elliotwutingfeng/2fas-backup-decryptor

# 2FAS Backup Decryptor [](https://ruby-lang.org) [](https://coveralls.io/github/elliotwutingfeng/2fas-backup-decryptor?branch=main) [](LICENSE) 用于解密从 [2FAS Authenticator 应用](https://2fas.com)导出的备份文件的 CLI 工具。 本应用程序既不隶属于 Two Factor Authentication Service, Inc.，也不隶属于 2FAS。 ## 环境要求 - **Ruby：** 2.5+/3.0+，无需外部 gems - **OpenSSL：** 1.0.2+/3.0+ - 在终端中运行以下命令，以查看你的 Ruby 解释器的 [OpenSSL](https://openssl.org) 版本 ruby -e "require 'openssl'; puts OpenSSL::OPENSSL_LIBRARY_VERSION" # 示例输出 # OpenSSL 3.4.0 2024年10月22日 - 不支持 [LibreSSL](https://libressl.org) - **操作系统：** Windows、macOS 或 Linux ### 安全性 ## 示例 **文件：** `test/encrypted_test.2fas` **密码：** `example.com` ``` # 在提示时输入上述密码 ruby lib/decrypt.rb test/encrypted_test.2fas ``` 你应该会得到以下明文 JSON 输出。 ``` [{"name":"Deno","secret":"4SJHB4GSD43FZBAI7C2HLRJGPQ","updatedAt":1708958115316,"otp":{"label":"Mason","account":"Mason","issuer":"Deno","digits":6,"period":30,"algorithm":"SHA1","tokenType":"TOTP","source":"Link"},"order":{"position":0},"icon":{"selected":"Label","label":{"text":"DE","backgroundColor":"Brown"},"iconCollection":{"id":"a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}},{"name":"SPDX","secret":"5OM4WOOGPLQEF6UGN3CPEOOLWU","updatedAt":1708958115348,"otp":{"label":"James","account":"James","issuer":"SPDX","digits":7,"period":30,"algorithm":"SHA256","tokenType":"TOTP","source":"Link"},"order":{"position":1},"icon":{"selected":"Label","label":{"text":"SP","backgroundColor":"Red"},"iconCollection":{"id":"a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}},{"name":"Airbnb","secret":"7ELGJSGXNCCTV3O6LKJWYFV2RA","updatedAt":1708958115376,"otp":{"label":"Elijah","account":"Elijah","issuer":"Airbnb","digits":8,"period":60,"algorithm":"SHA512","tokenType":"TOTP","source":"Link"},"order":{"position":2},"icon":{"selected":"Label","label":{"text":"AI","backgroundColor":"Pink"},"iconCollection":{"id":"a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}},{"name":"Boeing","secret":"JRZCL47CMXVOQMNPZR2F7J4RGI","updatedAt":1708958115391,"otp":{"label":"Sophia","account":"Sophia","issuer":"Boeing","digits":5,"period":10,"algorithm":"SHA1","tokenType":"STEAM","source":"Link"},"order":{"position":3},"icon":{"selected":"Label","label":{"text":"BO","backgroundColor":"Brown"},"iconCollection":{"id":"a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}},{"name":"Air Canada","secret":"KUVJJOM753IHTNDSZVCNKL7GII","updatedAt":1708958401763,"otp":{"link":"otpauth://hotp/Benjamin?secret=KUVJJOM753IHTNDSZVCNKL7GII&issuer=Air%20Canada&counter=10&algorithm=SHA256&digits=8","label":"Benjamin","account":"Benjamin","issuer":"Air Canada","digits":8,"algorithm":"SHA256","counter":10,"tokenType":"HOTP","source":"Link"},"order":{"position":4},"icon":{"selected":"Label","label":{"text":"AI","backgroundColor":"Brown"},"iconCollection":{"id":"a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"}}}] ``` ### 其他格式 你还可以添加 `-f / --format` 选项，将明文输出打印为 `csv`，或者打印为用空格填充的 `pretty` 类 CSV 字符串。 #### csv ``` # 在提示时输入上述密码 ruby lib/decrypt.rb test/encrypted_test.2fas -f csv ``` ``` icon.iconCollection.id,icon.label.backgroundColor,icon.label.text,icon.selected,name,order.position,otp.account,otp.algorithm,otp.counter,otp.digits,otp.issuer,otp.label,otp.link,otp.period,otp.source,otp.tokenType,secret,updatedAt a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad,Brown,DE,Label,Deno,0,Mason,SHA1,,6,Deno,Mason,,30,Link,TOTP,4SJHB4GSD43FZBAI7C2HLRJGPQ,1708958115316 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad,Red,SP,Label,SPDX,1,James,SHA256,,7,SPDX,James,,30,Link,TOTP,5OM4WOOGPLQEF6UGN3CPEOOLWU,1708958115348 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad,Pink,AI,Label,Airbnb,2,Elijah,SHA512,,8,Airbnb,Elijah,,60,Link,TOTP,7ELGJSGXNCCTV3O6LKJWYFV2RA,1708958115376 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad,Brown,BO,Label,Boeing,3,Sophia,SHA1,,5,Boeing,Sophia,,10,Link,STEAM,JRZCL47CMXVOQMNPZR2F7J4RGI,1708958115391 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad,Brown,AI,Label,Air Canada,4,Benjamin,SHA256,10,8,Air Canada,Benjamin,otpauth://hotp/Benjamin?secret=KUVJJOM753IHTNDSZVCNKL7GII&issuer=Air%20Canada&counter=10&algorithm=SHA256&digits=8,,Link,HOTP,KUVJJOM753IHTNDSZVCNKL7GII,1708958401763 ``` #### pretty ``` # 在提示时输入上述密码 ruby lib/decrypt.rb test/encrypted_test.2fas -f pretty ``` ``` icon.iconCollection.id icon.label.backgroundColor icon.label.text icon.selected name order.position otp.account otp.algorithm otp.counter otp.digits otp.issuer otp.label otp.link otp.period otp.source otp.tokenType secret updatedAt a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad Brown DE Label Deno 0 Mason SHA1 6 Deno Mason 30 Link TOTP 4SJHB4GSD43FZBAI7C2HLRJGPQ 1708958115316 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad Red SP Label SPDX 1 James SHA256 7 SPDX James 30 Link TOTP 5OM4WOOGPLQEF6UGN3CPEOOLWU 1708958115348 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad Pink AI Label Airbnb 2 Elijah SHA512 8 Airbnb Elijah 60 Link TOTP 7ELGJSGXNCCTV3O6LKJWYFV2RA 1708958115376 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad Brown BO Label Boeing 3 Sophia SHA1 5 Boeing Sophia 10 Link STEAM JRZCL47CMXVOQMNPZR2F7J4RGI 1708958115391 a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad Brown AI Label Air Canada 4 Benjamin SHA256 10 8 Air Canada Benjamin otpauth://hotp/Benjamin?secret=KUVJJOM753IHTNDSZVCNKL7GII&issuer=Air%20Canada&counter=10&algorithm=SHA256&digits=8 Link HOTP KUVJJOM753IHTNDSZVCNKL7GII 1708958401763 ``` ### 隐藏不需要的字段 当 `-f / --format` 选项设置为 `csv` 或 `pretty` 时，你可以使用 `-e / --except` 选项来隐藏不需要的字段。不存在的字段将被静默忽略。 ``` # 在提示时输入上述密码 ruby lib/decrypt.rb test/encrypted_test.2fas -f pretty -e icon.iconCollection.id,icon.label.backgroundColor,icon.label.text,icon.selected,order.position,otp.link,name,otp.account,otp.source,updatedAt ``` ``` otp.algorithm otp.counter otp.digits otp.issuer otp.label otp.period otp.tokenType secret SHA1 6 Deno Mason 30 TOTP 4SJHB4GSD43FZBAI7C2HLRJGPQ SHA256 7 SPDX James 30 TOTP 5OM4WOOGPLQEF6UGN3CPEOOLWU SHA512 8 Airbnb Elijah 60 TOTP 7ELGJSGXNCCTV3O6LKJWYFV2RA SHA1 5 Boeing Sophia 10 STEAM JRZCL47CMXVOQMNPZR2F7J4RGI SHA256 10 8 Air Canada Benjamin HOTP KUVJJOM753IHTNDSZVCNKL7GII ``` ## 测试 ``` gem install bundler bundle install bundle exec rspec -r spec_helper ``` ## 将 Bundled Gems 放入本地 ``` rm -rf vendor/ gem unpack csv --target=vendor/gems/ ``` 然后更新 Gemfile 中的 gem 版本，并运行 `bundle install`。

标签：Ruby, 安全测试工具, 密码学, 手动系统调用, 数据恢复, 知识库, 解密工具, 身份验证器