Thread: Adobe HDS Downloader
View Single Post
  #1  
Old 02-07-2013, 01:00 AM
KSV KSV is offline
Senior Member
  
Join Date: Apr 2011
Posts: 853
KSV is on a distinguished road
Cool

Re: Adobe HDS Downloader

@IV
following is the info i posted long ago in now deleted thread. This is only related to custom encryption used by Akamai CDN (Packet type 10 & 11) not FlashAccess DRM (Packet type 40 & 41).

==========
I am just posting it publicly. this info is based on actual reversing i tried few months ago. global key is different for each session. SessionID and KeyUrl are not of much relevance because they are only used to retrieve GlobalKey. mysterious salt block in each packet header can be broken into 4 different blocks. first was always 01 and third block was always all zeros.
Code:
SessionID: 010075cd3e8441c5f40f4427ae4f93e8b2b00a1b6740eda2fd0049958d1532318bd1423ec94a2c3f4074ede220dd615b9d588f6ad1ef
GlobalKey: acfab40e035ee120520fc77d1e532c20

FirstTag:
Header: 0c000000004fae27440000ffff IV: e7b25c7a1d67280a8681ba4314e1e66d KeyUrl: /z/0809/20090106_1_dvorak_slavonic-dance/h264_high_,0700,1100,1500,2000,2500,.mp4.csmil/key_AQB1zT6EQcX0D0Qnrk+T6LKwDRtnQO2i%2fQBJlY0VMjGL0UI+yUosP0B07eIg3WFbnViPatHv
Salt?:  01 b7199175c7c7dbea80f9eda39a5b6b0abf2b17dac035636c6667331243aefdec 0000000000000000000000000000000000000000 dc11391dd7c0211c95c3c1e597665f850f01d2c0

EncryptedBlock:      2df9494fdac3355db2cb942258641fe0 2709b1ec662e8897bf78ad0acf14184b e5c7e47f9e95d918bd6dad1560f2c6a2 31c1da18311e01000568e98d3525
DecryptedVideoFrame: 170000000001640028ffe10029676400 28ac2ca703c045fbc05a808080a00000 0300200000065c1400186a0000e4e17e 31c1da18311e01000568e98d3525

SecondTag:
Header: 0c000000004fae27440000fffb IV: e7b25c7a1d67280a8681ba4314e1e66d
Salt?:  01 25bfbacb92b3c6b837ca6a47ef20a8a77defbc631124bfa5b5e6b2cc0c58fe6d 0000000000000000000000000000000000000000 46d3344f230830a040d4fc6d3751f6ff83f8cbea

EncryptedBlock:      af0011900000
DecryptedAudioFrame: af0011900000
Encryption scheme used is AES-128-CBC. i couldn't figure out the KDF (key derivation function) used to derive individual packet decryption key from global key using the salt block as shown above. KDF function is executed inside Alchemy VM (a method used to execute c code from ActionScript VM) which makes it very hard to reverse engineer from disassembled code.
==========
Reply With Quote