mirror of https://github.com/xBytez/duo-cli
Update activation code.
The duo activation process has changed, the server now expects way more information from the client as well as a new URL scheme. Make the server happy, provide some fake data. Save server response as a response.json file for later use. Sanity check response, abort if no secret was passed.
This commit is contained in:
parent
389909b424
commit
5cb5600104
|
@ -11,26 +11,35 @@ if len(sys.argv) < 2:
|
||||||
print "Usage: python duo_bypass.py <url to duo qr>"; exit()
|
print "Usage: python duo_bypass.py <url to duo qr>"; exit()
|
||||||
|
|
||||||
qr_url = sys.argv[1]
|
qr_url = sys.argv[1]
|
||||||
data = qr_url #unquote(qr_url.split('=')[1])
|
|
||||||
|
|
||||||
hostb64 = data.split('-')[1]
|
host = 'api-%s' % (qr_url.split('/')[2].split('-')[1],)
|
||||||
|
code = qr_url.rsplit('/',1)[1]
|
||||||
|
|
||||||
print "hostb64", hostb64
|
url = 'https://{host}/push/v2/activation/{code}?customer_protocol=1'.format(host=host, code=code)
|
||||||
|
headers = {'User-Agent': 'okhttp/2.7.5'}
|
||||||
|
data = {'jailbroken': 'false',
|
||||||
|
'architecture': 'armv7',
|
||||||
|
'region': 'US',
|
||||||
|
'app_id': 'com.duosecurity.duomobile',
|
||||||
|
'full_disk_encryption': 'true',
|
||||||
|
'passcode_status': 'true',
|
||||||
|
'platform': 'Android',
|
||||||
|
'app_version': '3.23.0',
|
||||||
|
'app_build_number': '323001',
|
||||||
|
'version': '8.1',
|
||||||
|
'manufacturer': 'unknown',
|
||||||
|
'language': 'en',
|
||||||
|
'model': 'Pixel C',
|
||||||
|
'security_patch_level': '2018-12-01'}
|
||||||
|
|
||||||
host = base64.b64decode(hostb64 + '='*(-len(hostb64) % 4))
|
r = requests.post(url, headers=headers, data=data)
|
||||||
code = data.split('-')[0]
|
|
||||||
|
|
||||||
print "host", host
|
|
||||||
print "code", code
|
|
||||||
|
|
||||||
url = 'https://{host}/push/v2/activation/{code}'.format(host=host, code=code)
|
|
||||||
r = requests.post(url)
|
|
||||||
response = json.loads(r.text)
|
response = json.loads(r.text)
|
||||||
|
|
||||||
print "url", url
|
try:
|
||||||
print "r", r
|
|
||||||
print "response", response
|
|
||||||
secret = base64.b32encode(response['response']['hotp_secret'])
|
secret = base64.b32encode(response['response']['hotp_secret'])
|
||||||
|
except KeyError:
|
||||||
|
print response
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
print "secret", secret
|
print "secret", secret
|
||||||
|
|
||||||
|
@ -45,3 +54,6 @@ f.write(secret + "\n")
|
||||||
f.write("0")
|
f.write("0")
|
||||||
f.close()
|
f.close()
|
||||||
|
|
||||||
|
with open('response.json', 'w') as resp:
|
||||||
|
resp.write(r.text)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue