[request] a command line secureToken encoder/decoder based on the rtmpdump code

[mtsr]

Hello.

If anybody has the time, I would like to propose implementing a command line application (actually, more of a front-end) for encoding/decoding strings for use with secureToken.

The reason is that there are a couple of cases where the secureToken string cannot be determined easily from the rendered webpage code and/or the swf player. In these cases where the encoded and the decoded strings can be obtained via tcpdump, it is helpful to have an offline encoder/decoder through which we can test-try possible secureTokens.

Granted, we can use the "-T" option of rtmpdump for this but that way is overkill and it's not wise to hammer the rtmp server each time with a test secureToken string.

[KSV]

so you wanna crack 128-bit encryption with brute-forcing?

[mtsr]

LOL no of course! :-)

Just want to try "suspicious" strings inside the page (html/swf) that could be masqueraded secureToken passwords in an offline way.