Support our site by donate $5 directly to us Thanks!!!
Try StreamFab Downloader and download streaming video from Netflix, Amazon!
Try StreamFab Downloader and download streaming video from Netflix, Amazon!
Closed Thread
Results 1,141 to 1,170 of 1969
-
Last edited by Silv3r; 27th Dec 2021 at 14:04.
-
I Have Started a new Thread to discuss Dumping L1 & L3 CDMS only: https://forum.videohelp.com/threads/404219-How-To-Dump-L3-CDM-From-Android-Device-s-%2...29#post2642515, we will only talk about Dumping L1 CDM's Privately and L3 CDM's Only, NO BULLYING ALLOWED ON MY THREAD Please and Only Discuss L1 & L3 CDM's Only
-
most of them tools dont work and L1 CDM Doesnt workOriginally Posted by Silv3r
-
Yea, I read up on VMP, but thanks.Originally Posted by EatThis
If you have insights to share, then please do. If you just have snarky comments, then keep them to yourself please.
-
I'm thankful, but wks has only worked for me with a couple of pagesOriginally Posted by lomero
this only. but this is a great toolOriginally Posted by filipino
-
Anything leaked is usually out of date and often needs knowlege on what changes need to be made to fix them. And yeah any leaked L1 is likely to die super fastOriginally Posted by Dannyboi
most of them tools dont work and L1 CDM Doesnt workOriginally Posted by Silv3r
-
i received cdm l3 key without any android device
just use virtualbox and android-tv iso lol
-
When I say this some may think I am talking rubbish but this is based on my own findings. On mutiltple Android devices I've noticed Amazon Prime just don't interact with the included L3 CDM when it's L1 has been revoked or the device does not have one. It appears to just use PlayReady, the Amazon Prime app probably have included binaries or code that allow it to use this DRM instead. This is not unsual because most Android devices are not manufactured with any PlayReady support or code but despite clearly stating on the license request body or response that is using PlayReady and an obvious data that is not found on a Widevine license request/response.Originally Posted by darkw4v3
- It's content cannot be parsed with Google photobuf.
- Android logs does not show the CDM being intialized.
- An erased device to factory default and only installed the Amazon Prime app without the Google Play does not even contact Google to provision the L3 CDM certificate and PK.
- if you inspect the traffic from the Amazon Prime app for Windows 10, which for obvious reasons would use PlayReady, it has the same license request structure.
Furthermore, the Amazon Music app does not use it either. It used an specific CDM that appears to be specially made for the Music app.
It could be the fact that all devices tested are rooted? Maybe, but until I find evidence it does use the L3 CDM included in the Android device and the fact all Android L3 license requests always fails, this seems like a more reasonable conclusion. Besides from Amazon point of view this makes sense, it's a software variant of the PlayReady DRM, possibly exposed to be broken anyway but is less exposed than Widevine L3.
You can always test and continue experimenting for the rest of us, but when it gets revoked and eventually stops working with the rest of the websites. You will know why.
-
Roge idiots like this are the reason why you should always keep your CDM private. Is no longer the reseller or the one that overshare it. But that one that is butthurt because can't learn how to use it and wants to ruin it for others. No real compelling reason to share one if you have one you've obtained yourself.Originally Posted by Silv3r
-
Member
- Jul 2005
- United States
I don't even know why anybody would share their own private CDM.Originally Posted by EatThis
Roge idiots like this are the reason why you should always keep your CDM private. Is no longer the reseller or the one that overshare it. But that one that is butthurt because can't learn how to use it and wants to ruin it for others. No real compelling reason to share one if you have one you've obtained yourself.Originally Posted by Silv3r
I only have L3s from my devices but I do have an L1 Device, but I know it's not easy to dump from it.
I know if I somehow did actually dump it, I'd have to keep it on a flash drive and lock it in a safe. I can't be sharing that, it's like having an extremely rare baseball card or something.
-
That's interesting. It's somewhat different that what I observed this afternoon on my android device. At least once, the AP app hit the same GetPlaybackResources endpoint that the browser based playback does - and it requested a WV license - without VMP. However, I couldn't reproduce that. None of the later attempts hit that endpoint. Moreover, when I hit that endpoint with the exact same headers and request, it is denied. So, not really sure why, but I don't really care at this point. Amzn doesn't have any content that I care about that can't be viewed elsewhere. Screw them.Originally Posted by EatThis
When I say this some may think I am talking rubbish but this is based on my own findings. On mutiltple Android devices I've noticed Amazon Prime just don't interact with the included L3 CDM when it's L1 has been revoked or the device does not have one. It appears to just use PlayReady, the Amazon Prime app probably have included binaries or code that allow it to use this DRM instead. This is not unsual because most Android devices are not manufactured with any PlayReady support or code but despite clearly stating on the license request body or response that is using PlayReady and an obvious data that is not found on a Widevine license request/response.Originally Posted by darkw4v3
- It's content cannot be parsed with Google photobuf.
- Android logs does not show the CDM being intialized.
- An erased device to factory default and only installed the Amazon Prime app without the Google Play does not even contact Google to provision the L3 CDM certificate and PK.
- if you inspect the traffic from the Amazon Prime app for Windows 10, which for obvious reasons would use PlayReady, it has the same license request structure.
Furthermore, the Amazon Music app does not use it either. It used an specific CDM that appears to be specially made for the Music app.
It could be the fact that all devices tested are rooted? Maybe, but until I find evidence it does use the L3 CDM included in the Android device and the fact all Android L3 license requests always fails, this seems like a more reasonable conclusion. Besides from Amazon point of view this makes sense, it's a software variant of the PlayReady DRM, possibly exposed to be broken anyway but is less exposed than Widevine L3.
You can always test and continue experimenting for the rest of us, but when it gets revoked and eventually stops working with the rest of the websites. You will know why.
Update: It looks like the one GetPlaybackResources hit came from Chrome, from a tab I had left open. This makes more sense, so your analysis is probably correct.Last edited by darkw4v3; 27th Dec 2021 at 20:49.
-
Exactly.Originally Posted by RedPenguin
I don't even know why anybody would share their own private CDM.Originally Posted by EatThis
Roge idiots like this are the reason why you should always keep your CDM private. Is no longer the reseller or the one that overshare it. But that one that is butthurt because can't learn how to use it and wants to ruin it for others. No real compelling reason to share one if you have one you've obtained yourself.Originally Posted by Silv3r
I only have L3s from my devices but I do have an L1 Device, but I know it's not easy to dump from it.
I know if I somehow did actually dump it, I'd have to keep it on a flash drive and lock it in a safe. I can't be sharing that, it's like having an extremely rare baseball card or something.
-
I think you may be confusing VMP with privacy mode. In Privacy Mode enabled the device information of the device get encrypted with the service certificate public key, so that only the streaming service can see it. Is is used on L1 devices and Google Chrome for obvious reasons, part of Chrome license request preparation when using privacy mode vmp goes into this preparation. Android devices will L3 do not use privacy mode and generally is just a license request. As ive mentioned vmp is only used on Chrome, Amazon may even allow a license request without using it in a Chrome CDM but will be limited to SD keys.Originally Posted by darkw4v3
And that is what I 100% agree Amazon hardly has anything interesting, if there is, other places already make the content available anyway.
-
I am curious if the poster of that "new GH repo" has this figured out. I haven't been able to decompile the pyc files back to source. They're using an obfuscation I haven't been able to identify yet. There is a license request module or class defined specifically for AP, so it has me curious. But also me: screw them. haha
-
Yeah, lack of interesting content really does not motivate enough to bother with it.Originally Posted by darkw4v3
-
He leaked it because it was already leaked and blacklisted on some services.Originally Posted by RedPenguin
I don't even know why anybody would share their own private CDM.Originally Posted by EatThis
Roge idiots like this are the reason why you should always keep your CDM private. Is no longer the reseller or the one that overshare it. But that one that is butthurt because can't learn how to use it and wants to ruin it for others. No real compelling reason to share one if you have one you've obtained yourself.Originally Posted by Silv3r
I only have L3s from my devices but I do have an L1 Device, but I know it's not easy to dump from it.
I know if I somehow did actually dump it, I'd have to keep it on a flash drive and lock it in a safe. I can't be sharing that, it's like having an extremely rare baseball card or something.
But now it's partially revoked.discord=notaghost9997
-
Interesting. I'll try this after New Year when I have more time on my hands.Originally Posted by lazyman
Anyone else cares to try this, or elaborate more and say if it's successful?
-
Originally Posted by [ss]vegeta
Interesting. I'll try this after New Year when I have more time on my hands.Originally Posted by lazyman
Anyone else cares to try this, or elaborate more and say if it's successful?
I'll give it a try. Where did the ISO come from?
-
I don't know, but prolly the first Google result from XDA with a link to Mega will suffice.Originally Posted by crusr4
-
Yeah, that was the one I was going to try. Just wanted to check if there was a specific one I should get.Originally Posted by [ss]vegeta
I don't know, but prolly the first Google result from XDA with a link to Mega will suffice.Originally Posted by crusr4
-
any one can share L3 CDM with me
i will keep it safe, no public
i need it only for shahid.net
-
Hello, can anyone help me with this? I added the headers to headers.py file:
-
Open l3.py and put ### on the lines that I have put ###.Originally Posted by PanMarSag
Hello, can anyone help me with this? I added the headers to headers.py file:
Don't get confused by the three ### because I commented out like that just so I can differentiate between what I commented out, and was commented out before me, in case I broke something.
[Attachment 62594 - Click to enlarge]
Also, when lic.drmtoday is used for license URL, you have to add ?specConform=true at the end.
-
Now when i execute l3.py this appears:
Here's the headers.py file:
-
Eh, probably the code needs more editing because of json data.Originally Posted by PanMarSag
Or maybe you can try getting the WHOLE headers result from curlconverter.com
-
But in which language do i convert from the curl? I converted curl to Python and it's the same.Originally Posted by [ss]vegeta
-
Python.Originally Posted by PanMarSag
Anyway, I just tried with "my" version of Pywidevine and I was successful at getting keys from my local HBO go.
Widevine_keys also succeded.
Contact me on Discord and give me access to your local HBO. I would really like to see if I can get keys without editing anything.Code:Input MPD URL: https://akamaicdn.hbogo.eu/d8f40cb8-efa8-5f23-7214-5f3f073a5cc1_m116992_hbo/COMP/139161193_adr_comp_0cc2c364-5dba-4f1c-96f9-5640f98f5bbb_3400000_v2.ism/manifest License URL: https://lic.drmtoday.com/license-proxy-widevine/cenc/?specConform=true Unable to find PSSH in MPD: 'MPD'. Edit getPSSH.py or enter PSSH manually: AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEK+fQshJD8DFvrmDgCWpJwY= PSSH obtained. AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABISEK+fQshJD8DFvrmDgCWpJwY= license response status: <Response [200]> KID:KEY -> af9f42c8490fc0c5beb9838025a92706:08eb62fea9f18c2ea35ef3d5ea497e67
-
I tried drm dumper with my redmi phone(Android 9 rooted). Unluckily, I got only keyboxes dumped. DRM info showed L3 OEM API 13 ,can anyone help me to get the private key ? thanks.
-
...
Last edited by kk4050160; 28th Dec 2021 at 09:41.
-
If you are using this version https://github.com/medvm/widevine_keysOriginally Posted by PanMarSag
Hello, can anyone help me with this? I added the headers to headers.py file:
in headers.py,
Paste the converted curl
After paste this,
# params inserted below will be passed to data-raw
token = 'PFYtFSqWMYIROJYywBp0rbKvpD3z6N6E6UezNrZmCeKHkcJ5B iH4J8qwO0kfWOmrSsyFJMg9OqKKEwvuQiXL4qdDTa6ZYplNV9I Qt6eEuveglDxjVlYd0vAecS5TZKn5mIs01YxcYNlTC7tu3BIk6 3JhMykMWEMmj1oEqaLa7N3ZrfU2VTlEPaWXBQV6PxnFeD022Yi 298GOX/lDik7sXt5u4duT0aKIYbz0HPmjoh8b9Uy8bvzJUa0/SlgRcsW8RNTNjRJHM6N7BESCBGFEZcWoSXeDLEblEfRoBKro2i DGB1neLfRdY1fj7tJX1Rn9lj+OJwRTrBV4XoTQFuSsFwvYCeQf kAoRHXnze9njI5pY7sYgIGxuM4Zh3Wqaps6kxdO53QMm0jJ/L41X6r5CikSGKQ3Rcps8eQccZb9svEuyXMof2nm+eYL+AVPPrf mAf/BrmUHfiuF9CmNsF9pI7PjJfLeASmh3KDI/5gUuC4uJB7rjTzHVWNRz8MSvYjJ37/5V9+FTihpu04+0jFZ1AlGRks2dzk2IGvm5WcwUhsW2l/oQXlh7AgsksIl2DT0wH11WeG+h1/ijymMcG9AZzsxtkC53eLJ8bl55/Aag0TJfX4N6KvV7UhglXxkLifb06bLK/wlcGCfb01b4cnngcjPJEMxh2+Q7sJSnbyrtsfodzNah8JXITmx 5kTkFFZkdtga1ha9jAb+Z40VMQfbrCLgh0GEe2G3VczcIt8QHA WAeS91TkzLbMRAugbgLvdbI8yQXtM15uo+TXrV4PNFprug33An vnQu7IpNxlmgPMZhEn4Qqc/V++OFIpz/JYEMnLFvjYcXE2+sPc4uKnoE0xk33+IgZKtWtDhxRg2SJKyKOY xXucXybUuqPP/d+Nq1VNhD84Of+EfVvBjs1u75pNz/kmu5ms9ppRMkafq0/2311hbYi6VXmp6AeJweGJWkGKEFxw7xADuC8iM7xWnXW5aiNvh bsXBOwuTK8b2ioxjrg6OFhiMck+z9M5FHg+ktY7YB8iY+0V6B/Op2cQGtLaZ2E9lsomlQpxL+LiPI7UWEqmALEGH/Pk5tdLnlFRjEk2PPc8YURw+/nkP9tqJ/AXQwaXc9iwC5yxlYPCsp/Tc4='
provider = 'kakaotv'
releasePid = "_qVpiY31v_oU"
As an example headers.py must be like this
headers = {
'authority': 'license.pallycon.com',
'pallycon-customdata-v2': 'eyJkcm1fdHlwZSI6IldpZGV2aW5lIiwic2l0ZV9pZCI6IklOS 0EiLCJ1c2VyX2lkIjoicHR6NGMwNmgiLCJjaWQiOiJiaWdidWN rYnVubnkiLCJwb2xpY3kiOiIwNDV5ejUvK3BKbGpBWXRWYWpXZ jlWd2c1MTFHekdtcTUrV1V4Y29JOHg4OHhkWHdFQnNvQW1HZHV oWkF6UXU2ZDQ4M3dpaXJOS0tVOWtpenRDRmRnUT09IiwicmVzc G9uc2VfZm9ybWF0Ijoib3JpZ2luYWwiLCJ0aW1lc3RhbXAiOiI yMDIxLTEyLTI3VDEwOjU4OjU5WiIsImhhc2giOiJKOFBOTFVoY UdsRTNTdXpaY3laM3BVUzJFYkJxSEI1WGR2dVhhK0xyNDBzPSI sImtleV9yb3RhdGlvbiI6ZmFsc2V9',
'sec-ch-ua-mobile': '?0',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36',
'sec-ch-ua-platform': '"Windows"',
'sec-ch-ua': '"Google Chrome";v="95", "Chromium";v="95", ";Not A Brand";v="99"',
'accept': '*/*',
'origin': 'https://sample.pallycon.com',
'sec-fetch-site': 'same-site',
'sec-fetch-mode': 'cors',
'sec-fetch-dest': 'empty',
'referer': 'https://sample.pallycon.com/',
'accept-language': 'en-US,en-GB;q=0.9,en;q=0.8',
}
# params inserted below will be passed to data-raw
token = 'PFYtFSqWMYIROJYywBp0rbKvpD3z6N6E6UezNrZmCeKHkcJ5B iH4J8qwO0kfWOmrSsyFJMg9OqKKEwvuQiXL4qdDTa6ZYplNV9I Qt6eEuveglDxjVlYd0vAecS5TZKn5mIs01YxcYNlTC7tu3BIk6 3JhMykMWEMmj1oEqaLa7N3ZrfU2VTlEPaWXBQV6PxnFeD022Yi 298GOX/lDik7sXt5u4duT0aKIYbz0HPmjoh8b9Uy8bvzJUa0/SlgRcsW8RNTNjRJHM6N7BESCBGFEZcWoSXeDLEblEfRoBKro2i DGB1neLfRdY1fj7tJX1Rn9lj+OJwRTrBV4XoTQFuSsFwvYCeQf kAoRHXnze9njI5pY7sYgIGxuM4Zh3Wqaps6kxdO53QMm0jJ/L41X6r5CikSGKQ3Rcps8eQccZb9svEuyXMof2nm+eYL+AVPPrf mAf/BrmUHfiuF9CmNsF9pI7PjJfLeASmh3KDI/5gUuC4uJB7rjTzHVWNRz8MSvYjJ37/5V9+FTihpu04+0jFZ1AlGRks2dzk2IGvm5WcwUhsW2l/oQXlh7AgsksIl2DT0wH11WeG+h1/ijymMcG9AZzsxtkC53eLJ8bl55/Aag0TJfX4N6KvV7UhglXxkLifb06bLK/wlcGCfb01b4cnngcjPJEMxh2+Q7sJSnbyrtsfodzNah8JXITmx 5kTkFFZkdtga1ha9jAb+Z40VMQfbrCLgh0GEe2G3VczcIt8QHA WAeS91TkzLbMRAugbgLvdbI8yQXtM15uo+TXrV4PNFprug33An vnQu7IpNxlmgPMZhEn4Qqc/V++OFIpz/JYEMnLFvjYcXE2+sPc4uKnoE0xk33+IgZKtWtDhxRg2SJKyKOY xXucXybUuqPP/d+Nq1VNhD84Of+EfVvBjs1u75pNz/kmu5ms9ppRMkafq0/2311hbYi6VXmp6AeJweGJWkGKEFxw7xADuC8iM7xWnXW5aiNvh bsXBOwuTK8b2ioxjrg6OFhiMck+z9M5FHg+ktY7YB8iY+0V6B/Op2cQGtLaZ2E9lsomlQpxL+LiPI7UWEqmALEGH/Pk5tdLnlFRjEk2PPc8YURw+/nkP9tqJ/AXQwaXc9iwC5yxlYPCsp/Tc4='
provider = 'kakaotv'
releasePid = "_qVpiY31v_oU"
View Profile
View Forum Posts
Visit Homepage
![[ss]vegeta's Avatar](customavatars/avatar177118_5.gif){kind=avatar}
Similar Threads
-
Strip Playready and Widevine DRM
By freaknik in forum Video Streaming DownloadingReplies: 5Last Post: 22nd Jun 2024, 15:20 -
Decoding manifest.mpd (Widevine)
By WaitForIt in forum Video Streaming DownloadingReplies: 6Last Post: 7th Jun 2021, 13:44 -
getting widevine CEK key
By netbreak in forum Video Streaming DownloadingReplies: 1Last Post: 19th Feb 2018, 12:03 -
Looking for anyone with Google Widevine knowledge.
By cookeri6 in forum Newbie / General discussionsReplies: 1Last Post: 15th May 2017, 13:33 -
Looking for anyone with Google Widevine knowledge.
By cookeri6 in forum Video Streaming DownloadingReplies: 0Last Post: 15th May 2017, 12:45