tomer8007
commented
4 years ago Original research was done on widevinecdm.dll 4.10.1610.0
Closed inntremux closed 4 years ago
tomer8007
commented
4 years ago Original research was done on widevinecdm.dll 4.10.1610.0
athrowaway-2020
commented
4 years ago The newest version of the ChromeCDM for Windows, 1679, shares its device certificate with 1610, so the private key in this repo can be used with newest version of the CDM library you have installed, for now.
inntremux
commented
4 years ago The newest version of the ChromeCDM for Windows, 1679, shares its device certificate with 1610, so the private key in this repo can be used with newest version of the CDM library you have installed, for now.
I've checked that too, dll has pub key in it so they share the same priv key
rpvcg
commented
4 years ago Original research was done on
widevinecdm.dll4.10.1610.0
What's the method to extract the private key from the dll?
inntremux
commented
4 years ago Original research was done on
widevinecdm.dll4.10.1610.0What's the method to extract the keybox from the dll?
I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
rpvcg
commented
4 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct.
One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
oskarstr
commented
4 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct.
One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
from some research it looks like that after that version they introduced obfuscation.
Curious not only how to extract the private key but also device_client_id_blob
inntremux
commented
4 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct. One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
from some research it looks like that after that version they introduced obfuscation.
Curious not only how to extract the private key but also device_client_id_blob
I just did it 😃
rpvcg
commented
4 years ago Curious not only how to extract the private key but also device_client_id_blob
The blob isn't included with this extension, is it?
It was at least a few years ago, so my memory is fuzzy, but I remember the blob being easier and perhaps not even needing to be extracted.
oskarstr
commented
4 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct. One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
from some research it looks like that after that version they introduced obfuscation. Curious not only how to extract the private key but also device_client_id_blob
I just did it 😃
care to share details? :)
inntremux
commented
4 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct. One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
from some research it looks like that after that version they introduced obfuscation. Curious not only how to extract the private key but also device_client_id_blob
I just did it 😃
care to share details? :)
Maybe on discord
athrowaway-2020
commented
4 years ago A device's client identification isn't a secret, so it is quite easy to get. If you require the blob you can simply get it by calling the license generation function without setting a server certificate beforehand; this will leave the client identification in the license request unencrypted and up for grabs. (You can also find a site/demo that doesn't use a server certificate and sniff the license request) The .proto schemas necessary for parsing license requests and other Widevine Protobuf messages can be found alongside leaked tools, I won't say exactly where but they can usually be found only a Google search away.
P.S. I don't see any good reason why you would need the client id blob, especially when working with a Chrome CDM. EME interception methods, like what this extension method does, don't require it. The only reason you would need the client id for Chrome would be if you were generating your own license requests, and that is just asking for trouble. The CDM library itself does a perfect job generating requests, don't reinvent the wheel. There are a lot of variables, such as VMP and etc., to account for in a license request and any discrepancy is a potential risk, ranging from, at best, just making the request invalid and throwing a 500 on the license server, to ringing up alarms. Although it might be a bit too late for worrying now, since this repo already has 200 stars and those higher up who need to know about this, likely already know it; it's still best to consider the safest practices for the future. \</rant>
vhvvx777
commented
4 years ago Guys and how to contact the author. There is one site where the expansion cannot intercept the key, since video links are created in a dynamic window. Maybe the author knows how to fix it
steamgirl2020
commented
4 years ago 这是我专用于此仓库的Discord服务器,如果它获得DMCA(他很快就会),请随时加入@ tomer8007和任何其他感兴趣的 https://discord.gg/vWC2Zm
Invalid invitation?
Nintendocustom
commented
3 years ago I don't think that keybox can be extracted from dll (if any), only private key, @tomer8007 correct me if i'm wrong?
Of course you're correct. One of the old python tools included keyextractor.py, which could extract the private key from the browser dll. It stopped working around 1.4.8.984. I assumed the means by which the key is stored in the dll had changed. It couldn't have changed all that much though, right?
from some research it looks like that after that version they introduced obfuscation.
Curious not only how to extract the private key but also device_client_id_blob
I would like know this too! Is there any way to contact someone who can help me with this?
Brhsoftco
commented
3 years ago Discord anyone?
billyriantono
commented
3 years ago new discord anyone ? @inntremux
cimbor
commented
3 years ago Hi, I want to extract some keys for live content with this addon but unfortunately I have no keys in console, I also tried with a custom license proxy and pywidevine but I get error as response; the proxy is working fine on Android players live exostreamr and bitmovin. Anyone willing to help/exchange ideas?
CriminalMAD
commented
3 years ago @inntremux can you post new invite link?
astravaganza
commented
3 years ago @inntremux can you post new invite link?
Kindly share here too, I'm in dire need of the blob file
abderrahmanesaad
commented
3 years ago plz share us discord invitation let us learn some stuff please
From which Widevine Content Decryption Module (widevinecdm.dll) version is key? Because Google recenty push new version of Desktop L3 CDM for Windows/Linux