Google Authenticator Backup Tool enables you to export OTP accounts from qr codes.
You can find an example google authenticator export at data/example.png.
To run gabut locally, make sure the virtual environment is properly setup and all requirements are installed by running:
make prepareAnd then activate the virtual environment run the cli tool via:
. bin/activate
python3 gabut.py -VWhen installed you can simply use:
gabut -VChecks an image for a google authenticator backup qr code and prints the urls found within the image.
gabut recognize data/example.pngExample result:
otpauth-migration://offline?data=CjMKFDFENjc5QzE3RTkzRTJFRTAyMkZBEgl0ZXNzZXJhY3QaCm11bHRpdmVyc2UgASgBMAIQARgBIAA%3DRuns main script on image at data/example.png as input. You can specify multiple screenshot files. All accounts will be merged into one list.
gabut export data/example.pngResult:
[
{
"type": "totp",
"key": "GFCDMNZZIMYTORJZGNCTERKFGAZDERSB",
"name": "tesseract",
"issuer": "multiverse",
"digits": 6,
"algorithm": "SHA1",
"counter": 0,
"interval": 30
}
]gabut export -u data/example.pngResult:
otpauth://totp/tesseract?secret=GFCDMNZZIMYTORJZGNCTERKFGAZDERSB&issuer=multiverse&algorithm=SHA1&digits=6&period=30
As good practice, make sure to not put your password into the command directly, so it can't be retrived throuth the shell history or process list.
gabut export -e -p $(cat data/example.key) data/example.pngResult:
ipF7Iix72KCQ9g8gd8lUe0L4EBAaxcZfQILjFHwktEDZuS+9LoLFWVDVmH57Nn/L4w7i5ux3f+Y4flpjHAPtEFnL6f2osMTEZnX3H4ar1TQXUxYRoVQCBkmDvcOhWzFuPgmP9WWpWUWlnnUpQgf7UoXlSC8FvRml7q7XgcuKvcbPvKe2sjIT2ET4hws9lhdFPJl4SvlBwXjpFxa46bpPKC9vKJHGXnJ4AePtpD9aS08PNuIRCJRZ5vDCG8lVUcPk
gabut load -d -p $(cat data/example.key) data/example.encResult:
[
{
"type": "totp",
"key": "GFCDMNZZIMYTORJZGNCTERKFGAZDERSB",
"name": "tesseract",
"issuer": "multiverse",
"digits": 6,
"algorithm": "SHA1",
"counter": 0,
"interval": 30
}
]