andry08 / arubaotp-seed-extractor Goto Github PK
View Code? Open in Web Editor NEWExtract TOTP seed instead of using ArubaOTP app
License: MIT License
Extract TOTP seed instead of using ArubaOTP app
License: MIT License
Riproducibilità:
-scaricato l'intera repo
-installato le dipendenze
-lanciato python ./scripts/main.py extract [segreto] -q
errore
Traceback (most recent call last):
File "D:\File scaricati\ArubaOTP-seed-extractor-master\scripts\main.py", line 4, in
from os import minor
ImportError: cannot import name 'minor' from 'os' (C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.1776.0_x64__qbz5n2kfra8p0\lib\os.py)
dati aggiuntivi: eseguito su windows 10, versione python 3.10
Can't tell you how much pissed I was every time I had to ask my coworker for the phone to use the Aruba OTP app. Now that's a thing of the past with the generator in our shared 1Password vault, thanks to you.
Cheers!
Good moring,
i'm experiencing this error:
Traceback (most recent call last):
File "./scripts/main.py", line 95, in main
extract(args.activation_code, args.only_output, args.show_qr)
File "./scripts/main.py", line 23, in extract
seed = extractor.extract_otp(activation_code)
File "/root/ArubaOTP-seed-extractor/scripts/request.py", line 44, in extract_otp
raise Exception('Error occured in seed validation: [{}] {}'.format(resp2['returncode'], resp2['description']))
Exception: Error occured in seed validation: [0005] Validazione licenza fallita sync non riuscito
I've tryed checking the requirement and tried to reinstall the script but is not working.. any suggestion?
Credo sia importante spiegare meglio l'utilizzo di questo codice molto molto utile.
Ho infatti sempre odiato ArubaOTP in quanto utilizzo normalmente LastPass Authenticator per tutti gli altri 2FA che supportano lo standard di Google Auth (30sec / 6 cifre / SHA1).
Ho scoperto grazie ad un articolo che vi linkava che non bastava copiare il codice e impostare lastpass auth con 60sec/8 cifre/sha256, ma che è necessario utilizzare il vostro script per estrarre la vera chiave da quel numero.
Si suggerirei quindi di mettere nel readme qualche riferimento più esplicito sull'utilizzo del software e su come impostare i software di generazione compatibili - tra cui LastPass auth.
Se ritenete sia una cosa fattibile, posso forkare, fare le modifiche al readme e aprire pullrequest - ma eviterei invece se preferite rimanere "generici"
The first time I call extract
I'm able to extract the seed.
But the second time it tells me the operation is not valid:
$ python ./scripts/main.py extract XXX
Traceback (most recent call last):
File "./scripts/main.py", line 86, in main
extract(args.activation_code, args.only_output, args.show_qr)
File "./scripts/main.py", line 23, in extract
seed, otp_type, digits, period, counter = extractor.request_otp(activation_code)
File "./scripts/request.py", line 27, in request_otp
raise Exception('Seed request failed: [{}] {}'.format(resp1['returncode'], resp1['description']))
Exception: Seed request failed: [0007] Operazione non valida per stato licenza
Buongiorno, non riesco a capire bene il punto 2 e di conseguenza il 3.
Dopo aver installato i requisiti, c'e scritto di aprire il sito web di Aruba e avvia l'accoppiamento. Ho aperto il sito di Aruba da Chrome e ho fatto l'accesso al mio account, dopodiche ?
I'm tring with python 3.6
python3 ./scripts/main.py extract 346702100501561100
Traceback (most recent call last):
File "./scripts/main.py", line 85, in
main()
File "./scripts/main.py", line 44, in main
description='What do you want to do?')
File "/usr/lib/python3.6/argparse.py", line 1716, in add_subparsers
action = parsers_class(option_strings=[], **kwargs)
TypeError: init() got an unexpected keyword argument 'required'
What python version is made this script for?
thanks
Non sono riuscito a far funzionare lo script con "Firma Remota con Otp Mobile" by Aruba:
Traceback (most recent call last):
File "./scripts/main.py", line 95, in main
extract(args.activation_code, args.only_output, args.show_qr)
File "./scripts/main.py", line 23, in extract
seed = extractor.extract_otp(activation_code)
File "/content/ArubaOTP-seed-extractor/scripts/request.py", line 44, in extract_otp
raise Exception('Error occured in seed validation: [{}] {}'.format(resp2['returncode'], resp2['description']))
Exception: Error occured in seed validation: [0005] Validazione licenza fallita sync non riuscito
Traceback (most recent call last):
File "/content/ArubaOTP-seed-extractor/scripts/totptest.py", line 10, in generate
with open(os.path.join(os.sys.path[0], 'seed.txt'), 'r') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/content/ArubaOTP-seed-extractor/scripts/seed.txt'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "./scripts/main.py", line 99, in main
generate(args.seed, args.time)
File "./scripts/main.py", line 33, in generate
code = totptest.generate(seed, time)
File "/content/ArubaOTP-seed-extractor/scripts/totptest.py", line 13, in generate
raise Exception('Error while reading seed file, make sure to execute the request.py script before this') from e
Exception: Error while reading seed file, make sure to execute the request.py script before this
The OTP generated by the Python script works, but the one generated by andOTP doesn't.
$ python ./scripts/main.py generate
Traceback (most recent call last):
File "./scripts/main.py", line 90, in main
generate(args.seed, args.time)
File "./scripts/main.py", line 33, in generate
code = otputil.generate_totp(seed, time)
TypeError: generate_totp() missing 2 required positional arguments: 'interval' and 'time'
Ho provato con l'ultima versione di Google Authenticator (sia su Android che su IOS) e scansionando il QR Code che viene generato funziona correttamente anche per quanto riguarda le 8 cifre invece che le 6 standard.
Complimenti per il programma
L'ho trovato molto utile nel mio campo
Ciao e complimenti per lo script in python, mi è stato utilissimo (anche io non tollero l'idea di avere 4 app che fanno la stessa identica cosa). Di recente Aruba ha introdotto la 2FA anche per la PEC, e a giudicare dalla forma (8 cifre), sembra proprio che la minestra (aloritmo di hashing, etc) sia sempre la stessa. Tuttavia, l'associazione con il dispositivo mobile non avviene inquadrando un QR code, bensì premendo un pulsante "associa questo dispositivo" direttamente dall'app mobile (sulla quale si era preventivamente effettuato il login). Credi sia possibile estrarre il secret anche in questo caso?
This is a very interesting project.
To your knowledge, is there any way that this kind of principle could be applied to the other SPID providers ? I'm interested in seeing if it could work with Sielte ID.
Let me know if you'd be available to give it a try.
Thank you
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.