search

puddly / android-otp-extractor

Extracts OTP tokens from rooted Android devices
GNU General Public License v3.0
242 stars 22 forks source link

Extracting authy otps is failing with binascii.Error: Incorrect padding #52

Closed phixion closed 4 months ago

phixion commented 4 months ago

running Python 3.12.4 + latest commit of puddly/android-otp-extractor the phone is on lineageOS 21 (Android 14)

(env2) [phixion@cray env2]$ python -m android_otp_extractor --prepend-issuer --include authy -v
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] INFO Testing if your phone uses binary: 'toybox'
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] INFO Checking if adb already runs as root
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] INFO Listing contents of / as root
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Listing directory /
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] INFO Reading and hashing contents of build.prop as root
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Hashing file $ANDROID_ROOT/build.prop
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Trying to read file $ANDROID_ROOT/build.prop
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Successfully read 5400 bytes
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Hashing file $ANDROID_ROOT/build.prop
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Trying to read file $ANDROID_ROOT/build.prop
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Successfully read 5400 bytes
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] INFO Using command line utility binary: 'toybox'
2024-07-09 00:24:30 cray android_otp_extractor.apps[18210] INFO Reading Authy accounts
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Trying to read file $ANDROID_DATA/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml
2024-07-09 00:24:30 cray android_otp_extractor.adb[18210] DEBUG Successfully read 120385 bytes
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/home/phixion/env2/lib/python3.12/site-packages/android_otp_extractor/__main__.py", line 3, in <module>
    main()
  File "/home/phixion/env2/lib/python3.12/site-packages/android_otp_extractor/cli.py", line 62, in main
    accounts = apps.read_accounts(adb, enabled_apps)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/phixion/env2/lib/python3.12/site-packages/android_otp_extractor/apps.py", line 416, in read_accounts
    new = list(app.extractor(adb))
          ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/phixion/env2/lib/python3.12/site-packages/android_otp_extractor/apps.py", line 64, in read_authy_accounts
    secret = lenient_base32_decode(fixed_secret.upper())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/phixion/env2/lib/python3.12/site-packages/android_otp_extractor/otp.py", line 13, in lenient_base32_decode
    return base64.b32decode(data)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/base64.py", line 254, in b32decode
    return _b32decode(_b32alphabet, s, casefold, map01)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/base64.py", line 240, in _b32decode
    raise binascii.Error('Incorrect padding')
binascii.Error: Incorrect padding
puddly commented 4 months ago

I haven't updated this codebase in three years now so it's probably Authy has changed its on-disk format. You'll have to see what they changed.

phixion commented 4 months ago

PEBKAC: not all my totps wer unlocked (red padlock) in the app thats why decryptedSeed was empty in the xml and had your code fail. I have unlocked all totps and reran the code successfully.

Good night