Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add authenticator2john.py to extract authenticator app passwords. Closes #4893 #4898

Open
wants to merge 2 commits into
base: bleeding-jumbo
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion doc/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,10 @@ Major changes from 1.9.0-jumbo-1 (May 2019) in this bleeding-edge version:
large portion of a mask should be generated on device-side (or completely
disabling internal mask). [magnum; 2021]

- Added authenticator2john.py: script to extract and format
https://github.com/JeNeSuisPasDave/authenticator app passwords.
[Mark Silinio; 2021]

- Add a format class "vector" for matching vector capable OpenCL formats. This
doesn't include bitslice formats. It matches formats that will run SIMD
using the default GPU, or per the --device option. [magnum; 2021]
Expand Down Expand Up @@ -305,7 +309,6 @@ Major changes from 1.9.0-jumbo-1 (May 2019) in this bleeding-edge version:

- Added krb5tgs-sha1[-opencl] formats for etypes 17 and 18. [magnum; 2023]


Major changes from 1.8.0-jumbo-1 (December 2014) to 1.9.0-jumbo-1 (May 2019):

- Updated to 1.9.0 core, which brought the following relevant major changes:
Expand Down
35 changes: 35 additions & 0 deletions run/authenticator2john.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
#!/usr/bin/env python

# This software is Copyright (c) 2021 Mark Silinio <mark.silinio-at-gmail.com>,
# and it is hereby released to the general public under the following terms:
# Redistribution and use in source and binary forms, with or without
# modification, are permitted.
#
# Extract and format https://github.com/JeNeSuisPasDave/authenticator app password for cracking with JtR
# Usage: ./authenticator2john.py <authenticator.data file>

import os
import sys
from binascii import hexlify

if len(sys.argv) < 2:
print('Usage: ./authenticator2john.py <authenticator.data files>')
exit(1)

filenames = sys.argv[1:]

for filename in filenames:
bname = os.path.basename(filename)
try:
f = open(filename, "rb")
data = f.read()
except IOError:
e = sys.exc_info()[1]
sys.stderr.write("%s\n" % str(e))
exit(1)

iv = data[:16]
encrypted_data = data[16:32]
iv = hexlify(iv).decode("ascii")
encrypted_data = hexlify(encrypted_data).decode("ascii")
sys.stdout.write("%s:$authenticator$0$%s$%s\n" % (bname, iv, encrypted_data))