jmiserez/gist:744116545d7f595923966f883c4f1b5d

## gistfile1.txt
1. Go to https://gchq.github.io/CyberChef/
2. Download CyberChef (top left), extract .zip and open .html file
3. Click "Load Recipe" in the top middle
4. Enter the following recipe:

Parse_QR_Code(false)
Regular_expression('User defined','otpauth-migration\\:\\/\\/offline\\?data\\=(.*)',true,false,true,false,false,false,'List capture groups')
URL_Decode()
From_Base64('A-Za-z0-9+/=',true)
Protobuf_Decode('syntax = "proto3";\n\noption java_package = "com.beemdevelopment.aegis";\noption java_outer_classname = "GoogleAuthProtos";\n\nmessage MigrationPayload {\n  enum Algorithm {\n    ALGORITHM_UNSPECIFIED = 0;\n    ALGORITHM_SHA1 = 1;\n    ALGORITHM_SHA256 = 2;\n    ALGORITHM_SHA512 = 3;\n    ALGORITHM_MD5 = 4;\n  }\n\n  enum DigitCount {\n    DIGIT_COUNT_UNSPECIFIED = 0;\n    DIGIT_COUNT_SIX = 1;\n    DIGIT_COUNT_EIGHT = 2;\n  }\n\n  enum OtpType {\n    OTP_TYPE_UNSPECIFIED = 0;\n    OTP_TYPE_HOTP = 1;\n    OTP_TYPE_TOTP = 2;\n  }\n\n  message OtpParameters {\n    bytes secret = 1;\n    string name = 2;\n    string issuer = 3;\n    Algorithm algorithm = 4;\n    DigitCount digits = 5;\n    OtpType type = 6;\n    int64 counter = 7;\n  }\n\n  repeated OtpParameters otp_parameters = 1;\n  int32 version = 2;\n  int32 batch_size = 3;\n  int32 batch_index = 4;\n  int32 batch_id = 5;\n}',false,false)
Regular_expression('User defined','"secret": "(.*)",',true,true,false,false,false,false,'List capture groups')
From_Base64('A-Za-z0-9+/=',true)
To_Base32('A-Z2-7=')

5. Click "Load"
6. Click "Open file as input" (top right) with your QR code as the input file.

Notes on security (2023-08-11):
For very small input files or when entering plain text, the CyberChef tool may append the input file to the fragment identifier of the URL in your browser (i.e. '?input=' in the '#' part of the URL). This information could remain in your local browser history, which is undesirable in the case of TOTP secrets.
To prevent such information leakage through the browser history either clear the history entries afterwards, or use a private browsing window for the whole process, or uncheck the CyberChef option 'Update the URL when the input or recipe changes' in the top-right settings before uploading the input file. In any case do not share CyberChef URLs directly with anyone as they may contain input, instead use the 'Save recipe' button.
	1. Go to https://gchq.github.io/CyberChef/
	2. Download CyberChef (top left), extract .zip and open .html file
	3. Click "Load Recipe" in the top middle
	4. Enter the following recipe:

	Parse_QR_Code(false)
	Regular_expression('User defined','otpauth-migration\\:\\/\\/offline\\?data\\=(.*)',true,false,true,false,false,false,'List capture groups')
	URL_Decode()
	From_Base64('A-Za-z0-9+/=',true)
	Protobuf_Decode('syntax = "proto3";\n\noption java_package = "com.beemdevelopment.aegis";\noption java_outer_classname = "GoogleAuthProtos";\n\nmessage MigrationPayload {\n enum Algorithm {\n ALGORITHM_UNSPECIFIED = 0;\n ALGORITHM_SHA1 = 1;\n ALGORITHM_SHA256 = 2;\n ALGORITHM_SHA512 = 3;\n ALGORITHM_MD5 = 4;\n }\n\n enum DigitCount {\n DIGIT_COUNT_UNSPECIFIED = 0;\n DIGIT_COUNT_SIX = 1;\n DIGIT_COUNT_EIGHT = 2;\n }\n\n enum OtpType {\n OTP_TYPE_UNSPECIFIED = 0;\n OTP_TYPE_HOTP = 1;\n OTP_TYPE_TOTP = 2;\n }\n\n message OtpParameters {\n bytes secret = 1;\n string name = 2;\n string issuer = 3;\n Algorithm algorithm = 4;\n DigitCount digits = 5;\n OtpType type = 6;\n int64 counter = 7;\n }\n\n repeated OtpParameters otp_parameters = 1;\n int32 version = 2;\n int32 batch_size = 3;\n int32 batch_index = 4;\n int32 batch_id = 5;\n}',false,false)
	Regular_expression('User defined','"secret": "(.*)",',true,true,false,false,false,false,'List capture groups')
	From_Base64('A-Za-z0-9+/=',true)
	To_Base32('A-Z2-7=')

	5. Click "Load"
	6. Click "Open file as input" (top right) with your QR code as the input file.

	Notes on security (2023-08-11):
	For very small input files or when entering plain text, the CyberChef tool may append the input file to the fragment identifier of the URL in your browser (i.e. '?input=' in the '#' part of the URL). This information could remain in your local browser history, which is undesirable in the case of TOTP secrets.
	To prevent such information leakage through the browser history either clear the history entries afterwards, or use a private browsing window for the whole process, or uncheck the CyberChef option 'Update the URL when the input or recipe changes' in the top-right settings before uploading the input file. In any case do not share CyberChef URLs directly with anyone as they may contain input, instead use the 'Save recipe' button.