Quote:
Originally Posted by chap
|
Yep they tried by obfuscating the mdat box but it's lame one and easy to bypass. following is the code to unobfuscate the fragment before processing. but the way the unobfuscation works, it makes the fragment processing extremely slow. each fragment requires about 10 seconds to unobfuscate. i wouldn't add this to my official repo because it's a site specific trick which they can change whenever they please.
Code:
// Unobfuscate fragments used by kiwi.kz website
$encByteIndex = 0;
$encSum = 0;
$encData = substr($frag, $fragPos, $fragLen);
$encDataLen = strlen($encData);
$timeStart = microtime(true);
for ($i = 0; $i < $encDataLen; $i++)
{
$x = ord($encData[$i]);
$frag[$fragPos + $i] = chr($x ^ $encSum ^ $encByteIndex++);
$encSum = $x;
}
$timeEnd = microtime(true);
LogDebug(sprintf("Fragment %d decrypted in %.2f seconds.", $fragNum, $timeEnd - $timeStart), $debug);
Code:
http://pastebin.com/67TfREWZ
Also firefox add-on doesn't work here due to a minor (probably intentional) glitch (.f4m
/). you have to use the manual method instead.