search

RobThree / 2FACLIClient

LastPass 2FA CLI Client
https://lastpass.com
MIT License
6 stars 1 forks source link

error converting to datetimeoffset #1

Closed urrpurr closed 1 year ago

urrpurr commented 1 year ago

Hi,

I kept getting errors while trying to run "2fa.exe list". The error was happening in DateTimeOffsetJsonConverter.cs file. I divided by 1000 (assuming it was in milliseconds instead of seconds and got it to work for me)

public override DateTimeOffset Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
{
    long milliseconds = reader.GetInt64();
    long seconds = milliseconds / 1000;
    return DateTimeOffset.FromUnixTimeSeconds(seconds);
}
RobThree commented 1 year ago

That's weird; it works fine for me. Could you do me a favor and set a breakpoint here and inspect the json variable and let me know what the value of the version is and also share one or two creationTimestamp values?

For reference: For me, the version is 1 and some of my creationTimestamp values are 1658411764, 1688322160 and 1637764731...

Also the current function is:

public override DateTimeOffset Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
    => DateTimeOffset.FromUnixTimeSeconds(reader.GetInt64());

Why divide by 1000 'manually' when you could've used FromUnixTimeMilliseconds?

public override DateTimeOffset Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
    => DateTimeOffset.FromUnixTimeMilliseconds(reader.GetInt64());
RobThree commented 1 year ago

Since your creationTimestamp AND secret values seem to differ, I'm wondering, are you using a very old, or maybe a very new (beta? alpha) version of LastPass? What mobile platform (iOS, Android), if any, do you use?

urrpurr commented 1 year ago

Hi,

Great, the fix you put on the seconds works for me now. (I've zero experience in C# and Visual Studio so I was just playing around trying to get this program to work somehow for me :) )

I did a breakpoint at the line you mentioned and I got the following version at the top of the JSON "version": 3

My phone (Android) is pretty old so maybe I've some old lastpass version. It says "LastPass Authenticator 2.15.0" when I go go into "About" on the mobile device.

I have two lastpass accounts, one personal and one enterprise account. Was having the same problem when trying with both of those accounts.

RobThree commented 1 year ago

I did a breakpoint at the line you mentioned and I got the following version at the top of the JSON "version": 3

Oh, wow! I get version 1 😅 But I'm on iOS. It's version is 2.11.0.3191...

I guess we can assume this is fixed then.

I know I'm asking for A LOT, but would you mind sending me a redacted version of your JSON? You can change emails, secrets etc. all to XXX or something, and I only need about an entry or 2, 3 maybe just to see if there are more differences in your JSON compared to mine.

If not, that's ok too.

urrpurr commented 1 year ago

Hi, sure thing. Here is a redacted json. I specified all the fields that don't have value as string. Otherwise all the xxxx are string values.

{
    "deviceId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "deviceSecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "localDeviceId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "deviceName": "xxxxxxx",
    "version": 3,
    "accounts": [

        {
            "accountID": "xxxxxxxxxxxxx",
            "lmiUserId": "",
            "issuerName": "xxxxx",
            "originalIssuerName": "xxxx",
            "userName": "xxx@xxx.xxx",
            "originalUserName": "xxx@xxx.xxx",
            "pushNotification": false,
            "secret": "XXXXXXXXXXXXXXXXX",
            "timeStep": 30,
            "digits": 6,
            "creationTimestamp": xxx (int 13 character long, sometimes 6. Had few amazon accounts, some had 6 and some had 13),
            "isFavorite": false,
            "algorithm": "SHA1",
            "folderData": {
                "folderId": int,
                "position": int
            }
        },
        {
            "accountID": "xxxxxxxxxxxxxx",
            "lmiUserId": "",
            "issuerName": "Microsoft",
            "originalIssuerName": "Microsoft",
            "userName": "xxxxxxxxxx",
            "originalUserName": "xxxxxxxxxxx",
            "pushNotification": false,
            "secret": "xxxxxxxxxx" (microsoft was the only one that was all lowercase letters),
            "timeStep": 30,
            "digits": 6,
            "creationTimestamp": xxx (int 13 character long),
            "isFavorite": true,
            "algorithm": "SHA1",
            "folderData": {
                "folderId": int,
                "position": int
            }

    ],
    "folders": [
        {
            "id": 1,
            "name": "xxxxxxxxx",
            "isOpened": true
        },
        {
            "id": 0,
            "name": "xxxxxxxxxx",
            "isOpened": true
        }
    ]
}
RobThree commented 1 year ago

Great! Thanks! That is very helpful. I see some immediate differences (I don't have the folders, the pushNotification and folderData at first glance), so I can try to accommodate for that.

Thank you very much! I'll close this issue since the problem has been solved and I'll see what I can do to (more) properly parse version 3.

RobThree commented 1 year ago

Wait... You say:

"creationTimestamp": xxx (int 13 character long, sometimes 6. Had few amazon accounts, some had 6 and some had 13),

6? Wouldn't it be 10 or 13?

Can you provide one (or a few) of those 6-digit values?

urrpurr commented 1 year ago

Yeah it is weird, like in few of my keys it is on this form

,"creationTimestamp":100002,

"creationTimestamp":1690057483552, then in other keys

I am "pretty" sure the shorter version is in older keys. Some of them have the exact same provider (just different accounts). But the one I added earlier to my authenticator seem to have these 7 digit timestamps.

RobThree commented 1 year ago

"creationTimestamp":100002

That almost doesn't even look like a date... Weeeeeeird. But ok. It is what it is. Thanks, again! I have added support for "V3" data (but it (currently) doesn't add anything new) and a bunch of unittests. See efaf2593d6d31dfc0e464a618152d9e08699d97f.

urrpurr commented 1 year ago

Yeah, my thoughts too. It was just incremental, the next one was 100003 and then 1000004 and so on. Like they are referencing to some other data..

RobThree commented 1 year ago

@urrpurr It seems like LastPass has changed something; I can't decrypt the file anymore. Can you? Does this still work for you? (Create a backup of your vault and try a refresh please?)

I'm sorry to have to re-use this issue; I have no other way to contact you than to tag you.

RobThree commented 1 year ago

See 545365175bb7397e42a8156cfe50bc16396da93f