Aug
9
遥想第一次听说Google Authenticator已经是 7年前的事情 了,那时候它还托管在 Google Code 上(缅怀)。
说来惭愧,那会儿我就已经用着 SecureCRT 好几年了,就在D厂的时候大家都在用的那个D版。今年终于咬牙买了个正版,突然意识到它的Logon Script可以用来搞这个两步认证,上网搜了一下,已经有大神写好放在 gist 上了,于是抄了一把,略作改动,贴在这里。
注意:
1. 记得要把 SecureCRT session option里 Login Actions → "Display logon prompts in terminal window" 勾上。
2. 这个版本是windows版用的,保存成py文件;用mac版的同学,要看下scrt的脚本引擎是py2还是py3,py3的话,得用原作者这个 gist 里的另一个版本
REF:
https://gist.github.com/hex-ci/a8c58ac049c4b3a05ef2d6f9d98193c2
转载请注明出自 ,如是转载文则注明原出处,谢谢:)
RSS订阅地址: https://www.felix021.com/blog/feed.php 。
说来惭愧,那会儿我就已经用着 SecureCRT 好几年了,就在D厂的时候大家都在用的那个D版。今年终于咬牙买了个正版,突然意识到它的Logon Script可以用来搞这个两步认证,上网搜了一下,已经有大神写好放在 gist 上了,于是抄了一把,略作改动,贴在这里。
注意:
1. 记得要把 SecureCRT session option里 Login Actions → "Display logon prompts in terminal window" 勾上。
2. 这个版本是windows版用的,保存成py文件;用mac版的同学,要看下scrt的脚本引擎是py2还是py3,py3的话,得用原作者这个 gist 里的另一个版本
# $language = "python"
# $interface = "1.0"
import hmac, base64, struct, hashlib, time, json, os
TOTP_KEY = 'YOUR_TOTP_KEY'
YOUR_PASSWD = 'PASSWORD'
def get_hotp_token(secret, intervals_no):
"""This is where the magic happens."""
key = base64.b32decode(normalize(secret), True) # True is to fold lower into uppercase
msg = struct.pack(">Q", intervals_no)
h = hmac.new(key, msg, hashlib.sha1).digest()
o = ord(h[19]) & 15
h = str((struct.unpack(">I", h[o:o+4])[0] & 0x7fffffff) % 1000000)
return prefix0(h)
def get_totp_token(secret):
"""The TOTP token is just a HOTP token seeded with every 30 seconds."""
return get_hotp_token(secret, intervals_no=int(time.time())//30)
def normalize(key):
"""Normalizes secret by removing spaces and padding with = to a multiple of 8"""
k2 = key.strip().replace(' ','')
# k2 = k2.upper() # skipped b/c b32decode has a foldcase argument
if len(k2)%8 != 0:
k2 += '='*(8-len(k2)%8)
return k2
def prefix0(h):
"""Prefixes code with leading zeros if missing."""
if len(h) < 6:
h = '0'*(6-len(h)) + h
return h
def main():
tab = crt.GetScriptTab()
if tab.Session.Connected != True:
crt.Dialog.MessageBox("Session Not Connected")
return
tab.Screen.Synchronous = True
tab.Screen.WaitForStrings(['[MFA auth]:'])
vc = get_totp_token(TOTP_KEY)
tab.Screen.Send("{vc}\r\n".format(vc=vc))
tab.Screen.WaitForStrings(['Opt>'])
tab.Screen.Send("relay2\r\n")
if tab.Screen.WaitForString('password:', 1):
tab.Screen.Send("{pwd}\r\n".format(pwd=YOUR_PASSWD)) #鄙厂的relay后面还有个relay
return
main()
# $interface = "1.0"
import hmac, base64, struct, hashlib, time, json, os
TOTP_KEY = 'YOUR_TOTP_KEY'
YOUR_PASSWD = 'PASSWORD'
def get_hotp_token(secret, intervals_no):
"""This is where the magic happens."""
key = base64.b32decode(normalize(secret), True) # True is to fold lower into uppercase
msg = struct.pack(">Q", intervals_no)
h = hmac.new(key, msg, hashlib.sha1).digest()
o = ord(h[19]) & 15
h = str((struct.unpack(">I", h[o:o+4])[0] & 0x7fffffff) % 1000000)
return prefix0(h)
def get_totp_token(secret):
"""The TOTP token is just a HOTP token seeded with every 30 seconds."""
return get_hotp_token(secret, intervals_no=int(time.time())//30)
def normalize(key):
"""Normalizes secret by removing spaces and padding with = to a multiple of 8"""
k2 = key.strip().replace(' ','')
# k2 = k2.upper() # skipped b/c b32decode has a foldcase argument
if len(k2)%8 != 0:
k2 += '='*(8-len(k2)%8)
return k2
def prefix0(h):
"""Prefixes code with leading zeros if missing."""
if len(h) < 6:
h = '0'*(6-len(h)) + h
return h
def main():
tab = crt.GetScriptTab()
if tab.Session.Connected != True:
crt.Dialog.MessageBox("Session Not Connected")
return
tab.Screen.Synchronous = True
tab.Screen.WaitForStrings(['[MFA auth]:'])
vc = get_totp_token(TOTP_KEY)
tab.Screen.Send("{vc}\r\n".format(vc=vc))
tab.Screen.WaitForStrings(['Opt>'])
tab.Screen.Send("relay2\r\n")
if tab.Screen.WaitForString('password:', 1):
tab.Screen.Send("{pwd}\r\n".format(pwd=YOUR_PASSWD)) #鄙厂的relay后面还有个relay
return
main()
REF:
https://gist.github.com/hex-ci/a8c58ac049c4b3a05ef2d6f9d98193c2
欢迎扫码关注:
转载请注明出自 ,如是转载文则注明原出处,谢谢:)
RSS订阅地址: https://www.felix021.com/blog/feed.php 。