search

scito / extract_otp_secrets

Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured by camera, read from images, or read from text files. The secrets can be exported to JSON or CSV, or printed as QR codes to console.
https://scito.ch/content/extract-secret-keys-google-authenticator-qr-export
GNU General Public License v3.0
1.16k stars 138 forks source link

google.protobuf.message.DecodeError: Error parsing message When trying to decode multiple accounts. #15

Closed MachineGalaxy closed 2 years ago

MachineGalaxy commented 2 years ago

When trying to decode multiple accounts, I get the error: 

Traceback (most recent call last):
  File "extract_otp_secret_keys.py", line 217, in <module>
    sys_main()
  File "extract_otp_secret_keys.py", line 57, in sys_main
    main(sys.argv[1:])
  File "extract_otp_secret_keys.py", line 66, in main
    otps = extract_otps(args)
  File "extract_otp_secret_keys.py", line 98, in extract_otps
    payload = get_payload_from_line(line, i, args)
  File "extract_otp_secret_keys.py", line 138, in get_payload_from_line
    payload.ParseFromString(data)
google.protobuf.message.DecodeError: Error parsing message

I tried only exporting a single account, and that worked fine. However, anything more and the problem fails regardless if they are in a single QR code or multiple.

Windows 10 Python 3.7.3 protobuf-4.21.5 qrcode-7.3.1

scito commented 2 years ago

It seems to work for. I cannot reproduce it.

The following command works for me.

python extract_otp_secret_keys.py example_export.txt

Can you try it? What is the result of it?

MachineGalaxy commented 2 years ago

So the example_export.txt works fine. My guess is that its something to do with the export I got. I also tried this on a VM with a fresh install of Windows and got the same error.

scito commented 2 years ago

I've enabled base64 decode validation on master. This change excludes base64 decode problems. Can you try with the latest master?

The problems seems to be in protobuf.

Can you try with other exports?

I need to reproduce your problem on my computer, otherwise I cannot analyze the problem. Can you send me steps for reproduction of the problem? (BTW: Do not send the original file with your secrets.)

MachineGalaxy commented 2 years ago

The export still fails. However, this time, it's failing with the error:

Traceback (most recent call last):
  File "Z:\Shared Folder\extract_otp_secret_keys-master\extract_otp_secret_keys.py", line 217, in <module>
    sys_main()
  File "Z:\Shared Folder\extract_otp_secret_keys-master\extract_otp_secret_keys.py", line 57, in sys_main
    main(sys.argv[1:])
  File "Z:\Shared Folder\extract_otp_secret_keys-master\extract_otp_secret_keys.py", line 66, in main
    otps = extract_otps(args)
  File "Z:\Shared Folder\extract_otp_secret_keys-master\extract_otp_secret_keys.py", line 98, in extract_otps
    payload = get_payload_from_line(line, i, args)
  File "Z:\Shared Folder\extract_otp_secret_keys-master\extract_otp_secret_keys.py", line 136, in get_payload_from_line
    data = base64.b64decode(data_encoded, validate=True)
  File "C:\Users\ProjectNoir\AppData\Local\Programs\Python\Python310\lib\base64.py", line 86, in b64decode
    raise binascii.Error('Non-base64 digit found')
binascii.Error: Non-base64 digit found

For steps to reproduce, I've created some fake accounts on a local server, added 2FA to them and then deleted the accounts, so it is safe to send for testing as the accounts are no longer active. I've made sure that they also fail to export.

2FA Fake Accounts.txt 2FA Fake Account Secrets.txt

scito commented 2 years ago

Thanks for your test data!

I could reproduce and fix the problem.

Can you test if it works?

MachineGalaxy commented 2 years ago

Yup, that's fixed the issue. Thanks