:98:19)
at BufferReader.read_int32 [as int32] (C:\Users\test\google-authenticator-exporter\node_modules\protobufjs\src\reader.js:109:17)
at Type.OtpParameters$decode [as decode] (eval at Codegen (C:\Users\test\google-authenticator-exporter\node_modules@protobufjs\codegen\index.js:50:33), :23:14)
at Type.decode_setup [as decode] (C:\Users\test\google-authenticator-exporter\node_modules\protobufjs\src\type.js:507:25)
at Type.MigrationPayload$decode [as decode] (eval at Codegen (C:\Users\test\google-authenticator-exporter\node_modules@protobufjs\codegen\index.js:50:33), :13:33)
at Type.decode_setup [as decode] (C:\Users\test\google-authenticator-exporter\node_modules\protobufjs\src\type.js:507:25)
at decodeProtobuf (C:\Users\test\google-authenticator-exporter\src\index.js:14:36)
at decode (C:\Users\test\google-authenticator-exporter\src\index.js:48:19)
at C:\Users\test\google-authenticator-exporter\src\index.js:176:22

Add password protection support

Having the app freely available to anyone on your computer is a security hazard

NoIssue - Pythonic way

Hi !
Thanks for sharing, I wrote a simple and dirty pythonic PoC from your work
https://github.com/ArkSystemes/pygauth

<Ark />

error writing qrcodes

Also found an issue with generating QRCodes due to non-escaped characters.
e.g.for windows /:*?"<>|
I often find these are used in the authenticator name

I changed lines 91-94 of index.js to the below (probably a MUCH better way of doing it than this,but it worked for me (windows) today ;-)

const Escname = name.replace(/[\\\/:*?"<>|]/g, "\-")

    const url = `otpauth://totp/${encodeURI(name)}?secret=${encodeURI(secret)}&issuer=${encodeURI(issuer)}`
    const file = `${directory}/${issuer || "No issuer"} (${escname}).png`

Error saving to file

Hi, great script! really helpful.
Not a major issue but I am having issues when trying to save to file


`prompt: saveToFile:  y
prompt: filename:  lee.json
lee.json
true
Saving to "lee.json"...
node:internal/readline/emitKeypressEvents:71
            throw err;
            ^

TypeError: saveToFile is not a function
    at toJson (D:\py\gauth\src\index.js:120:5)
    at D:\py\gauth\src\index.js:181:9
    at D:\py\gauth\node_modules\prompt\lib\prompt.js:357:32
    at D:\py\gauth\node_modules\async\lib\async.js:154:25
    at assembler (D:\py\gauth\node_modules\prompt\lib\prompt.js:354:9)
    at D:\py\gauth\node_modules\prompt\lib\prompt.js:363:32
    at D:\py\gauth\node_modules\prompt\lib\prompt.js:658:5
    at Interface.onLine (D:\py\gauth\node_modules\read\lib\read.js:111:5)
    at Interface.emit (node:events:390:28)
    at Interface._onLine (node:readline:487:10)`

brew install zbar

How to use

zbarimg /path/to/ga-opts-export.png

Module index.js not found

I was just testing the code when i stumbled upon an 'error'.
It occurs whenever i try to run 'npm run start' or 'npm run start:qrcode'

npm and Nodejs are installed. and the index.js file exists in the stated location...

Am i doing something wrong/missing something, or what could be the problem here?

** Enviroment **
Debian 12 Virtual Machine running in Virtual Box

** Error Message **

npm run start

[email protected] start
node ./src/index.js

node:internal/modules/cjs/loader:1042
throw err;
^

Error: Cannot find module 'prompt'
Require stack:

/home/vm-admin/Downloads/google-authenticator-exporter-master/src/index.js
at Module._resolveFilename (node:internal/modules/cjs/loader:1039:15)
at Module._load (node:internal/modules/cjs/loader:885:27)
at Module.require (node:internal/modules/cjs/loader:1105:19)
at require (node:internal/modules/cjs/helpers:103:18)
at promptUserForUri (/home/vm-admin/Downloads/google-authenticator-exporter-master/src/index.js:136:18)
at Object. (/home/vm-admin/Downloads/google-authenticator-exporter-master/src/index.js:190:1)
at Module._compile (node:internal/modules/cjs/loader:1218:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1272:10)
at Module.load (node:internal/modules/cjs/loader:1081:32)
at Module._load (node:internal/modules/cjs/loader:922:12) {
code: 'MODULE_NOT_FOUND',
requireStack: [
'/home/vm-admin/Downloads/google-authenticator-exporter-master/src/index.js'
]
}

Node.js v18.13.0