infosecn1nja
/
CyberChef
mirror of https://github.com/infosecn1nja/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added 'Generate HOTP' and 'Generate TOTP' operations

feature-extract-files
n1474335 2017-09-05 17:53:54 +00:00
parent 2c03689195
commit 68bf1d123e
4 changed files with 120 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@ -82,6 +82,7 @@
"lodash": "^4.17.4",
"moment": "^2.17.1",
"moment-timezone": "^0.5.11",
"otp": "^0.1.3",
"sladex-blowfish": "^0.8.1",
"sortablejs": "^1.5.1",
"split.js": "^1.2.0",

2
src/core/config/Categories.js
View File

@ -300,6 +300,8 @@ const Categories = [
"Detect File Type",
"Scan for Embedded Files",
"Generate UUID",
"Generate TOTP",
"Generate HOTP",
"Render Image",
"Remove EXIF",
"Extract EXIF",

63
src/core/config/OperationConfig.js
View File

@ -29,6 +29,7 @@ import MS from "../operations/MS.js";
import NetBIOS from "../operations/NetBIOS.js";
import Numberwang from "../operations/Numberwang.js";
import OS from "../operations/OS.js";
import OTP from "../operations/OTP.js";
import PublicKey from "../operations/PublicKey.js";
import Punycode from "../operations/Punycode.js";
import QuotedPrintable from "../operations/QuotedPrintable.js";
@ -3635,7 +3636,67 @@ const OperationConfig = {
}
]
},
"Generate TOTP": {
description: "The Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems. A TOTP is an HOTP where the counter is the current time.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated. T0 and T1 are in seconds.",
run: OTP.runTOTP,
inputType: "byteArray",
outputType: "string",
args: [
{
name: "Name",
type: "string",
value: ""
},
{
name: "Key size",
type: "number",
value: 32
},
{
name: "Code length",
type: "number",
value: 6
},
{
name: "Epoch offset (T0)",
type: "number",
value: 0
},
{
name: "Interval (T1)",
type: "number",
value: 30
}
]
},
"Generate HOTP": {
description: "The HMAC-based One-Time Password algorithm (HOTP) is an algorithm that computes a one-time password from a shared secret key and an incrementing counter. It has been adopted as Internet Engineering Task Force standard RFC 4226, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated.",
run: OTP.runHOTP,
inputType: "string",
outputType: "string",
args: [
{
name: "Name",
type: "string",
value: ""
},
{
name: "Key size",
type: "number",
value: 32
},
{
name: "Code length",
type: "number",
value: 6
},
{
name: "Counter",
type: "number",
value: 0
}
]
},
};
export default OperationConfig;

55
src/core/operations/OTP.js Executable file
View File

@ -0,0 +1,55 @@
import otp from "otp";
import Base64 from "./Base64.js";
/**
* One-Time Password operations.
*
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2017
* @license Apache-2.0
*
* @namespace
*/
const OTP = {
/**
* Generate TOTP operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {string}
*/
runTOTP: function(input, args) {
const otpObj = otp({
name: args[0],
keySize: args[1],
codeLength: args[2],
secret: Base64.runTo32(input, []),
epoch: args[3],
timeSlice: args[4]
});
return `URI: ${otpObj.totpURL}\n\nPassword: ${otpObj.totp()}`;
},
/**
* Generate HOTP operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {string}
*/
runHOTP: function(input, args) {
const otpObj = otp({
name: args[0],
keySize: args[1],
codeLength: args[2],
secret: Base64.runTo32(input, []),
});
const counter = args[3];
return `URI: ${otpObj.hotpURL}\n\nPassword: ${otpObj.hotp(counter)}`;
},
};
export default OTP;