491 reads
2 comments
·Nov 27, 2023
Nov 27, 2023
Hi, I have follow the steps from the article, however it doesn´t work, page responds saying that the code is invalid. Could it be because in the webformfields you use MfaCode instead of MFACode as in the code?
·
·1 reply
Author
·Nov 27, 2023
What is the generated TOTP ? Is it actually an OTP? You can see this by injecting the OTP into a field that isn’t obscured, like the username field.
Failing that, can you generate a valid TOTP manually with the secret stored as the logon account’s password (when you show/copy the secret out of CyberArk?) When you generate it manually, is it the same as what the Preconnect DLL generates ?
If you have the ability to do so, you can clone the example code from GitHub, add debug logging, and recompile.
·