Skip to content

Zero Factor Authentication

Dear Internet, Today I Learned that oath-toolkit exists in Homebrew.

So, this is a thing:

$ brew install oath-toolkit
$ alias totp='oathtool --totp -b YOURSECRET32BLA | pbcopy'

And so is this:

#! /usr/bin/env expect -f
 
set totp [ exec oathtool --totp -b MYSECRET7W22 ]
 
spawn ssh verysecure.doma.in
expect "Password:"
sleep 1
send "thisIsN0t1GoodPaszwort@\r"
expect "Two Factor Token:"
sleep 1
send "$totp\n"
interact

Yup, it’s totally possible to laugh and cry at the same time.

Published inErklärbärFluffy FluffHackerterrorcybercyber

3 Comments

  1. Martin

    I hope nobody is surprised. When you check public webcams, you will probably find more than a dozen cams that will show a RSA token live…..

Leave a Reply

Your email address will not be published. Required fields are marked *