Audio/video stream recording forums (http://stream-recorder.com/forum/index.php)
-   Video stream recording (http://stream-recorder.com/forum/forumdisplay.php?f=4)
-   -  

#EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017

(http://stream-recorder.com/forum/showthread.php?t=22946)

streamcrank 05-14-2017 02:00 AM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by Yelloworanges (Post 91635)
Nothing streamcrank has said indicates that he is familiar with flash access.

What is "flash access".. It doesn't exist..

Flash can use custom same-domain protocols and encryption and has a a few codecs because it has ASC which you can code anything. You dump the ASC with a flash decompiler then reverse engineer it.. Again "flash access" does exist. JWPlayer is flash based and I've extracted TEA encryption keys from it before.

AES-SAMPLE works the same as AES-128 except they can change keys instead of just IV per segment. I don't care about these other networks because all the big networks use uplynk and zype and uplynk and zype only use variants of HLS that are all standards compliant..

https://bitmovin.com/tutorials/hls-encryption/

Yelloworanges 05-14-2017 03:10 AM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by streamcrank (Post 91653)
What is "flash access".. It doesn't exist..

I was using the legacy name. As kingstaytheking pointed out earlier, the more precise name is Adobe Access. No flash player need be involved.

https://helpx.adobe.com/adobe-media-...ction-hls.html

As described in the above link, the content can be protected using three modes:
Vanilla
PHLS
Adobe Access 4.0

Quote:

Originally Posted by streamcrank (Post 91653)
AES-SAMPLE works the same as AES-128 except they can change keys instead of just IV per segment.

https://bitmovin.com/tutorials/hls-encryption/

Sure, but there is the small matter of actually getting the key in the first place. For HLS implementations of Adobe Access and PlayReady, this is an entirely different proposition than vanilla AES-128 where the key is in plaintext in the first instance.

Quote:

Originally Posted by streamcrank (Post 91653)
I don't care about these other networks because all the big networks use uplynk and zype and uplynk and zype only use variants of HLS that are all standards compliant..

I can't argue with you not caring. Some members here are interested in content that uses actual hls drm methods to protect the key, which is distinct from vanilla AES-128 hls which is not really drm at all.

streamcrank 05-14-2017 03:43 AM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by Yelloworanges (Post 91656)
I was using the legacy name. As kingstaytheking pointed out earlier, the more precise name is Adobe Access. No flash player need be involved.

https://helpx.adobe.com/adobe-media-...ction-hls.html

As described in the above link, the content can be protected using three modes:
Vanilla
PHLS
Adobe Access 4.0



Sure, but there is the small matter of actually getting the key in the first place. For HLS implementations of Adobe Access and PlayReady, this is an entirely different proposition than vanilla AES-128 where the key is in plaintext in the first instance.



I can't argue with you not caring. Some members here are interested in content that uses actual hls drm methods to protect the key, which is distinct from vanilla AES-128 hls which is not really drm at all.

I've reverse engineered plenty of flash media players and have yet to see one using AdobeAccess. Currently I'm ripping HD streams from a lot of big sites and they all use HLS which is a Apple patent and doesn't include any Adobe spec because it wouldn't work with native <video> HTML5 support. If you see any of the tags I mention in this thread and there is no flash object embedded(so they can have their own custom ASC HLS handling) you can 100% guarantee there is nothing to do with any Adobe spec.. Since most browsers disable FlashPlayer by default they all use HTML5.. Worse Case Scenario: Session timeouts on key URIs with a referrer header check.. Anything else literally breaks playback..

The native HTML5 DRM engine also uses cleartext key exchange over TLS. I haven't seen it used yet but it's well documented.
I'm currently working on a generic tool but FFMPEG is still working when I feed it fresh m3u8. My tool will work the same except I spoof referrer and get a fresh session.

Yelloworanges 05-14-2017 06:41 AM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by streamcrank (Post 91658)
I've reverse engineered plenty of flash media players and have yet to see one using AdobeAccess. Currently I'm ripping HD streams from a lot of big sites and they all use HLS which is a Apple patent and doesn't include any Adobe spec because it wouldn't work with native <video> HTML5 support. If you see any of the tags I mention in this thread and there is no flash object embedded(so they can have their own custom ASC HLS handling) you can 100% guarantee there is nothing to do with any Adobe spec.. Since most browsers disable FlashPlayer by default they all use HTML5.. Worse Case Scenario: Session timeouts on key URIs with a referrer header check.. Anything else literally breaks playback..

The native HTML5 DRM engine also uses cleartext key exchange over TLS. I haven't seen it used yet but it's well documented.
I'm currently working on a generic tool but FFMPEG is still working when I feed it fresh m3u8. My tool will work the same except I spoof referrer and get a fresh session.

What a relief. Thanks for clearing that up. I've either been malignantly confused or it has all been in my imagination. I'm forever in your debt.

kingstaytheking 05-14-2017 10:40 AM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by WHOOKIDSON (Post 91645)
"Last year" the key was being sent by "#EXT-X-KEY:METHOD=AES-128,URI=" (I'm sure XfinityTV is still using Adobe FlashAccess DRM tho)

I don't know about now. But that is how it was for XfinityTV so all you had to do was download the key and then all of the .ts files and decrypt that way locally. I can't really remember what U-Verse was. I was mainly ripping from their site. Far as U-Verse goes now "some" of their stuff uses DASH (Chrome) and the video can be "decrypted" using the tool. I haven't really had time to play with Xfinity since they did the major upgrade to their app and site.

And yeah, both of them have HBO content.

hmm tried it... video is decrypted with no problems.. trouble with audio

kingstaytheking 05-14-2017 01:24 PM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
jutru tired this with AES-128

Code:

#EXTM3U
#EXT-X-VERSION:3
#EXT-X-TARGETDURATION:7
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-FAXS-CM:long ass key here
#EXT-X-KEY:METHOD=AES-128,URI="faxs://faxs.adobe.com",IV=0x00000000000000000000000000000001

error

Code:

Unable to open key file faxs://faxs.adobe.com
[hls,applehttp @ 00000000026424a0] Error when loading first segment 'http://vod-10.timewarnercable.com/HLS_DRM/MTHM0000000000985623/150000-0-33-376-236128-36-63732-327120.ts'
http://vod-10.timewarnercable.com/HLS_DRM/MTHM0000000000985623/index.m3u8?adId=a0e3c9e5-55b2-4594-aa46-b277bacacc27: Invalid data found when processing input


streamcrank 05-14-2017 02:57 PM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Anything with "#EXT-X-FAXS-CM" in it is a custom implementation for Adobe Media Server and not HTML5. It uses out of band JS to fetch keys that have tight session restrictions. You can defeat it with custom code the same as with hardened HLS key URI.

kingstaytheking 05-14-2017 03:24 PM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
if you really have a way.,.. add me to skype
and we can talk

Yelloworanges 05-14-2017 04:22 PM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
Quote:

Originally Posted by streamcrank (Post 91666)
Anything with "#EXT-X-FAXS-CM" in it is a custom implementation for Adobe Media Server and not HTML5. It uses out of band JS to fetch keys that have tight session restrictions. You can defeat it with custom code the same as with hardened HLS key URI.

Setting aside that it doesn't exist, Adobe Primetime for hls can work in a HTML5 player in firefox via the Adobe Primetime Content Decryption Module (CDM).

Dash implementations are largely supplanting hls, but there are html5 players that support Adobe Primetime with hls.

kingstaytheking 05-15-2017 12:05 PM

Re: #EXT-X or m3u8 or TS or AES-128? You got HLS.. Howto Beat it in 2017


 
this guy is just talking out of his ass

only reason why any of these protected streams are crackable is widewine bug in chrome .. take that away.. and all premium streams are untouchable

and that's a fact

Code:

ffmpeg -protocol_whitelist file,udp,rtp,crypto,tcp,https,rtsp,tls -i "TS-M3U8 URL HERE" -c:a copy -c:v copy "OUTPUT FILE HERE.ts"
are you kidding me????

why do you even need -protocol_whitelist?


this shit will work for nbc, espn, amc ... and all those streams .. but youtube-dl makes it so easy that is pointless to do any of this

all that shit that you are doing for no reason, replace with
youtube-dl "M3U8 link here"



approach like this
http://stream-recorder.com/forum/sho...71&postcount=3

maybe ...

but name of the this topic.. and than "how to.." explanation is just laughable

I'm out


All times are GMT -6. The time now is 06:46 AM.