Skip to content

Instantly share code, notes, and snippets.

@cfg
Created April 4, 2017 18:17
Show Gist options
  • Save cfg/4585f041cd069d3f2639e53fc33ae281 to your computer and use it in GitHub Desktop.
Save cfg/4585f041cd069d3f2639e53fc33ae281 to your computer and use it in GitHub Desktop.
Extracting 2FA seeds from Authy
Open chrome://extensions, debug Authy main.html
Set a breakpoint in Authy app.js in this function:
d.prototype.getOtp = function() {
return this.isEncrypted() ? "------" : this.otpGenerator.getOtp(this.decryptedSeed, this.digits)
}
Can use a conditional breakpoint, where this.getName() == 'your.account.display.name'
console.log( "otpauth://totp/%s:%s?secret=%s&issuer=%s", encodeURIComponent( this.getAccountName() ), encodeURIComponent( this.getName() ), encodeURIComponent(this.decryptedSeed), this.getAccountName() );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment