EnthusiastAnon
commented
3 years ago Netflix? I think it's because of high profile and main profile and vp9 and whatnot. One of the keys will definitely work.
Closed ParkRoger closed 3 years ago
EnthusiastAnon
commented
3 years ago Netflix? I think it's because of high profile and main profile and vp9 and whatnot. One of the keys will definitely work.
ParkRoger
commented
3 years ago 9a47ba35e9824767333e0a6915ec580c3ddef52f0276086fbe4a8079438ab9e5bd8bc21ef36e5e1bfb34b138bb82ec86754a38e833bb9d7b9d95f2279f07fe9fc760e2434b50fb664f36f0b671d4fcaf16f3a666ee6b88a2e3008043ec28d96a406a529df77ee43bd3a9659393eb629efd746ee359b9199db4283b6765596ebacac3b2d9379bada622843bb63ba0620e1d7f6c2238f78b31d639288f103ef4ef2e8a2efe1e81d0e2342598b52b0cb771ff752395ab251093d4fe7e2362c6b3b377f6b02ed4b704cd94108b34510edf741cc12cb5f2572be5c1314ee9234989feec4ac333b80b526be47dcf676790428bb73fc856fd8a25a5ee6d26cd9e9ed45a
content_key_decryption.js:66 Output
content_key_decryption.js:66 746b199fc17aea33fb44a008ca76afd3
content_key_decryption.js:66 WidevineDecryptor: Found key: c9afc17e3b08558560af95aee6e489af (KID=a1ad0c5b689b5fb79aebee5057f66d57)
content_key_decryption.js:66 WidevineDecryptor: Found key: eba4862afbe5fcd4e9c0799098f816cf (KID=b71229b9c9025feb96deda31da6af3cc)
content_key_decryption.js:66 WidevineDecryptor: Found key: 0b7f902bda8319a4f45d8d086da01929 (KID=169d962f57fa50a6a8c594a13d69522e)Actually no the site is not Netflix. It produces the same mpd each time. The mpd lists multiple resolutions but all the resolutions have the same pssh <cenc:pssh>AAAAOXBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABkiEf/xFYAtI8M1ikjQV7frg/yXSOPclZsG</cenc:pssh>
and KID cenc:default_KID="a1ad0c5b-689b-5fb7-9aeb-ee5057f66d57"
But I still keep getting different Keys like above
ParkRoger
commented
3 years ago You don't need one just visit the link directly. With a VPN to SG/MY
jcronan-slcc
commented
3 years ago Uncaught (in promise) TypeError: CryptoJS.CMAC is not a function at Object.WidevineCrypto.decryptContentKey (content_key_decryption.js)
That's my case when I try to get the key on that site
ParkRoger
commented
3 years ago Uncaught (in promise) TypeError: CryptoJS.CMAC is not a function at Object.WidevineCrypto.decryptContentKey (content_key_decryption.js)
That's my case when I try to get the key on that site
get the background tree and then reload the extension and then reload the site. You'll have to reload the extension every time you get the error
TiRajo
commented
3 years ago Not sure if its the expected behavior but on certain each reload gives me a different key.
5a99ac9d38347fbe8b8d249bee884ac03a84c489a7840cc2bf8c9dd28fdb09cca7f9a82402fa7bbe95fc12ac66a24b36b839b969636f127aafc2d6a6bc6f1cf21381975467b68921d46a5ea20c304002f741c3c836960d2902e0a526f7d581b35a551daa22a72a7a5e888a1c94d5cd7029adb73be05d7b296b23e2a328f8b75c7adc836c8ce31dfe376ec78fd5087ff472ac88c65b140fef2e771ab4c2a78da8b7835a5a0be0de972de495a37b839e73207b0fe9a94fd093bea9784c97c735a734431357a0e63d36339b007c66a02cae1391a5b9ef3c462ce9b9fea357d300160c537d920428ef59fc3c7abd22a664710c7cc69300e84ef2258c0b791752f3df content_key_decryption.js:66 Output content_key_decryption.js:66 bd951239a9a75d52678147832174a358 content_key_decryption.js:66 WidevineDecryptor: Found key: 6dc4cdf8a241cefcf63eb28fbb844bed (KID=a1ad0c5b689b5fb79aebee5057f66d57) content_key_decryption.js:66 WidevineDecryptor: Found key: 0872e7395481446b8f2578e83c022894 (KID=b71229b9c9025feb96deda31da6af3cc) content_key_decryption.js:66 WidevineDecryptor: Found key: fcbb606145659f10593238c84897e2b2 (KID=169d962f57fa50a6a8c594a13d69522e)1f4bc299b570907ab4b44ef4509cae265760d94addc64589720ee0b2a4820aecc1e3bdb3ad27ee65f9f7e41f5c821e09784f49e8fb6589651bebc78d3b498bb053742692a946095af9f13fcc3b0e0e261d45f8c951afb757efb2f21817865de40edf34b1285a5831584258da285a135598cf170cc0d7a8256993564af94aff01993406382b21f8ccaedba051887b696136acaf5accaa31c7ca837a2b83fed14becbff926e2405a4eee36aac58962b8c6a41070b091db6ab0925072fff8c21561754e65fd62b2b4efd961825d8c5f18507d2f137fd61df00ae81fd4a62f7e2066461827f456936ed6c23522fc82c66ad8ee444b863effca2bfb6b80de606fdec6 content_key_decryption.js:66 Output content_key_decryption.js:66 e4cf16369ddfb91fede4b3946d7093ba content_key_decryption.js:66 WidevineDecryptor: Found key: 4d258eda7a0a2ae5a8a2b1b174201bb2 (KID=a1ad0c5b689b5fb79aebee5057f66d57) content_key_decryption.js:66 WidevineDecryptor: Found key: 5ac6394125548397a977b6ba6eac9f98 (KID=b71229b9c9025feb96deda31da6af3cc) content_key_decryption.js:66 WidevineDecryptor: Found key: 58b1a30917958f3eb7abca07c2551030 (KID=169d962f57fa50a6a8c594a13d69522e)Looks like this fails to decrypt the file too
Could this be that every time its providing a different init data?
Hiding the error and warnings in console gives wrong keys on each reload ! Dont hide
on hiding: gives wrong key https://user-images.githubusercontent.com/88180312/127995680-c028218a-0ee6-43d6-862b-9bf8d11d68b7.png
without hiding: gives correct key https://user-images.githubusercontent.com/88180312/127995789-ad77dd9c-ba48-48c6-809b-f7210cbab2ef.png
Strange!
Satsuoni
commented
3 years ago My work is only responsible for this line:
content_key_decryption.js:66 Output
content_key_decryption.js:66 bd951239a9a75d52678147832174a358So if that works, it decrypts (correctly) the session key. My assumption would be that they have either several encrypted copied (maybe 1 per CDN server?) or actually do encryption on the fly (easy enough to so, though computationally expensive. ) So the keys you get would only work when you download media in the same session, and they form a new session on reload? But that is just a guess. As I said, I will probably stop modifying extension anyway, so asking me in person for help is kind of pointless? I also don't have access to most streaming sites mentioned, so cannot test.
Uncaught (in promise) TypeError: CryptoJS.CMAC is not a function at Object.WidevineCrypto.decryptContentKey (content_key_decryption.js)
That's my case when I try to get the key on that site
That looks like CryptoJS gets overwritten at some point, probably because site uses it for its own needs. Try assigning it to another variable?
ParkRoger
commented
3 years ago Hiding the error and warnings in console gives wrong keys on each reload ! Dont hide
I'm on default levels too and the key changes every time.
on hiding: gives wrong key https://user-images.githubusercontent.com/88180312/127995680-c028218a-0ee6-43d6-862b-9bf8d11d68b7.png
without hiding: gives correct key https://user-images.githubusercontent.com/88180312/127995789-ad77dd9c-ba48-48c6-809b-f7210cbab2ef.png
are these from dimsum or some other site?
That looks like CryptoJS gets overwritten at some point, probably because site uses it for its own needs. Try assigning it to another variable?
Yup tried making it
var newCryptoJS = CryptoJS;and then changing
CryptoJS.CMAC
to
newCryptoJSfixes it.
So if that works, it decrypts (correctly) the session key. My assumption would be that they have either several encrypted copied (maybe 1 per CDN server?) or actually do encryption on the fly (easy enough to so, though computationally expensive. ) So the keys you get would only work when you download media in the same session, and they form a new session on reload? But that is just a guess
I doubt they're doing this now at least this wasn't the case before. very little again for them at huge costs if they're doing it.
TiRajo
commented
3 years ago are these from dimsum or some other site?
its disney+hotstar
ParkRoger
commented
3 years ago Okay downloading the stream from same session also results in failed decryption. Well i'll try to debug more to see if i can find anything interesting.
Satsuoni
commented
3 years ago I doubt they're doing this now at least this wasn't the case before. very little again for them at huge costs if they're doing it.
I should remind you that all https data is encrypted with, IIRC, AES key that is regenerated each connection, so with proper hardware/software it should be possible to do something similar to video? It is not like they are re-encoding it to different codecs? Depends on how they serve it. Well, anyway, I don't know enough about their backends to guess.
I added some noisy debug logs, maybe something can be made clear from them? I mean, they obviously send different keys with the same KID...
jcronan-slcc
commented
3 years ago I eventually use bitmovin test page, pasting the mpd there, use https://widevine-proxy.appspot.com/proxy as license url, it produce same, consistent keys, and IT WORKS!
I download them with modified youtube-dl, and it perfectly decrypt the video/audio
Edit : spoke too soon, it only decrypts 10 seconds of it correctly, it looks like it use different keys every bit of the video/audio
ParkRoger
commented
3 years ago after more looking around looks like this might be caused due the the eme_interception.js itself
Not sure if its right but the extension only logs these errors for this site.
Satsuoni
commented
3 years ago That warning is probably this. They do set robustness as empty string, but apparently that is not good enough for Chrome? I am not sure what to do with it. One can modify addRobustnessLevelIfNeeded to work with MediaCapabilities.decodingInfo call, and replace empty strings with SW_SECURE_CRYPTO and see if it helps?
Like I did it the commit. Other than that, please figure it out yourself XD
ParkRoger
commented
3 years ago Amazing work mate the new commits fix the issue. On all the sites I could test :)
Not sure if its the expected behavior but on certain each reload gives me a different key.
Looks like this fails to decrypt the file too
Could this be that every time its providing a different init data?