Automate Synack DUO Push requests without needing a physical device and save the required token for further automation processes.
- Python3
- Libraries: pycryptodome, requests, beautifulsoup4
Install the necessary libraries:
pip install -r requirements.txt
- Execute
main.py
. - Enter the code from the QR code (use an alternative QR code scanner) or via the link provided in the email (accessible on a desktop). The proceess in screenshots is similar to this:
- Complete the ruo setup.
- In
synconnect.py
, update your credentials at lines 12 and 13. - To run in headless mode (without opening a browser window), set
options.headless = True
on line 37. - (Optional) Customize Token Storage Location
- To save the token in a different location, modify the
file_path
on line 16. - By default, the token is stored in
/tmp/synacktoken
.
- To save the token in a different location, modify the
Execute the script using Python:
python3 synconnect.py
- After setting up ruo, capture the login process with Burp Suite.
- Locate the
/frame/v4/auth/prompt/data
request and note down the index and key from its response. - Update
synconnect_cli.py
with your credentials on lines 12 and 13. - Set the
index
(e.g.,phone2
) on line 16 andkey
(e.g.,DPXXXXXXXXXX
) on line 17. - (Optional) Customize Token Storage Location
- To save the token in a different location, modify the
file_path
on line 18. - By default, the token is stored in
/tmp/synacktoken
.
- To save the token in a different location, modify the
Execute using Python:
python3 synconnect_cli.py
For the automation to work correctly, the device set up for this script must be the primary device. If it's not, request to make it primary or do so manually by removing previous devices and re-adding them later.
Alternatively, use synconnect_cli.py
with the correct configuration to circumvent this issue.
Execute using Python:
python3 mission.py
If you want to use it standalone as a script and provide your own token, comment out the following lines. Token is always read from /tmp/synacktoken.
71 subprocess.run(["python3", "synconnect_cli.py"])
72 token = read_token_from_file(token_file_path)