Get Pssh Key of MPD Files

[thegeek]

Hello ,
can any one help me with any guide to know how to get pssh key of mpd files encrypted with webdevine whithout using webdevine decrypter ?
i can get the license url can i use it to find the key without using webdevine decrypter extension ?
Thank you

[notaghost]

It is between

Code:

<cenc:pssh> PSSH HERE </cenc:pssh>

in mpd

[thegeek]

It is between

Code:

<cenc:pssh> PSSH HERE </cenc:pssh>

in mpd

i found it in the mpd file it was encrypted with base 64 i decrypted it but the decryption is showing the KID no the pssh key which used to encode the file for first time (Wihich WidevineDecryptor get )

[LZAA]

'pssh' is not a 'key'.

[notaghost]

It is between

Code:

<cenc:pssh> PSSH HERE </cenc:pssh>

in mpd

i found it in the mpd file it was encrypted with base 64 i decrypted it but the decryption is showing the KID no the pssh key which used to encode the file for first time (Wihich WidevineDecryptor get )

Pssh is always in base64 which is used to make payloads on license url.
You can find pssh in mpd or you can get pssh from init segment file or on some cases you can make pssh from KID

Write mpd link here or send copy of mpd .

[thegeek]

It is between

Code:

<cenc:pssh> PSSH HERE </cenc:pssh>

in mpd

i found it in the mpd file it was encrypted with base 64 i decrypted it but the decryption is showing the KID no the pssh key which used to encode the file for first time (Wihich WidevineDecryptor get )

Pssh is always in base64 which is used to make payloads on license url.
You can find pssh in mpd or you can get pssh from init segment file or on some cases you can make pssh from KID

Write mpd link here or send copy of mpd .

Thank you for your reply
How i can make the PSSH from KID ?
MPD link
https://akm.cdn.intigral.net/Titles/S000944101005/S000944101005.ism/manifest.mpd

[notaghost]

License url and license url headers to check ? Or access ?

[thegeek]

License url and license url headers to check ? Or access ?

license url
https://wv.drm.intigral-ott.net:8063/?deviceId=NGE2ZWI4OTctMmFiZC0zMDE0LTk0NmItMzczMTc2ZDhlYTg0
Header
Request URL: https://wv.drm.intigral-ott.net:8063/?deviceId=NGE2ZWI4OTctMmFiZC0zMDE0LTk0NmItMzczMTc2ZDhlYTg0
Request Method: POST
Status Code: 200 OK
Remote Address: 185.93.197.71:8063
Referrer Policy: strict-origin-when-cross-origin
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://web.jawwy.tv
Content-Length: 716
Content-Type: application/octet-stream
Date: Fri, 16 Apr 2021 19:36:56 GMT
Server: Apache-Coyote/1.1
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Content-Length: 2
Host: wv.drm.intigral-ott.net:8063
Origin: https://web.jawwy.tv
Referer: https://web.jawwy.tv/
sec-ch-ua: "Google Chrome";v="89", "Chromium";v="89", ";Not A Brand";v="99"
sec-ch-ua-mobile: ?0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36
deviceId: NGE2ZWI4OTctMmFiZC0zMDE0LTk0NmItMzczMTc2ZDhlYTg0

[notaghost]

Code:

 PSSH AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U7xdBB4q3Cj9xmJSsE=

Code:

KID=4c48e14ef1741078ab70a3f719894ac1 Key=d4daf48573c5dc0d9b645d20bb933734

https://gofile.io/d/YNJ9JI

[thegeek]

Code:

KID=4c48e14ef1741078ab70a3f719894ac1 Key=d4daf48573c5dc0d9b645d20bb933734

can you tell me how did you get the key please ?

[thegeek]

Code:

 PSSH AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U7xdBB4q3Cj9xmJSsE=

Code:

KID=4c48e14ef1741078ab70a3f719894ac1 Key=d4daf48573c5dc0d9b645d20bb933734

https://gofile.io/d/YNJ9JI

Can you help me how to get this key ?
Key=d4daf48573c5dc0d9b645d20bb933734 ?

[thegeek]

Any one can help how i can get this key Key=d4daf48573c5dc0d9b645d20bb933734 without using widevine decryptor ?!

[mister_ nex]

as I understand it is necessary to decode pssh string.May be can help online decoders ?

https://tools.axinom.com/decoders/PsshBox

https://base64.guru/converter/decode

[thegeek]

as I understand it is necessary to decode pssh string.May be can help online decoders ?

https://tools.axinom.com/decoders/PsshBox

https://base64.guru/converter/decode

Decoding of pssh is only getting KID i i want to get the decryption key which used first time to encrypt the video
any one have a guide to follow to make this ?!

[Newbiect]

as I understand it is necessary to decode pssh string.May be can help online decoders ?

https://tools.axinom.com/decoders/PsshBox

https://base64.guru/converter/decode

Decoding of pssh is only getting KID i i want to get the decryption key which used first time to encrypt the video
any one have a guide to follow to make this ?!

could you achieve it?

[thegeek]

as I understand it is necessary to decode pssh string.May be can help online decoders ?

https://tools.axinom.com/decoders/PsshBox

https://base64.guru/converter/decode

Decoding of pssh is only getting KID i i want to get the decryption key which used first time to encrypt the video
any one have a guide to follow to make this ?!

could you achieve it?

For now no , i can’t but i’m still searching

[Newbiect]

as I understand it is necessary to decode pssh string.May be can help online decoders ?

https://tools.axinom.com/decoders/PsshBox

https://base64.guru/converter/decode

Decoding of pssh is only getting KID i i want to get the decryption key which used first time to encrypt the video
any one have a guide to follow to make this ?!

could you achieve it?

For now no , i can’t but i’m still searching

like you I can only get the KID

Code:

KID 00168e0b6967a304b1605190b52ebde7

Code:

PSSH AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAAWjgtpZ6MEsWBRkLUuvedI49yVmwY=

[jack_666]

Can someone explain how we arrive at

PSSH AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U 7xdBB4q3Cj9xmJSsE=

from the mpd

From the mpd we got

a) schemeIdUri="urn:uuid:EDEF8BA9-79D6-4ACE-A3C8-27DCD51D21ED"> <<=== Systen ID

b) urn:marlin:kid:4c48e14ef1741078ab70a3f719894ac1 <<== KID

So Kindly guide me as as how we moved from a) and b) to obtain the PSSH AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U 7xdBB4q3Cj9xmJSsE=

I have looked at the https://tools.axinom.com/decoders/PsshData and see that a) and b) can be obtained from PSSH , but I am unable to do the reverse

Thank you very much

[notaghost]

PSSH : AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U 7xdBB4q3Cj9xmJSsE= ?

[jack_666]

@notaghost

Thanks for the reply. I'm not interested in the actual Pssh. You had already listed it in a previous post.

What I wish to know is how you derived it?

the fist line of my post said it all

Can someone explain how we arrive at

PSSH AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U 7xdBB4q3Cj9xmJSsE=


There's a old saying ... Give a man a fish and tomorrow he will be hungry. Teach a man to fish and he will never go hungry.

Thanks very much

Regards

[blimey]

I hate fish, except maybe to look at.

The base64 encoded pssh string is often declared expressly in the mpd.

If it is not, it often can be constructed (and encoded into base64 values) from values in the init.

Sometimes it is not really even used.

Generally it is in the mpd or can be constructed from the init (the very first dash segment).

[Newbiect]

I hate fish, except maybe to look at.

The base64 encoded pssh string is often declared expressly in the mpd.

If it is not, it often can be constructed (and encoded into base64 values) from values in the init.

Sometimes it is not really even used.

Generally it is in the mpd or can be constructed from the init (the very first dash segment).

In my case it was inside the mpd, but after obtaining the pssh, how do I get the key? I have only been able to get the KID.

Code:

AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAAWjgtpZ6MEsWBRkLUuvedI49yVmwY=

[blimey]

The kid, like the pssh, is not a secret. The kid is also often expressly declared in the mpd. If it is not, it also can be constructed from values in the init.

On the other hand, the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads. Others will have to point you to those threads if you can't find them by searching for them yourself.

[jack_666]

Ok ... I figured it out.

As per blimey .... The kid, like the pssh, is not a secret.

This is very true. In the case of this mpd posted by thegeek there was no pssh explicitly given. It had to be determined by the entries ...
cenc:default_KID="4C48E14E-F174-1078-AB70-A3F719894AC1"> and
schemeIdUri="urn:uuid:EDEF8BA9-79D6-4ACE-A3C8-27DCD51D21ED">

Now a thank you has to go to mister_ nex and the tool https://tools.axinom.com/decoders/PsshBox

I used this tool to determine the Pssh

Enter these values into the tool

System ID
EDEF8BA9-79D6-4ACE-A3C8-27DCD51D21ED

Version
0

Data ==> Widevine PSSH Data ==> Key ==> IDs 4C48E14E-F174-1078-AB70-A3F719894AC1

Protection Scheme .... Keep blank
Crypto Period Index .... Keep blank
Crypto Period Duration (seconds) .... Keep blank
Show not recommended and deprecated fields. .... Do not touch

Click Generate

Generated PSSH box:
Select Base64
AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEExI4U 7xdBB4q3Cj9xmJSsE=

Ok now that that has been figured out, it is time to pursue something else that blimey pointed out

.... the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

[vfa1]

.... the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

Did you have any luck @jack_666 with this?

[jack_666]

.... the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

Did you have any luck @jack_666 with this?

===========

Still searching, but I have a never give up attitude. Some more than mere mortals have said that they have found this elusive elixir and got it gratis. This gives me hope. Soldiering on .... Hi-yo, Silver! Away!

[n0m1]

the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

Good effort Jack_666 , KID on hex view is easy to find "in my case at address 0x496" in plane text . also searching for the solution if somebody give a right path ...

[VictorM]

.... the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

Did you have any luck @jack_666 with this?

===========

Still searching, but I have a never give up attitude. Some more than mere mortals have said that they have found this elusive elixir and got it gratis. This gives me hope. Soldiering on .... Hi-yo, Silver! Away!

Any luck getting the secret key from pssh?

[LZAA]

The key you need is missing in 'pssh'.

[jack_666]

.... the key is a secret. Getting is requires doing a license challenge, and various post challenge processing. It is what the extension exploit does, the details of which have been discussed in other threads.

Guess I have some searching to do.

Regards

Did you have any luck @jack_666 with this?

===========

Still searching, but I have a never give up attitude. Some more than mere mortals have said that they have found this elusive elixir and got it gratis. This gives me hope. Soldiering on .... Hi-yo, Silver! Away!

Any luck getting the secret key from pssh?

The mechanics of the the system is fairly simple. You need

1)pssh key and
2)the url of the license server.

These are fairly easy to obtain.
Pssh is derived from the init.mp4 which is turn is derived from the first file of yt-dlp.
The license server url is obtained via a F12 inspection of the browser display.

These are the easy parts.

Now for the not so easy parts.

You need a program that will communicate with the license server and send it the pssh and negotiate the get_challenge. One such program was the browser addon uploaded by Tomer8007. This is now, for all intents and purposes, dead. Other such programs include wvclient and pywidevine. Obtaining wvclient is easy whilst pywidevine is hidden like you would not believe.

Now, suppose you have the pssh, the lic server and say pywidevine, you still face a formidable challenge. Getting the coveted keys is still not that simple. Remember, no body wants you the get access to these forbidden fruits, especially Google. The biggest obstacle is that you will need a working CDM. A working CDM is required and without it you are going nowhere. A working CDM consists of basically of three files : device_client_id_blob, device_private_key and device_vmp_blob (token.bin). If you think finding pywidevine is difficult, well finding a good device_private_key is even more so. Here is the scenario that adds to this difficulty. Google is monitoring the usage of the device_private_key and if their algorithms red flags the device_private_key as being abused, then that key is shut down. So, obviously, nobody wants to share. So how can the average joe get a working CDM? Well unless he knows someone who is willing to share then he is out of luck. Working CDMs are derived from android devices with widevine capability. Getting the private key from such devices requires skills beyond mine.

So now your odyssey has changed from finding a replacement for Tomer8007's program to that of finding a good CDM.

Now even if you have a good pssh, a good lic server, pywidevine and a good CDM you still need knowledge of python and the communications between the client (pywidevine) and the server (license server). This can be obtained via the F12 inspection of the web browser. You will need to note the header information and know how to apply it to the python program.

After considering all the obstacles before me, I have decided not to pursue this this quixotic adventure any further.