Skip to content

Instantly share code, notes, and snippets.

@otms61

otms61/hotp.py

Last active September 3, 2018 05:55
Show Gist options
  • Save otms61/5e87c62630abbaea537abdf81bcda6fe to your computer and use it in GitHub Desktop.
Save otms61/5e87c62630abbaea537abdf81bcda6fe to your computer and use it in GitHub Desktop.
Download ZIP
A command-line tool for google authenticator verify code.
Raw
hotp.py
import hashlib
import hmac
import time
import struct
import base64
def compute_code(key):
t = int(time.time())
ts = t / 30
ts_packed = struct.pack('>Q', ts)
key_byte = base64.b32decode(key, casefold=True)
hmac_result = bytearray(hmac.new(key_byte, ts_packed, hashlib.sha1).digest())
offset = hmac_result[19] & 0xf
bin_code = ((hmac_result[offset] & 0x7f) << 24) \
| ((hmac_result[offset + 1] & 0xff) << 16) \
| ((hmac_result[offset + 2] & 0xff) << 8) \
| (hmac_result[offset + 3] & 0xff)
bin_code = bin_code % 10**6
return bin_code
# [guest@dd2bb0e7f6d0 ~]$ head -n 1 ~/.google_authenticator
# 3NWUJKAV3X5UK36V
key = "3NWUJKAV3X5UK36V"
print compute_code(key)
@otms61
Copy link
Author

otms61 commented Oct 30, 2016
edited
Loading 

[guest@dd2bb0e7f6d0 ~]$ head -n 1 ~/.google_authenticator
3NWUJKAV3X5UK36V
$ python hotp.py
856427
$ ssh  -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null guest@localhost -p 11022
Warning: Permanently added '[localhost]:11022' (RSA) to the list of known hosts.
Verification code:
[guest@dd2bb0e7f6d0 ~]$

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment