Open-source implementation of FortiToken's TOTP algorithm.
You can extract the actual TOTP seed and use it with apps like KeePassXC or andOTP, make sure to set the period to 60 seconds.
For this to work, you need to extract 2 things - SSAID and encrypted seed. This needs root access on your Android device.
Run this command in a rooted shell:
# grep com.fortinet /data/system/users/0/settings_ssaid.xml
Output should look like this:
<setting id="32" name="10309" value="12dddfc4a3b45678" package="com.fortinet.android.ftm" defaultValue="12dddfc4a3b45678" defaultSysSet="false" tag="null" />Copy the value from quotes and paste it to the script as android_ssaid.
The seed is stored in app's database: /data/data/com.fortinet.android.ftm/databases/FortiToken.db
You can copy the file and open it with an SQLite3 editor, or run this command: (I know it's ugly, but does the job)
# grep -Eao 'totp.{64}' /data/data/com.fortinet.android.ftm/databases/FortiToken.db | cut -c5-
Copy the output and paste it as seed.
Install requirements with pip3 install -U -r requirements.txt, then run with python3 generate.py.
All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.