https://github.com/ptrcnull/openftm
Open-source FortiToken TOTP generator
https://github.com/ptrcnull/openftm
Last synced: about 1 year ago
JSON representation
Open-source FortiToken TOTP generator
- Host: GitHub
- URL: https://github.com/ptrcnull/openftm
- Owner: ptrcnull
- Created: 2021-10-13T15:22:15.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-01-02T16:51:30.000Z (over 3 years ago)
- Last Synced: 2025-04-11T17:51:03.243Z (about 1 year ago)
- Language: Python
- Size: 1000 Bytes
- Stars: 28
- Watchers: 4
- Forks: 11
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# openftm
Open-source implementation of FortiToken's TOTP algorithm.
You can extract the actual TOTP seed and use it with apps like [KeePassXC](https://keepassxc.org/) or [andOTP](https://github.com/andOTP/andOTP), make sure to set the period to 60 seconds.
## Prequisites
For this to work, you need to extract 2 things - [SSAID](https://developer.android.com/reference/android/provider/Settings.Secure#ANDROID_ID) and encrypted seed.
This needs root access on your Android device.
### SSAID
Run this command in a rooted shell:
```
# grep com.fortinet /data/system/users/0/settings_ssaid.xml
```
Output should look like this:
```xml
```
Copy the value from quotes and paste it to the script as `android_ssaid`.
### Seed
The seed is stored in app's database: `/data/data/com.fortinet.android.ftm/databases/FortiToken.db`
You can copy the file and open it with an SQLite3 editor, or run this command: (I know it's ugly, but does the job)
```
# grep -Eao 'totp.{64}' /data/data/com.fortinet.android.ftm/databases/FortiToken.db | cut -c5-
```
Copy the output and paste it as `seed`.
## Usage
Install requirements with `pip3 install -U -r requirements.txt`, then run with `python3 generate.py`.
## Disclaimer
All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.