Skip to content

Instantly share code, notes, and snippets.

@hainh

hainh/extract_otp_secrets.md

Created June 1, 2023 16:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hainh/4ef940f49d819018c739cf0f9a033f1c to your computer and use it in GitHub Desktop.
Save hainh/4ef940f49d819018c739cf0f9a033f1c to your computer and use it in GitHub Desktop.
Download ZIP
Extract OTP secret from Google Authenticator in a simple way
Raw
extract_otp_secrets.md

This show how to extract OTP secret from Google Authenticator

  1. Export your account from Authenticator app then use other phone to scan the QR code displayed
  2. Your text from QR code has form of: otpauth-migration://offline?data=thisIsSomeDataInBase64AndUrlEncoded%2B%3D
  3. Convert the data (all after otpauth-migration://offline?data=) to base64 by F12 in Chrome/Edge, in Developer console enter the following: decodeURIComponent('thisIsSomeDataInBase64AndUrlEncoded%2B%3D') image
  4. Copy the result string (without quotes) to https://protobuf-decoder.netlify.app/ you will get image
  5. Notice content at Byte range 0-12 is your secret key, copy that string 23 f8 58 9a 0d a6 93 f1 22 ec to https://cryptii.com/pipes/hex-to-base32 image
  6. Now EP4FRGQNU2J7CIXM is your secret key for that account
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment