The coolsport.tv challenge

Re: The coolsport.tv challenge

 

this token says " I gonna kill you " :D , that Koolsport admin got crazy :D

very good @oelk , but really it is hard to find it this time inside swf , how the hick did u find it? :)

Re: The coolsport.tv challenge

 

The swf is obfuscated, so that simple 'reading' of the token won't work. It is calculated somehow everytime it has to be used. So there are some possible advances to get it:

• use a debugger to get inside the running swf and extract the token after calculation
• change the existing code and let the swf show the token for you, or
• write your own program and use the 'decryption' function

At least one of them works ;) (but all should be possible using the right tools)

I don't know if that's a message for me or for you (I don't record anything.), but I really dislike to be killed. (Just to inform the man who wrote this token.)

Re: The coolsport.tv challenge

 

ok oelk , thanx for help , we need that token again till i can figure how i can use ur method it is changed (ff3.swf)

Re: The coolsport.tv challenge

 

Has anyone had any look getting the token or a working method of getting it ?

Re: The coolsport.tv challenge

 

Re: The coolsport.tv challenge

 

OK. Changed again. I give up. They are going to keep changing this so its a fools errand to try and keep up. Try other sites like cricfree and igoal.

Re: The coolsport.tv challenge

 

edit
edit
edit

Re: The coolsport.tv challenge

 

To continue with the disassembly frenzy that began with ilive.to http://stream-recorder.com/forum/dum...ve-t16652.html. I've managed to get the obfuscated token from the coolsport's swf file. BUT somehow it's not working.

This is the token I'm getting:

Although:

It's not working.

Could it be that they have modified TEA.class inside the swf file so it's not an standard TEA decryption?

PS: I can provide more details on how I got the token so we can discuss this further

Re: The coolsport.tv challenge

 

Ok so I've found what is going on.

It seems that the current librtmp code fails to compute the operation:

For example tampering the swf file:

Gives:

ed08d934-41ac-4b90-80a2-d0cacd923ae1

Where librtmp doing the same operation gives:


$]m.i.eo.I#...z._hB.`


Hence the server rejects the connection

Re: The coolsport.tv challenge

 

Ok so in the end it's not a problem with librtmp.

The problem seems to be that rtmpdump.c it's not parsing the correct token string length.

As a work around invoke the token option like this:

with a backslash before the $

Re: The coolsport.tv challenge

 

Do you have a new one? Seems it doesn't work anymore.

Re: The coolsport.tv challenge

 

Use this one, it's still working...

http://stream-recorder.com/forum/sho...0&postcount=48

But remember, if used with rtmpdump batch file, you'll need to double every % in the token.