Audio/video stream recording forums

Attention Visitor:
You may have to register or log in before you can post:
  • Click the register link to sign up.
  • Registered members please fill in the form below and click the "Log in" button.
To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Audio/video stream recording forums > Streaming media recording forum > rtmpdump
Register FAQ Members List Calendar Mark Forums Read

Reply Post New Thread
 
Thread Tools Display Modes
  #41  
Old 06-20-2013, 02:30 AM
freez freez is offline
Senior Member
 
Join Date: Feb 2013
Posts: 105
freez is on a distinguished road
Default

Re: The coolsport.tv challenge


Quote:
Originally Posted by oelk View Post
I think it has been right, but it was changed again. Now we see the following message:
Code:
$lgonnakill%$wyou@#q1
(seems that they know that we can find it )

And: It is inside the swf
this token says " I gonna kill you " , that Koolsport admin got crazy

very good @oelk , but really it is hard to find it this time inside swf , how the hick did u find it?
Reply With Quote
  #42  
Old 06-20-2013, 10:06 AM
oelk oelk is offline
Member
 
Join Date: Nov 2011
Posts: 44
oelk is on a distinguished road
Default

Re: The coolsport.tv challenge


The swf is obfuscated, so that simple 'reading' of the token won't work. It is calculated somehow everytime it has to be used. So there are some possible advances to get it:
  • use a debugger to get inside the running swf and extract the token after calculation
  • change the existing code and let the swf show the token for you, or
  • write your own program and use the 'decryption' function
At least one of them works (but all should be possible using the right tools)

I don't know if that's a message for me or for you (I don't record anything.), but I really dislike to be killed. (Just to inform the man who wrote this token.)
Reply With Quote
  #43  
Old 06-20-2013, 02:24 PM
freez freez is offline
Senior Member
 
Join Date: Feb 2013
Posts: 105
freez is on a distinguished road
Default

Re: The coolsport.tv challenge


ok oelk , thanx for help , we need that token again till i can figure how i can use ur method it is changed (ff3.swf)
Reply With Quote
  #44  
Old 06-23-2013, 01:00 PM
evol evol is offline
Senior Member
 
Join Date: Jun 2011
Posts: 228
evol is on a distinguished road
Question

Re: The coolsport.tv challenge


Has anyone had any look getting the token or a working method of getting it ?
Reply With Quote
  #45  
Old 06-23-2013, 03:25 PM
LuzerMasken LuzerMasken is offline
Junior Member
 
Join Date: Jun 2013
Posts: 2
LuzerMasken is on a distinguished road
Default

Re: The coolsport.tv challenge


Code:
@lfrench%f1$w@#fkrbas
Reply With Quote
  #46  
Old 06-25-2013, 09:06 AM
jhb50 jhb50 is offline
Member
 
Join Date: Nov 2011
Posts: 54
jhb50 is on a distinguished road
Default

Re: The coolsport.tv challenge


OK. Changed again. I give up. They are going to keep changing this so its a fools errand to try and keep up. Try other sites like cricfree and igoal.
Reply With Quote
  #47  
Old 06-25-2013, 01:03 PM
hasomaso hasomaso is offline
Senior Member
 
Join Date: Apr 2011
Posts: 943
hasomaso is on a distinguished road
Default

Re: The coolsport.tv challenge


edit
edit
edit

Last edited by hasomaso : 06-25-2013 at 02:25 PM.
Reply With Quote
  #48  
Old 10-06-2013, 06:01 AM
gorilla.maguila gorilla.maguila is offline
Member
 
Join Date: Dec 2012
Posts: 62
gorilla.maguila is on a distinguished road
Default

Re: The coolsport.tv challenge


To continue with the disassembly frenzy that began with ilive.to http://stream-recorder.com/forum/dum...ve-t16652.html. I've managed to get the obfuscated token from the coolsport's swf file. BUT somehow it's not working.

This is the token I'm getting:

Code:
#atd%#$ZH
Although:

Code:
rtmpdump -r rtmp://rtmp.featve.com:1935/redirect -W "http://97ff0e7e610f20512dbe-483e6ce63d68aeb3d05af6c054efb801.r29.cf1.rackcdn.com/atdedead.swf" -p "http://featve.com/player3.php?id=20829&width=640&height=460" --live --debug -y 20829 --token "#atd%#$ZH"
It's not working.

Could it be that they have modified TEA.class inside the swf file so it's not an standard TEA decryption?

PS: I can provide more details on how I got the token so we can discuss this further
Reply With Quote
  #49  
Old 10-06-2013, 07:29 AM
gorilla.maguila gorilla.maguila is offline
Member
 
Join Date: Dec 2012
Posts: 62
gorilla.maguila is on a distinguished road
Default

Re: The coolsport.tv challenge


Ok so I've found what is going on.

It seems that the current librtmp code fails to compute the operation:

Code:
sendSecureTokenResponse(TEA.decrypt("secureToken", "token"));
For example tampering the swf file:

Code:
TEA.decrypt("5b9389e825ebcca55cf84a71ddc5a13c6ae4f5ce19cd3fdbf91e1a53b3029f383461c800", "#atd%#$ZH")
Gives:

ed08d934-41ac-4b90-80a2-d0cacd923ae1

Where librtmp doing the same operation gives:


$]m.i.eo.I#...z._hB.`


Hence the server rejects the connection
Reply With Quote
  #50  
Old 10-06-2013, 03:29 PM
gorilla.maguila gorilla.maguila is offline
Member
 
Join Date: Dec 2012
Posts: 62
gorilla.maguila is on a distinguished road
Default

Re: The coolsport.tv challenge


Ok so in the end it's not a problem with librtmp.

The problem seems to be that rtmpdump.c it's not parsing the correct token string length.

As a work around invoke the token option like this:

Code:
--token "#atd%#\$ZH"
with a backslash before the $
Reply With Quote
Reply Post New Thread
Tags:



Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -6. The time now is 11:26 AM.


Powered by All-streaming-media.com; 2006-2011
vB forum hacked with Zoints add-ons