GitLab Commit is coming up on August 3-4. Learn how to innovate together using GitLab, the DevOps platform. Register for free:

Commit ee06aa0c authored by Ruben ten Hove's avatar Ruben ten Hove 🚵
Browse files

Update content/blog/

parent c4945ff2
type: post
title: Decrypting BinaryBoot TOTP Authenticator backup
title: Decrypting a BinaryBoot TOTP Authenticator backup
date: 2021-02-27
- aes
......@@ -48,13 +48,26 @@ decrypted = decrypt_with_AES(binary, password_hash)
# The content is a key value pair, of which the key contains a
# list of key-value blocks with our data.
tokens = json.loads(list(json.loads(decrypted))[0])
entries = json.loads(list(json.loads(decrypted))[0])
# Finally, write the resulting json to a file.
with open("backup.json", "w") as f:
json.dump(tokens, f)
json.dump(entries, f)
# We find out the seeds have been encoded, so we will decode
# these as well. Quite simple luckily: hex encoded byte arrays from
# which we retrieve the base32 seed.
readable = ""
for entry in entries:
encoded = entry["key"]
decoded = bytes.fromhex(encoded)
recoded = base64.b32encode(decoded).decode()
readable += f"{entry['issuer']} / {entry['name']}: {recoded}\n"
# Don't use any padding characters (=) when setting the seed
with open("backup.txt", "w") as f:
The tokens here are sadly not usable as seeds for TOTP. That's for another time!
With many thanks to my good friend `Eddy`.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment