aiden
/
Aegis
mirror of https://github.com/beemdevelopment/Aegis
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added a whole new writeup on an approach using ValvePython/steam, left the SDA approach as its own section

master
Chance Harrison 4 years ago
parent 9cfff10ec1
commit d89aa7b28b
2 changed files with 98 additions and 15 deletions
Show Stats Download Patch File Download Diff File

98
Adding-Steam-Guard-Mobile-Authenticator-to-Aegis.md
Unescape Escape

@ -0,0 +1,98 @@
There are numerous ways to get your Steam second-factor into Aegis. A couple are documented below.
## Using `ValvePython/steam`
### Overview
This might be a good method for you if you:
* have some experience with Python
* use Linux (or can translate these steps to Windows/Mac on your own)
* like DIY solutions
* can read :)
* don't want to (and are okay with not having the option to) use the Steam app as an authenticator
> If that last point is painful, check out `steamctl` and its `authenticator` subcommand [here on GitHub](https://github.com/ValvePython/steamctl/tree/master). As of writing, the README shows a screenshot with the Steam app and Aegis generating the same codes.
The following steps assume that you have a working Python 3 installation on Linux.
### Steps
1. Install the [steam](https://pypi.org/project/steam/) package with `pip install steam`. If you want to avoid typing in long strings into Aegis, also feel free to grab [qrcode](https://pypi.org/project/qrcode/). Feel free to use a virtual environment if you're into that
2. From the Steam app, [remove your existing authenticator](https://support.steampowered.com/kb_article.php?ref=8625-WRAH-9030#disable)
3. Let's get down to business. Read, understand, and execute the following code. Ignore the comments at your own peril.
Be sure to **provide your username to the MobileWebAuth call on line 3 and enter your SMS verification code in the finalize call near the end**.
Because of that last part, it would likely be best to do this all from a REPL/interactive shell (i.e., `python3` at the terminal, line-by-line).
```python3
from steam.webauth import MobileWebAuth # See https://steam.readthedocs.io/en/stable/api/steam.webauth.html
from steam.guard import SteamAuthenticator # See https://steam.readthedocs.io/en/stable/api/steam.guard.html
import json # For saving your authenticator details/secrets as a json file
wa = MobileWebAuth('YOUR-USERNAME-HERE') # Enter your username, keep the quotes ;)
wa.cli_login() # Will walk you through the login process interactively
sa = SteamAuthenticator(backend=wa) # We are using this to do Steam Authenticator stuff using our just-established login/session
sa.add() # This will result in an SMS verification being sent to your phone
# Don't skip this! The saved file is the basis of your "authenticator" and is the only non-volatile record of it (until we add it to Aegis, at least)
# Similarly, don't let the secrets file fall into the wrong hands! Don't lose it! Know where you put it!
# Anyone with this file (and a bit of know-how) can generate 2FA codes for your account or disable the authenticator using the included revocation code.
json.dump(sa.secrets, open('./steam_auth_secrets.json', 'w')) # After this line, you should find steam_auth_secrets.json in your current working directory
```
At this point, you can use the URL included in the json file we made to create a qr code that we can scan with Aegis.
Do this from a separate terminal. **Do NOT exit** your interactive Python interpreter.
From the .json file, copy the value associated with the `uri` key. It should start with `otpauth://`. Paste it in the command below, and keep a single pair of quotation marks around the uri.
`qr "PASTE-YOUR-URI-HERE" > qr.png`
Now, just open the image using your preferred image viewer, scan it with Aegis, and **make sure you change the type from TOTP to Steam**.
Back to our REPL:
```python3
sa.get_code() # Does this match what shows on Aegis at the same time? If so, great! If not, something has gone wrong.
# Psst. If Aegis is generating a fully numerical one-time password, go and change its type from "TOTP" to "Steam" and try this line again to see if the output of get_code() and Aegis match
sa.finalize("YOUR-SMS-CODE") # If everything has gone smoothly, this will finalize your authenticator.
sa.status() # Optional. Output should look something like below if everything worked as inteded:
# {'state': 1, 'inactivation_reason': 0, 'authenticator_type': 1, 'authenticator_allowed': True, 'steamguard_scheme': 2, 'token_gid': 'XXXXXXXXXXXXXXXX', 'email_validated': True, 'device_identifier': 'android:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX', 'time_created': 1627450000, 'revocation_attempts_remaining': 5, 'classified_agent': 'other', 'allow_external_authenticator': False}
exit() # You're done!
```
### Questions
Q: Something went wrong! What do I do?
> A: Among the more productive actions you could take, you could re-read the instructions to see if you missed anything, you could read the API docs for the `steam` package, you could try the method documented in the next section, or you can use your favorite search engine to attempt to investigate your specific error. You could also contact the person who wrote this part of the guide (see the next section).
Q: Something about this section is (confusing/could be improved/didn't work/locked me out of my account/etc.)? Who wrote this section of this guide? Can I contact them?
> A: That would be [@ChanceHarrison](https://github.com/ChanceHarrison). If you have feedback relevant to this section of the guide, you could potentially make an issue on this repo and mention me on it to get my attention. If there is interest in automating this process or making it more robust, I'd be eager to hear about it. If you want to get in contact with me another way, I leave that to you as an exercise.
_This section last updated on July 28th, 2021 by @ChanceHarrison_
***
## Using Steam Desktop Authenticator
This solution may be of particular use if you already use the [Steam Desktop Authenticator](https://github.com/Jessecar96/SteamDesktopAuthenticator) app on your PC. It avoids the need for a rooted Android device to extract secrets from.
1. First off you need to open your SDA (Steam Desktop Authenticator) file directory, and find the *.maFile inside maFiles folder (Open it with notepad). In there you will see all the data you need like shared_secret and more.
__Confirm that the file is in JSON format. Aegis does not support importing encrypted .maFile files.__
2. Then create a new file named Steamguard-myConfig.json on your desktop(It has to be in json format), and copy-paste all the contents of the maFile into the new json file.
3. Then connect your android phone to your pc and open the file directory and copy the file into the Downloads folder (Or any other you have access to on the phone).
4. After doing that you need to open Aegis and go into settings and scroll all the way down and click on import from file. Choose Steam as the option and click Ok. Then select the newly imported Steamguard-myConfig.json file.
You should now have your steam code inside Aegis as well!

15
Adding-Steam-to-Aegis-from-Steam-Desktop-Authenticator.md
Unescape Escape

@ -1,15 +0,0 @@
Hey, I had some problems adding Steam to Aegis, as I'm using the [Steam Desktop Authenticator](https://github.com/Jessecar96/SteamDesktopAuthenticator) App on my PC, and I do not have a rooted android device. So I though I would write this guide to help others!
1. First off you need to open your SDA (Steam Desktop Authenticator) file directory, and find the *.maFile inside maFiles folder (Open it with notepad). In there you will see all the data you need like shared_secret and more.
__Confirm that the file is in JSON format. Aegis does not support importing encrypted .maFile files.__
2. Then create a new file named Steamguard-myConfig.json on your desktop(It has to be in json format), and copy-paste all the contents of the maFile into the new json file.
3. Then connect your android phone to your pc and open the file directory and copy the file into the Downloads folder (Or any other you have access to on the phone).
4. After doing that you need to open Aegis and go into settings and scroll all the way down and click on import from file. Choose Steam as the option and click Ok. Then select the newly imported Steamguard-myConfig.json file.
You should now have your steam code inside Aegis as well!
Hope my guide helped someone! :)
Write Preview
Loading…
Cancel
Save