E4 Player key incorrect

[Dragon-Batch]

please make adjustments and fix this error. they recently changed the obfuscated file and "const" is not in the player anymore

[Ciarands]

I'm holding off on updating this, I'm suspicious they're working on a new encryption system (pretty much confirmed as they deleted a core part of their encryption a couple days ago). Their current system got reversed in a couple days and I'm aware of how to defeat it, however their keys hadn't been updated in a while and a couple days ago they've started serving unencrypted HLS in the json response. I don't imagine they've given up with actually encrypting their stuff, so im going to wait see what happens. Since the team @ rabbitstream are clearly keeping an eye on the open source media scraping community, ill probably end up hosting a proprietary key extractor and not publicly share all the steps to defeat their "security".

[Dragon-Batch]

here is the code to get the decryption key for megacloud hls stream thingy :)))

from PIL import Image
import requests
import base64
import io

class Megacloud2:
    def __init__(self):
        self.name = "Megacloud2"
        self.mainUrl = "https://megacloud.tv"
        self.embed = "embed-1/ajax/e-1"
        self.scriptUrl = f"{self.mainUrl}/js/player/a/prod/e1-player.min.js"
        self.luckyImageUrl = f"{self.mainUrl}/images/lucky_animal/icon.png"

    def extractRealKey(self):
        image_response = requests.get(self.luckyImageUrl)
        image = Image.open(io.BytesIO(image_response.content))
        width, height = image.size
        pixel_data = []

        for y in range(height):
            for x in range(width):
                pixel = image.getpixel((x, y))
                pixel_data.extend([int(channel) for channel in pixel])

        encoded_byte_array = self.computeKeyFromImage(pixel_data)

        # key = base64.b64encode(encoded_byte_array).decode('utf-8')
        return list(encoded_byte_array)

    def computeKeyFromImage(self, image):
        image_chunks = ""
        image_chunks_to_char = ""
        image_chunks_to_char_to_hex = []

        for i in range(image[3] * 8):
            image_chunks += str(image[(i + 1) * 4 + 3] % 2)

        image_chunks = image_chunks[:len(image_chunks) - len(image_chunks) % 2]
        for i in range(0, len(image_chunks), 8):
            image_chunks_to_char += chr(int(image_chunks[i:i + 8], 2))

        for i in range(0, len(image_chunks_to_char) - 1, 2):
            image_chunks_to_char_to_hex.append(int(image_chunks_to_char[i:i + 2], 16))

        key = bytes(image_chunks_to_char_to_hex)
        return key

[Dragon-Batch]

also may i ask why they bother encrypting the hls in the json? i dont get the point i could just make a program that hooks some of the hls player functions to get the source file and send it to something on my pc to get the stream that way so i dont need to get the decryption key and decrypt it

[cool-dev-guy]

also may i ask why they bother encrypting the hls in the json? i dont get the point i could just make a program that hooks some of the hls player functions to get the source file and send it to something on my pc to get the stream that way so i dont need to get the decryption key and decrypt it

They can do encryption for a lot of reason,

If you could access it for free then,

1. They wont get ad revenue
2. The will have huge cdn loads.
3. Their content could get banned or blocked etc.

[Ciarands]

here is the code to get the decryption key for megacloud hls stream thingy :)))

from PIL import Image
import requests
import base64
import io

class Megacloud2:
    def __init__(self):
        self.name = "Megacloud2"
        self.mainUrl = "https://megacloud.tv"
        self.embed = "embed-1/ajax/e-1"
        self.scriptUrl = f"{self.mainUrl}/js/player/a/prod/e1-player.min.js"
        self.luckyImageUrl = f"{self.mainUrl}/images/lucky_animal/icon.png"

    def extractRealKey(self):
        image_response = requests.get(self.luckyImageUrl)
        image = Image.open(io.BytesIO(image_response.content))
        width, height = image.size
        pixel_data = []

        for y in range(height):
            for x in range(width):
                pixel = image.getpixel((x, y))
                pixel_data.extend([int(channel) for channel in pixel])

        encoded_byte_array = self.computeKeyFromImage(pixel_data)

        # key = base64.b64encode(encoded_byte_array).decode('utf-8')
        return list(encoded_byte_array)

    def computeKeyFromImage(self, image):
        image_chunks = ""
        image_chunks_to_char = ""
        image_chunks_to_char_to_hex = []

        for i in range(image[3] * 8):
            image_chunks += str(image[(i + 1) * 4 + 3] % 2)

        image_chunks = image_chunks[:len(image_chunks) - len(image_chunks) % 2]
        for i in range(0, len(image_chunks), 8):
            image_chunks_to_char += chr(int(image_chunks[i:i + 8], 2))

        for i in range(0, len(image_chunks_to_char) - 1, 2):
            image_chunks_to_char_to_hex.append(int(image_chunks_to_char[i:i + 2], 16))

        key = bytes(image_chunks_to_char_to_hex)
        return key

Thanks, although I don't actually need this 😅 Have had my own working version for a while, just haven't released it due to plans to make an open source tool to make key extraction easy for everyone.

[Ciarands]

also may i ask why they bother encrypting the hls in the json? i dont get the point i could just make a program that hooks some of the hls player functions to get the source file and send it to something on my pc to get the stream that way so i dont need to get the decryption key and decrypt it

also yeah, its slightly silly in my opinion too, the nature of the web makes it pretty trivial to attack their security through obscurity, although they certainly could add some stuff which would make it way more difficult, they should hire me 😂

[cool-dev-guy]

also may i ask why they bother encrypting the hls in the json? i dont get the point i could just make a program that hooks some of the hls player functions to get the source file and send it to something on my pc to get the stream that way so i dont need to get the decryption key and decrypt it

also yeah, its slightly silly in my opinion too, the nature of the web makes it pretty trivial to attack their security through obscurity, although they certainly could add some stuff which would make it way more difficult, they should hire me 😂

Lol they could actually put the stream links in css and no one would even look that.

[Dragon-Batch]

also may i ask why they bother encrypting the hls in the json? i dont get the point i could just make a program that hooks some of the hls player functions to get the source file and send it to something on my pc to get the stream that way so i dont need to get the decryption key and decrypt it

also yeah, its slightly silly in my opinion too, the nature of the web makes it pretty trivial to attack their security through obscurity, although they certainly could add some stuff which would make it way more difficult, they should hire me 😂

Lol they could actually put the stream links in css and no one would even look that.

frfr

[Dragon-Batch]

i am currently downloading everything off hurawatchz.to and uploading it to discord for unlimited storage so my website can stream it

[Dragon-Batch]

just a theory: couldnt someone technically have a selenium instances or a browser and just automate opening the website that the stream link belongs to and hook some of the functions for the player that website uses and get the stream link that way?

[Dragon-Batch]

currently got all of family guy, the walking dead and hazbin hotel and i am downloading breaking bad

[cool-dev-guy]

just a theory: couldnt someone technically have a selenium instances or a browser and just automate opening the website that the stream link belongs to and hook some of the functions for the player that website uses and get the stream link that way?

Using selenium comes at some risks:

1. Cloudflare turnstile/in websie hard-coded captcha redirects.(Preventing these is hell)
2. Cloudflare Bot detection(new version)
3. Request restriction from vps/deployment domains/ips.(They may block request from those areas)
4. Huge time taken to get the streams/keys

But still its one of the easiest ways ....