Recover FreeOTP Codes

First you have to instal adb and get it running on your smartphone.

$ adb shell

Afterwards issue the following command. Be aware that the output will be saved in the same folder:

adb backup -f freeotp-backup.ab -apk org.fedorahosted.freeotp

Use the Android Backup extractor to get decrypt the ab file:

abe.jar unpack freeotp-backup.ab freeotp-backup.tar

Unpack the .tar file and the only file you care about ist tokens.xml.

Use the following pyton script to get the tokens ( assuming tokens.xml is in the same folder as your python script):

#!/usr/bin/env python

import base64, json
import xml.etree.ElementTree as ET

verbose = False

root = ET.parse ('org.fedorahosted.freeotp/sp/tokens.xml').getroot()
for secrets in root.findall ('string'):
    name = secrets.get ('name')
    if name == 'tokenOrder':

    secret_json = secrets.text
    print ("secret name: {}".format(name))
    if verbose: print ("secret json: {}".format(secret_json))
    token = json.loads(secret_json);
    token_secret = token["secret"]
    if verbose: print("token secret: {}".format(token_secret))
    secret = bytes((x + 256) & 255 for x in token_secret)
    if verbose: print("token secret bytes {}".format(secret))
    code = base64.b32encode(secret)
    print("token secret base64: {}".format(code.decode()))

Leave a Reply

Your email address will not be published. Required fields are marked *