scito / extract_otp_secrets Goto Github PK

Feature request; Parse RSA SecureID QR code data.

It appears to be very obscured.

exporting from recent version of google authenticator the process fails
ERROR: Cannot decode otpauth-migration migration payload.

• Improved performance: Nuitka can significantly improve the performance of Python code by compiling it to a binary format that can be executed more efficiently than interpreted code. This can result in faster execution times and better resource utilization.

Hi Everyone,

The README currently states:

However, the bare executable can be executed from the command line:

1. Download executable for macOS platform from [latest release](https://github.com/scito/extract_otp_secrets/releases/latest), see assets
2. Open Terminal application
3. Change to Downloads folder in Terminal: cd $HOME/Downloads
4. Set executable bit for the downloaded file: chmod +x extract_otp_secrets_X.Y.Z_macos_x86_64
5. Start executable from command line: ./extract_otp_secrets_X.Y.Z_macos_x86_64

After step (4), I believe you should recommend (require?) xattr -r -d com.apple.quarantine extract_otp_secrets_X.Y.Z_macos_x86_64. Otherwise, Apple may still keep it in quarantine and not allow it to execute.

Also see #187.

With just-cloned version (git b72157), I get the following exception when writing to a Keepass CSV file

Exported 22 totp entries to keepass csv file <redacted>
Traceback (most recent call last):
  File "<redacted>/extract_otp_secrets/src/extract_otp_secrets.py", line 957, in <module>
    sys_main()
  File <redacted>/extract_otp_secrets/src/extract_otp_secrets.py", line 163, in sys_main
    main(sys.argv[1:])
  File "/<redacted>/extract_otp_secrets/src/extract_otp_secrets.py", line 200, in main
    write_keepass_csv(args.keepass, otps)
  File "<redacted>/extract_otp_secrets/src/extract_otp_secrets.py", line 739, in write_keepass_csv
    if count_hotp_entries: print(f"Exported {count_hotp_entries} hotp entrie{'s'[:count_hotp_entries != 1]} to keepass csv file {otp_filename_hotp}")
UnboundLocalError: local variable 'count_hotp_entries' referenced before assignment

This happens when

• writing to a file, not to stdout
• there are no HOTP secrets extracted from the QR code

From the source code, the problem is obvious:

• not quiet, because writing to a file (if writing to stdout, then quiet)
• if no HOTP codes, has_hotp is falsey, so count_hotp_entries is never set

The same problem would happen if there were no TOTP entries extracted from the QR code

The solution would be to set count_totp_entries and count_hotp_entries to zero

• in an else-clause to if has_totp: and if has_hotp: respectively, or
• earlier in the function, perhaps when has_totp and has_hotp are set, or just before the if-statements.

This is a minor issue, because the file is created correctly.

Hey @scito !
Awesome tool, thanks for providing it! I debuged your script for mac and found the problem for only poping up one frame:

this check seems to be always true. After disabling it, I was able to run your application successfully. Obviously closing doesn't work anymore, not sure if there is another way for checking it.

Hello. Can you make it possible to export these secrets into json file? Or at least an option that disables printing of these large qr codes in terminal? I found that -p is short for --printqr

FYI, I downgraded from protobuf 4.21.5 to 3.14 for the script to work.

Wanted to use your script to port my Google-Auth Codes to KeePass.

Calling the script (even with the exmaple given) results in error.

python extract_otp_secret_keys.py -p example_export.txt File "extract_otp_secret_keys.py", line 98 if verbose: print('\n{}. Payload Line'.format(i), payload, sep='\n') ^ SyntaxError: invalid syntax

Am i missing anthing?

c:\Programs\Python38-32>pip3 install protobuf
Requirement already satisfied: protobuf in c:\programs\python38-32\lib\site-packages (3.19.3)

c:\Programs\Python38-32>python extract_otp_secret_keys.py c:\programs\new.txt
Traceback (most recent call last):
File "..\extract_otp_secret_keys.py", line 51, in
import generated_python.google_auth_pb2
ModuleNotFoundError: No module named 'generated_python'

c:\Programs\Python38-32>python
Python 3.8.1 (tags/v3.8.1:1b293b6, Dec 18 2019, 22:39:24) [MSC v.1916 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.

import generated_python.google_auth_pb2
Traceback (most recent call last):
File "", line 1, in
ModuleNotFoundError: No module named 'generated_python'
^Z

https://github.blog/changelog/2023-12-14-github-actions-artifacts-v4-is-now-generally-available/

QReader 2.0 has breaking changes. The code has to be adapted.

AttributeError: module 'google.protobuf.descriptor' has no attribute '_internal_create_key'

The bug title pretty much explains it all. I played with this tool and it largely worked exactly as one would hope. All inputs successfully generated an output and a QR code, however, certain codes would not scan by GAuth. Upon studying the various permutations I realized it is the presence of space characters in the NAME field that seems to break the system. I replaced those on the upstream device with underscore characters and re-exported. Everything worked great that time.

I'm going to guess there's an improper chunk detector that's getting tricked by whitespace and thus breaking the secret.

The headers or library files could not be found for zlib,
a required dependency when compiling Pillow from source.

https://github.com/scito/extract_otp_secret_keys/actions/runs/3726606340/jobs/6320167828#step:4:264

Workaround for ci: exclude pypy-3.9 and windows-latest

https://pillow.readthedocs.io/en/latest/installation.html

after the unsigned warning, the thing just doesn't open

also, where is the original extract .py file? i'd be happy using that

Ran into the following error:

administrator@totp-extract:~/extract_otp_secrets$ python3 src/extract_otp_secrets.py -d -v IMG_3307.jpg
Traceback (most recent call last):
  File "/home/administrator/extract_otp_secrets/src/extract_otp_secrets.py", line 119, in <module>
    raise e
  File "/home/administrator/extract_otp_secrets/src/extract_otp_secrets.py", line 61, in <module>
    import cv2
  File "/home/administrator/.local/lib/python3.10/site-packages/cv2/__init__.py", line 181, in <module>
    bootstrap()
  File "/home/administrator/.local/lib/python3.10/site-packages/cv2/__init__.py", line 153, in bootstrap
    native_module = importlib.import_module("cv2")
  File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
ImportError: libGL.so.1: cannot open shared object file: No such file or directory

Needed to install libgl1 in order to get it to work. Brand new Ubuntu 22.04 install, only thing installed was following these instructions. Any other info I can provide to help further support this great project?

Create executables with PyInstaller.

Docu:

• https://pyinstaller.org/en/stable/index.html
• https://github.com/pyinstaller/pyinstaller

Guides:

• https://hellocoding.de/blog/coding-language/python/pyinstaller-app-exe-erstellen
• https://realpython.com/pyinstaller-python/
• https://datatofish.com/executable-pyinstaller/
• Inspiration by https://pypi.org/project/auto-py-to-exe/

Target platforms:

• Linux amd64
• Windows amd64
• macOS unified

CV2 and PyInstaller issues:

• https://stackoverflow.com/questions/55175419/using-opencv-with-pyinstaller
• https://stackoverflow.com/questions/59189791/how-to-include-opencv-in-pyinstaller-when-opencv-is-installed-from-source
• https://stackoverflow.com/questions/73066247/error-importerror-error-recursion-is-detected-during-loading-of-cv2-binary
• https://stackoverflow.com/questions/67494128/pyinstaller-modulenotfounderror-no-module-named-cv2
• https://stackoverflow.com/questions/70011937/opencv-error-when-converting-a-python-file-to-an-exe-file-with-pyinstaller
• https://stackoverflow.com/questions/69855356/recursion-is-detected-during-loading-of-cv2-binary-extensions

When I try to extract keys from an image of the QR code, it says that it extracted 0 otps

This worked before so I'm unsure on why it's not working now

Hi
Can you please add follwing to Installation of shared system libraries for Archlinux?
pacman -S zbar

Without zbar I've got following
python src/extract_otp_secrets.py example_export.txt

ERROR: Cannot import QReader module. This problem is probably due to the missing zbar shared library.
On Linux and macOS libzbar0 must be installed.
See in README.md for the installation of the libzbar0.
Exception: Unable to find zbar shared library

After the command "pacman -S zbar" everything worked fine

greetings
Martin Stromberger

Ubuntu 20.04
Python 3.8.10
protobuf-3.20.1
qrcode-7.3.1

When running the command python3 extract_otp_secret_keys.py -p 1.txt the following error appears

Traceback (most recent call last):
  File "extract_otp_secret_keys.py", line 102, in <module>
    payload.ParseFromString(data)
google.protobuf.message.DecodeError: Error parsing message with type 'MigrationPayload'

Remove Python 3.7 support and remove 3.7 language limitations

Python 3.7 EOL: https://peps.python.org/pep-0537/

To execute the command extract_otp_secrets on OSX, the executable needs to also be removed from quarantine with xattr -dr extract_otp_secrets_x.y.z_macos_x86_64

Today a column in /data/data/com.google.android.apps.authenticator2/databases/databases is encrypted.
Is it possible to get private key from backup and decrypt keys?

When trying to decode multiple accounts, I get the error:

Traceback (most recent call last):
  File "extract_otp_secret_keys.py", line 217, in <module>
    sys_main()
  File "extract_otp_secret_keys.py", line 57, in sys_main
    main(sys.argv[1:])
  File "extract_otp_secret_keys.py", line 66, in main
    otps = extract_otps(args)
  File "extract_otp_secret_keys.py", line 98, in extract_otps
    payload = get_payload_from_line(line, i, args)
  File "extract_otp_secret_keys.py", line 138, in get_payload_from_line
    payload.ParseFromString(data)
google.protobuf.message.DecodeError: Error parsing message

I tried only exporting a single account, and that worked fine. However, anything more and the problem fails regardless if they are in a single QR code or multiple.

Windows 10
Python 3.7.3
protobuf-4.21.5
qrcode-7.3.1

Hi!

I'm using this file in my project (https://github.com/Levminer/authme) to convert google authenticator links to 2FA codes.

I want to pass the strings as arguments seperated by spaces.

Example
python extract_otp_secret_keys.py otpauth-migration://offline?data=123... otpauth-migration://offline?data=123...

Can you help me with that?
Thank you!

It would be very helpful to be able to export the URIs from a google export, so that they could be imported in a batch into FreeOTP+ or other authenticators that accept lists of URIs. As it is, I think the only way to do this is to export the QR codes for each entity, then extract the URIs from those with a camera.

Thanks in any case for this very useful project.