Usage without system-wide ADB
Madis0 opened this issue · comments
I am using:
- Manjaro 17.1.10 (latest stable)
- Python 3.6.5
- this script from 34337a6
- Authy 23.2.6
- AndOTP 0.5.1
- Android 8.1 (June 5 patch)
- Magisk 16.0
Here's how I tried to use this script:
- Got ADB from Google (guess I could've gotten it through some AUR package but didn't want to try them all)
- Got this script
.pyfile - Unpacked both
- Ran
./adb devicesin it's directory to make sure it connects to the phone - Ran
python extract_otp_tokens.pyto see what happens, obviouslyFileNotFoundError: [Errno 2] No such file or directory: 'adb': 'adb' - Moved
adbto same folder as the script, replaced'adb'with'./adb'in the script to make it work - Ran
python extract_otp_tokens.py, accepted root permission on phone - Got a bit confused due to lack of output, so ran
python extract_otp_tokens.py --show-qr file:///tmp/tmp...opened in (where...is a random ending string) browser with title "OTP QR Codes" and no content (source is valid HTML though)- Tried
python extract_otp_tokens.py --andotp-backup ANDOTP_BACKUPwhich produced file ANDOTP_BACKUP with contents[]
The succeeded commands had the following log in terminal:
Listing directory /data/data
Reading file /data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml
Reading file /data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authy.xml
Reading file /data/data/com.duosecurity.duomobile/files/duokit/accounts.json
Reading file /data/data/org.fedorahosted.freeotp/shared_prefs/tokens.xml
Reading file /data/data/com.google.android.apps.authenticator2/databases/databases
Reading file /data/data/com.azure.authenticator/databases/PhoneFactor
Listing directory /data/data/com.valvesoftware.android.steam.community/files
Any ideas?
The location of adb should make no difference. Do any XML files exist in /data/data/com.authy.authy/shared_prefs/?
Yes, there are several of them.
Does running adb shell 'su -c "toybox base64 /data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml"' | base64 --decode successfully read the file?
It writes the file to terminal, though it seems to be unescaped HTML-style, lots of "s.
That's expected, but it's strange that no accounts are being parsed from the file. I can't reproduce this issue on any of my devices with the latest version of Authy installed.
Can check to see how far read_authy_accounts actually progresses before breaking? Does adb_read_file actually produce a valid BytesIO object or does it throw an error? Is the accounts variable properly populated? You can just litter the function with print calls to see what happens.
Not experienced with Python, so did indeed try print statements. Apparently neither of the Authy files are found by the script.
The exact command that is run is:
adb shell 'su -c "toybox base64 /data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml /3bb22bb739c29e435151cb38"'
The output should look like:
lotsofbase64lotsofbase64
lotsofbase64lotsofbase64
lotsofbase64lotsofbase64
lotsofbase64=
base64: /3bb22bb739c29e435151cb38: No such file or directory
Is this what you see? Are you using just a stock Android 8.1 ROM? If so, I will try emulating it to see if something changed.
I see the same indeed. I am using a custom ROM called OmniROM with it's 24 Jul patch for OnePlus 5T.
I think I see the problem. You only replaced the first instance of adb in the script with ./adb. There are four instances. A proper solution would be to fix your PATH to temporarily include the current folder so adb refers to the right binary:
PATH=.:$PATH python extract_otp_tokens.py
That finally worked. Thank you!