Last active
January 3, 2018 19:22
-
-
Save shiona/c7d24622a8998b4b9915e1fd50fffdb3 to your computer and use it in GitHub Desktop.
Python3 translation of https://github.com/geel9/SteamAuth/tree/master/SteamAuth steam 2fa token computation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| from getpass import getpass | |
| from base64 import b64decode | |
| import time | |
| from Crypto.Hash import SHA, HMAC | |
| import gnupg | |
| STEAM_CODE_TRANS = "23456789BCDFGHJKMNPQRTVWXY" | |
| # If the timezones don't match between the computer this is run on and | |
| # the mobile device, try playing with this. (3600 = seconds in hour) | |
| TIME_DIFF = 0 * 3600 | |
| def potp(secret, t = None): | |
| if t == None: | |
| t = time.time() | |
| timestamp = int(t) + TIME_DIFF | |
| timearray = bytearray.fromhex('{:016x}'.format(int(timestamp/30))) | |
| time_left = 30 - (timestamp % 30) | |
| hmac = bytearray(HMAC.new(secret, timearray, SHA).digest()) | |
| b = hmac[19] & 0xf | |
| cp = (hmac[b] & 0x7F) << 24 | (hmac[b+1] & 0xff) << 16 | (hmac[b+2] & 0xff) << 8 | (hmac[b+3] & 0xff) | |
| code = "" | |
| for _ in range(5): | |
| code += STEAM_CODE_TRANS[cp % len(STEAM_CODE_TRANS)] | |
| cp = int(cp / len(STEAM_CODE_TRANS)) | |
| return (code, time_left) | |
| def main(): | |
| passwd = getpass() | |
| gpg = gnupg.GPG() | |
| with open("secret.gpg", 'rb') as sfile: | |
| dec = gpg.decrypt_file(sfile, passphrase=passwd) | |
| if not dec.ok: | |
| print("incorrect password") | |
| return | |
| else: | |
| while 1: | |
| print(potp(b64decode(dec.data))) | |
| print("Get another?") | |
| if input() != 'y': | |
| break | |
| if __name__ == "__main__": | |
| main() |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
to get the secret key: https://github.com/SteamTimeIdler/stidler/wiki/Getting-your-%27shared_secret%27-code-for-use-with-Auto-Restarter-on-Mobile-Authentication
to encrypt it:
gpg -c secret(assuming you have saved the secret key from above into file calledsecret). Give it a good password. Remember to delete the cleartext file afterwards!