Bypass client-side checks for Duo Device Health Application.
WARNING: Multiple failed attempts will lock out you account. If you fail to auth with 2 consecutive attempts, wait for awhile before you try again. Alternatively reset your failed auth attempts by using another device (i.e. a phone) to successfully auth, and then try again.
WARNING: Tested and working on MacOS with Firefox only.
First make sure actual Duo Device Health app is not running
Then clone repo
git clone git@github.com:dzflack/duo-device-health.git
Modify the following fields HealthCheckStartTimestamp, HealthCheckEndTimestamp, DeviceID, DeviceName, HealthCheckLengthMillis
in main.go
Run main.go
go run main.go
2020/06/09 10:47:29 Listening on port 53106
With the use of environment variables, you can modify this program's behaviour:
DUO_LOCAL_TLS_CERT
and DUO_LOCAL_TLS_KEY
- Specify these as filepaths to a cert and key file. For use with Chrome, the cert should be signed by a CA (even if the CA is just you), and that CA's cert should be imported as an Authority in your Chrome settings.DUO_LOCAL_PORT
- Override port on which to listen.DEVICE_ID
, DEVICE_NAME
- Override DeviceID and DeviceName in the payload to duosecurity.com.OS
, OS_BUILD
, OS_VERSION
- Override Os, OsBuild, and OsVersion in the payload to duosecurity.com.DUO_CLIENT_VERSION
- Override DuoClientVersion in the payload to duosecurity.com.