Hello.
I have an IPTV device hooked up to my television and I'm curious to know where the streams are coming from.
I was able to capture the raw packets from the IPTV device wirelessly using Pirni (for iPhone) and I have a lot of RTMPT traffic in the capture.
Problem is I am not seeing enough information to be able to play the streams on my computer.
I can see the "Connect" to their server. But the "Playpath" parameter seems to be encrypted.
For example:
I see a Connect to 'rtmp://91.232.136.6:1935/sedge'
Then I see a Create Stream.
Then a FCSubscribe with "String 'AKuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUl BNw5tfQE6QBWNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5Cl afSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMojqhb7T4V 4b1mMq3FU8OJPEGhIKjbKI='
and finally the Play with String 'AKuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUl BNw5tfQE6QBWNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5Cl afSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMojqhb7T4V 4b1mMq3FU8OJPEGhIKjbKI='
The "Play" string looks like the Playpath but it seems to be encrypted.
When I drop this in rtmpdump I get the following:
Code:
C:\rtmpdump>rtmpdump -r "rtmp://91.232.136.6:1935/sedge" -y "AKuOuDtzNHyvwotDemO
EietAmj4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE6QBWNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5Cl
afSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMojqhb7T4V4b1mMq3FU8OJPEGhIKjbKI=" -d "A
KuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE6QBWNoVxUyuWmW_vaM7VoP2S
UK55CI7w7Pz6JOz5ClafSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMojqhb7T4V4b1mMq3FU8OJ
PEGhIKjbKI=" -v -V | vlc -
RTMPDump 2.4 git-6230845 2011-9-25
(c) 2010 Andrej Stepanchuk, Howard Chu, The Flvstreamer Team; license: GPL
WARNING: You haven't specified an output file (-o filename), using stdout
DEBUG: Protocol : RTMP
DEBUG: Hostname : 91.232.136.6
DEBUG: Port : 1935
DEBUG: Playpath : AKuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE6QBWN
oVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5ClafSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMoj
qhb7T4V4b1mMq3FU8OJPEGhIKjbKI=
DEBUG: tcUrl : rtmp://91.232.136.6:1935/sedge
DEBUG: app : sedge
DEBUG: subscribepath : AKuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE
6QBWNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5ClafSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N37
1WMojqhb7T4V4b1mMq3FU8OJPEGhIKjbKI=
DEBUG: live : yes
DEBUG: timeout : 30 sec
DEBUG: Setting buffer time to: 36000000ms
Connecting ...
DEBUG: RTMP_Connect1, ... connected, handshaking
DEBUG: HandShake: Type Answer : 03
DEBUG: HandShake: Server Uptime : 96850052
DEBUG: HandShake: FMS Version : 3.0.1.1
DEBUG: HandShake: Handshaking finished....
DEBUG: RTMP_Connect1, handshaked
DEBUG: Invoking connect
INFO: Connected...
DEBUG: HandleServerBW: server BW = 2500000
DEBUG: HandleClientBW: client BW = 2500000 2
DEBUG: HandleCtrl, received ctrl. type: 0, len: 6
DEBUG: HandleCtrl, Stream Begin 0
DEBUG: HandleChangeChunkSize, received: chunk size change to 4096
DEBUG: RTMP_ClientPacket, received: invoke 259 bytes
DEBUG: (object begin)
DEBUG: (object begin)
DEBUG: Property: <Name: fmsVer, STRING: FMS/3,5,4,210>
DEBUG: Property: <Name: capabilities, NUMBER: 31.00>
DEBUG: Property: <Name: mode, NUMBER: 1.00>
DEBUG: (object end)
DEBUG: (object begin)
DEBUG: Property: <Name: level, STRING: status>
DEBUG: Property: <Name: code, STRING: NetConnection.Connect.Su
ccess>
DEBUG: Property: <Name: description, STRING: Connection succeeded.>
DEBUG: Property: <Name: data, OBJECT>
DEBUG: (object begin)
DEBUG: Property: <Name: version, STRING: 3,5,4,210>
DEBUG: (object end)
DEBUG: Property: <Name: clientid, NUMBER: 499847536.00>
DEBUG: Property: <Name: objectEncoding, NUMBER: 0.00>
DEBUG: (object end)
DEBUG: (object end)
DEBUG: HandleInvoke, server invoking <_result>
DEBUG: HandleInvoke, received result for method call <connect>
DEBUG: sending ctrl. type: 0x0003
DEBUG: Invoking createStream
DEBUG: FCSubscribe: AKuOuDtzNHyvwotDemOEietAmj4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE6QB
WNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5ClafSjEK4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WM
ojqhb7T4V4b1mMq3FU8OJPEGhIKjbKI=
DEBUG: Invoking FCSubscribe
DEBUG: RTMP_ClientPacket, received: invoke 29 bytes
DEBUG: (object begin)
DEBUG: Property: NULL
DEBUG: (object end)
DEBUG: HandleInvoke, server invoking <_result>
DEBUG: HandleInvoke, received result for method call <createStream>
DEBUG: SendPlay, seekTime=0, stopTime=0, sending play: AKuOuDtzNHyvwotDemOEietAm
j4OjchYtD1qxn1E4DOKf4JUlBNw5tfQE6QBWNoVxUyuWmW_vaM7VoP2SUK55CI7w7Pz6JOz5ClafSjEK
4MvHOX2l86ggumDKi7WOneCOr_Hd6N371WMojqhb7T4V4b1mMq3FU8OJPEGhIKjbKI=
DEBUG: Invoking play
DEBUG: sending ctrl. type: 0x0003
DEBUG: RTMP_ClientPacket, received: invoke 142 bytes
DEBUG: (object begin)
DEBUG: Property: NULL
DEBUG: (object begin)
DEBUG: Property: <Name: level, STRING: status>
DEBUG: Property: <Name: code, STRING: NetStream.Play.Start>
DEBUG: Property: <Name: description, STRING: FCSubscribe to stream no
t-found.>
DEBUG: Property: <Name: clientid, NUMBER: 499847536.00>
DEBUG: (object end)
DEBUG: (object end)
DEBUG: HandleInvoke, server invoking <onFCSubscribe>
DEBUG: RTMP_ClientPacket, received: invoke 194 bytes
DEBUG: (object begin)
DEBUG: Property: NULL
DEBUG: (object begin)
DEBUG: Property: <Name: level, STRING: status>
DEBUG: Property: <Name: code, STRING: NetStream.Play.Unpublish
Notify>
DEBUG: Property: <Name: description, STRING: rtmp://eu-origin.zaaptv.
com:1935/origin/_definst_/not-found is now unpublished.>
DEBUG: Property: <Name: clientid, NUMBER: 499847536.00>
DEBUG: (object end)
DEBUG: (object end)
DEBUG: HandleInvoke, server invoking <onStatus>
DEBUG: HandleInvoke, onStatus: NetStream.Play.UnpublishNotify
DEBUG: Invoking deleteStream
DEBUG: Closing connection.
What's interesting is the RTMPDUMP output is exposing the following (highlighted in blue above):
rtmp://eu-origin.zaaptv.com:1935/origin/_definst_/not-found
Any idea how I can get this FCSubscribe and the actual Playpath?
I feel like I'm almost there, just need some help to finish the last mile. Thanks in advance.