Decryption and the Temple of Doom

[A_n_g_e_l_a]

Notes on my journey to get a working Content Decryption Module (CDM) and decrypting videos

Well, that was how it started out in March 2022, but things change and many edits later this has morphed into a how-to

If you wish to read the original post, it is archived here https://forum.videohelp.com/threads/414908-Now-out-of-date-Archived-for-reference

This post is the first in what has become a series about decrypting internet streamed videos 'Decryption: The Temple of Doom'
'Decryption: The Dungeon of Despair' and Decryption: The Last Crusade
The information herein is not original to me, but culled from experts in this forum and elsewhere, as I have made a journey from a confused and bewildered newbie to a confused and bewildered 'oldie' but now being able to download a few videos. I have no experience of getting the stuff behind pay-walls, but the principles of encryption and decryption are much the same everywhere.

New methods and scripts have become available to make the whole process of grabbing videos easier; hence this rewrite.

This post deals with:

1. Obtaining a Content Decryption Module from a working Android Device
2. Downloading and decrypting media streams so they become playable

A Content Decryption Module contains a Client_Id, that says what the device is and its capabilities are and it contain a public key certificate., The CDM also has a Private-Key. The process of key exchange is similar to that of Secure Shell (ssh) type of communication where public keys are shared and used to encrypt data for passing on to be decrypted by a private-key. Think of the Client_Id as being the public key. A python module or collection of scripts wraps up a video stream identifier (pssh) with your client_Id and sends it to license server on the content-providers network. The license server reads the pssh and client_id and uses your client_Id to encrypt data to respond to your request. Pywidevine takes your private key and decrypts the message to deliver decryption keys. The CDM public/private_key pair are unique and indispensable.

If you have picked up a CDM from one of the many give-aways dotted around this website, then jump to the Decrypting section. If you wish to liberate your own then continue here. In the following I can only assume you have a rooted or pre-rooted device - if not go to xda-developers.com and find out how to root your device.

Obtaining a Content Decryption Module from a working Android Device - Real or Virtual
This section is relevant if you have an unlocked and rooted physical OR virtual Android device

Note if you do not have access to a physical device then a virtual device can also be made to give up its CDM see Dumping-Your-own-L3-CDM-with-Android-Studio"
The method is newly described here, since June 2024, and easier that that described at Dumping-Your-own-L3-CDM-with-Android-Studio - although by all means use that to set-up a virtual Android device.

The method of extracting your own CDM has changed for the better since the advent of KeyDive > https://github.com/hyugogirubato/KeyDive which uses Magisk modules to run Frida scripts on your phone or Android device. Using Magisk saves your time and effort. Using keydive ensures the python script, javascript and Frida all work in well-timed harmony.

• Install Magisk to your Android Device

Frida-server is software that runs on the device, phone, tablet or TV-box and intercepts certain functions that run on the device while decrypting and playing a video.
Magisk is way of giving ADB root permissions on your Android device and hosting special software- and you surely have it already - otherwise, why are you here?. See xda-developers on how to root your device if not rooted already. When you've done that install magisk.apk from here https://github.com/topjohnwu/Magisk/releases/tag/v27.0

Once installed find 'settings' in the Magisk App and select 'Superuser Access' and set it to 'Apps and ADB'. Then reboot your device.

• Install keydive to your PC

With your rooted phone, tablet or TV-Box, now is the time to follow instructions at https://github.com/hyugogirubato/KeyDive/blob/main/README.md. It will dump a Client iD and Private Key, (a CDM), from any Android device, up to and including Android 14 at the time of this edit. Although Android 14 may need extra files to be pulled off the phone and analysed using Ghidra, https://github.com/NationalSecurityAgency/ghidra

But before we do that make sure you also install the python module, 'frida', to your PC so keydive has access.

Code:

pip install frida

The guide to CDM extraction given at KeyDive on Github is full and comprehensive and copes with most situations. I've extracted a CDM from a google Pixel 6a running Android SDK34 (Android 14) .
Download the latest version of Keydive https://github.com/hyugogirubato/KeyDive/releases
Read installation documents https://github.com/hyugogirubato/KeyDive/blob/main/README.md
Find modules Keydive needs installed as Magisk modules: see here https://github.com/hyugogirubato/KeyDive/blob/main/docs/PACKAGE.md#liboemcrypto-disabler

You need to install magiskFrida as a module to your phone so download the linked latest release as a zip and

Code:

adb push file.zip /sdcard/

In magisk on your device select modules , 'Install from storage' locate the zip and install. If you think you need liboemcrypto_disabler install that too, following a similar process.
Your phone will now have this:-

[Attachment 79649 - Click to enlarge]

Use KeyDive to extract a CDM from your device

Note deviceID below is the adb ID that gets printed if you issue the command

Code:

adb devices

while adb is connected to your device

To run keydive

Code:

python keydive.py -a -d <deviceID> -w

The -a switch tells keydive to automatically open your phone browser and load the bitmovin.com/demos/drm page.

The -w switch asks keydive to produce a WideVine Descriptor file (wvd) this file may be linked to in any script that uses pywidevine, (a python module to get keys), and is a compact way of accessing your newly liberated Content Decryption Module.

Once you have a device.wvd file, (your CDM), name it something short and simple and save it somewhere safe on your system; you wlll link to it from scripts.

if your device is running Android SDK 34 you will need to use ghidra decompiler to produce a functions.xml file ot look here to see if your device has a functions file posted https://forum.videohelp.com/threads/414789-KeyDive-Beyond-Android-SDK-33

And that is it you now should have a working CDM in the form of a ClientId and Private_key.pem tucked away in devices at the root of the Keydive folder. Since the WVD is shorthand for both ClientID and Private_key.pem - you will be unlikely to use these directly again. But keep them to re-create the WVD if ever it gets deleted by mistake.


Decryption

This section shows how to use your new found CDM
There are two ways you will see referenced to get keys; using WKS-KEYS or Pywidevine. Any scripts you may find will use one or the other. However please regard WKS-KEYS as historic and replaced by pywidevine.

It is pywidevine that uses the wvd file you have saved. If you haven't yet created a wvd file then see below in the annex and then return here.

Open Firefox or Chrome and navigate back to https://bitmovin.com/demos/drm and open web developer tools (ctrl+shift+c) and click on the network tab

In the Network tab filter bar, filer for mpd

Play the video on the site - you may need to ctrl+R to refresh the page before you see a single entry.
In the left hand panel click on url and select copy URL - (see image below)
Paste the url in a new tab in your browser Firefox or Chrome and a small file will be downloaded. Click on the file from the browser and it will open in Chrome.

The mpd file is a Media Presentation Description which has details to access the media.

[Attachment 79675 - Click to enlarge]

Code:

curl https://bitmovin-a.akamaihd.net/content/art-of-motion_drm/mpds/11331.mpd

it will print to your command window, look for <cenc : pssh> and text starting with AAAA to </cenc : pssh> Copy it. (extra spaces in cenc ~ pssh to avoid unwanted smiley faces!! )

The license server is the place we send an encrypted message containing the pssh and details of our wvd. The compiled data is called a challenge. When the pywidevine module receives a response, it is an encrypted message and it needs the CDM to decrypt it.

To find the license URL click on the network tab, then in the filter URLs: type in method:POST. Under the 'domain' look for the licensing server, in this case it's https://cwip-shaka-proxy.appspot.com/no_auth right click on this value and copy value -> copy URL and paste this for later reference.

Now we have everything we need, let's go ahead and run script to obtain keys.

keydive produced a file ending 'wvd' in a folder beneath devices - may be quite a long path. Go down through the folders and copy the wvd file to a more accessible place and rename as you wish to indicate which device it came from; make sure to have the wvd extension.

To find keys from simple sites that need no headers or extra data and uses bytes for sending data we may use a feature of pywidevine.

Code:

 pywidevine license -t STREAMING /<full or relative path to your>/device.wvd   PSSH License_URL

results in 5 sets of keys being returned one set for each of the screen resolutions offered by bitmovin

[Attachment 79679 - Click to enlarge]
Remember this; for simple sites it it a quick and easy way to get keys.

Practice Download of Video; Getting Keys and Decrypting

This Irish site - mainly Gaelic language - is easy for beginners - and is reported as available from Europe and the USA and I expect everywhere.
To get your own keys for the first time, I suggest you look at https://tg4.ie - it is the most simple real site I know. Select any video and play Hold both crtl and shift while pressing C to open the web-developer tools for your browser (firefox or chrome)

Now you can still interact with the screen while filtering and intercepting web-traffic. Filter for mpd see here by going to the network tab and adding mpd to the filter.

[Attachment 79625 - Click to enlarge]
Click on the url and save it. The mpd (Media Presentation Description) file that has data for the browser to read and download the video in fragments.

It looks like this (now out of date) mpd

Code:

https://manifest.prod.boltdns.net/manifest/v1/dash/live-baseurl/bccenc/1555966122001/38dfe47f-f6c1-45d0-933c-affb932deaac/6s/manifest.mpd?fastly_token=NjY4NDIzYmRfNGFkMGE4ZDdjY2IxOTEwZjFhNDJjMmYyYjAyOWYzMjg2YTRlY2I0ZjAzMWI0Yjg5MTE5MzgxZTdlNzE0N2YzMw%3D%3D

Use one of the methods described above and search for the pssh starting 'AAAA' and copy it. I prefer curl from the command line
The mpd file will usually list a pssh and sometimes a license url. The license url may be found by filtering the network traffic for 'lic' Choose the filter in web developer tools (ctrl+shift+c) to be method:POST


[Attachment 79627 - Click to enlarge]

You will need to save TWO things for certain and MAYBE THREE:

1. PSSH
2. The License URL, and possibly, for more complex sites
3. The cURL of the license

But, for now with the tg4.ie practice-site, we only need PSSH and License URL.

Downloaded the video with a modern down-loader:- N_m3u8DL-RE found at https://github.com/nilaoda/N_m3u8DL-RE/releases :-
Unpack the binary and give it execute permissions (chmod +x <filename>) and make sure the binary is in your system's PATH

So here is the sequence:-

1. Site URL
   
   Code:

   https://www.tg4.ie/en/player/online-boxsets/play/?pid=6281115686001&series=An%20Cuan&genre=Faisneis

2. MPD - describes the media and how to get it.
   Developer Tools (F12 in your browser) select Network tab and enter 'mpd' in the filter box. Then start the video. Copy the url. It will look similar to this, BUT DO NOT USE THIS ONE, get a fresh copy. as it carries a token, which needs to be fresh each use.
   
   Code:

   https://manifest.prod.boltdns.net/manifest/v1/dash/live-baseurl/bccenc/1555966122001/982ce523-a4b1-4a94-91c6-c7a9a8b082f8/6s/manifest.mpd?fastly_token=NjNlNjNlYzhfN2YyY2QxMGFjMzMzMDY0ZGE2ZjFiYzY3ZDViMzI3YmQxMjM0ZWVhMzgyMjVkNmY1YzE0NzJlNDUwMGUyNTg1NA%3D%3D

3. PSSH found by inspecting the contents of mpd. Network tab - filter on 'mpd' click on the link and look under 'Response' for a string starting AAAA
   
   Code:

   AAAAVnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAADYIARIQ8hNTzeGOTayckD5Lc4sBSBoNd2lkZXZpbmVfdGVzdCIIMTIzNDU2NzgyB2RlZmF1bHQ=

   PSSH remains the same for this media.
4. License URL - found by filtering on 'lic' in Network tab of Developer Tools carries a token which needs to be fresh each use. It looks similar to this - BUT DO NOT USE THIS ONE, get a fresh copy.
   
   Code:

   https://manifest.prod.boltdns.net/license/v1/cenc/widevine/1555966122001/982ce523-a4b1-4a94-91c6-c7a9a8b082f8/f21353cd-e18e-4dac-9c90-3e4b738b0148?fastly_token=NjNlNGRjNDhfMzJmMTZhMWVmMmVlYTM1OTdmZTk4NjI0ZTI1M2E5ODYzZTY0NDAyOGEwZTc5MzVhYzkyZDNkZGNmNmY4OWJiNA%3D%3D

5. Download encrypted files:
   [code]
   Code:

   N_m3u8DL-RE <your MPD url found at item 2>  --save-name encrypted

6. Individually decrypt the audio and video streams using mp4decrypt and the keys you have just obtained!
   
   Code:

   mp4decrypt --key f21353cde18e4dac9c903e4b738b0148:e564eb646db649ea07e85700765d2349  <encrypted.mp4>  <myvideo.mp4>

   Code:

   mp4decrypt --key f21353cde18e4dac9c903e4b738b0148:e564eb646db649ea07e85700765d2349  <encrypted.m4a>  <myaudio.m4a>

7. Merge audio and video with ffmpeg
   
   Code:

   ffmpeg -i myvideo.mp4 -i myaudio.m4a -vcodec copy -acodec copy myWatchableMovie.mp4

When you have digested the above and got your CDM, tried a few keys, The Dungeon of Despair awaits your pleasure!! And is that isn't enough for you then Downloading-and-Decryption-on-your-Android-Phone might occupy your mind for a while.

Annex:
Running python scripts in a special Python environment.

Python has a problem. After lots of script downloads and installing all the necessary module or extra libraries to make the script run you can arrive at a situation where one script needs a 'pip install mybigmodule==10.2.21' but you have another script on your system that must use mybigmodule<=9.5.0. So if you follow the direction for one script it stops the other from working.

The solution is to create a named python virtual environment (venv) in which to run the first script and another named virtual environment to run second, etc. NOTE: Most all operating systems now enforce the use of a virtual python environment. But each would require its own Terminal Session. I.e. one env would not know of the other.

### General Considerations
1. **Activation**: The venv needs to be activated in each terminal session where you want to use it. This involves running a specific activation script that sets up the environment for that session.
2. **Path to the venv**: When the venv is activated, it modifies the `PATH` environment variable to point to the venv's `bin` or `Scripts` directory, where the Python executable and installed packages reside.

### Operating System-Specific Details

#### Windows
- **Activation**: Typically, you activate a venv with the command:

Code:

  .\venv\Scripts\activate

- **Usage**: Once activated, you can use the venv from any directory. You can open a terminal, navigate to any folder, and run the activation script to start using the venv.

#### macOS and Linux
- **Activation**: You activate a venv with the command:

Code:

  source venv/bin/activate

- **Usage**: Similar to Windows, after activating the venv, you can use it from any directory. You can open a terminal, navigate to any folder, and run the activation script to start using the venv.

### Practical Workflow
1. **Create the venv**:

Code:

   python -m venv /path/to/new/venv

Replace `/path/to/new/venv` with the desired path.

2. **Activate the venv**:
- On Windows:

Code:

     .\path\to\new\venv\Scripts\activate

- On macOS and Linux:

Code:

     source /path/to/new/venv/bin/activate

3. **Using the venv**:
Once activated, you can navigate to any directory and use Python and pip commands within the context of the venv.

### Example Workflow

1. Create a venv in `~/my_project/venv`:

Code:

   python -m venv ~/my_project/venv

2. Activate the venv:
- On Windows:

Code:

     .\my_project\venv\Scripts\activate

- On macOS and Linux:

Code:

     source ~/my_project/venv/bin/activate

3. Navigate to another directory and use the venv:

Code:

   cd ~/another_project
   python -m pip install requests

'venv' is the process to create a new environment and 'env' is the name of the environment; it is a folder. Each large python suite of scripts would best have its own env. So good practice would be create a folder for those scripts 'UKTV' for example inside UKTV create an env folder to contain all the new python moules you'll be using. Then unpack your scripts here too so for example the folder UK-FTA.

So now your folder UKTV contains the basic python modules your scripts will need. Extras - like mybigmodule==20.0.0 can now be installed and will only be seen locally is this folder structrure

Code:

.
└── UKTV
    ├── env
    │** ├── bin
    │** ├── include
    │** │** └── python3.12
    │** ├── lib
    │** │** └── python3.12
    │** │**     └── site-packages
    │** │**         ├── pip
    │** │**         │** ├── _internal
    │** │**         │** │** ├── cli
    │** │**         │** │** ├── commands
    │** │**         │** │** ├── distributions
    │** │**         │** │** ├── index
    │** │**         │** │** ├── locations
    │** │**         │** │** ├── metadata
    │** │**         │** │** │** └── importlib
    │** │**         │** │** ├── models
    │** │**         │** │** ├── network
    │** │**         │** │** ├── operations
    │** │**         │** │** │** ├── build
    │** │**         │** │** │** └── install
    │** │**         │** │** ├── req
    │** │**         │** │** ├── resolution
    │** │**         │** │** │** ├── legacy
    │** │**         │** │** │** └── resolvelib
    │** │**         │** │** ├── utils
    │** │**         │** │** └── vcs
    │** │**         │** └── _vendor
    │** │**         │**     ├── cachecontrol
    │** │**         │**     │** └── caches
    │** │**         │**     ├── certifi
    │** │**         │**     ├── chardet
    │** │**         │**     │** ├── cli
    │** │**         │**     │** └── metadata
    │** │**         │**     ├── colorama
    │** │**         │**     │** └── tests
    │** │**         │**     ├── distlib
    │** │**         │**     ├── distro
    │** │**         │**     ├── idna
    │** │**         │**     ├── msgpack
    │** │**         │**     ├── packaging
    │** │**         │**     ├── pkg_resources
    │** │**         │**     ├── platformdirs
    │** │**         │**     ├── pygments
    │** │**         │**     │** ├── filters
    │** │**         │**     │** ├── formatters
    │** │**         │**     │** ├── lexers
    │** │**         │**     │** └── styles
    │** │**         │**     ├── pyparsing
    │** │**         │**     │** └── diagram
    │** │**         │**     ├── pyproject_hooks
    │** │**         │**     │** └── _in_process
    │** │**         │**     ├── requests
    │** │**         │**     ├── resolvelib
    │** │**         │**     │** └── compat
    │** │**         │**     ├── rich
    │** │**         │**     ├── tenacity
    │** │**         │**     ├── tomli
    │** │**         │**     ├── truststore
    │** │**         │**     ├── urllib3
    │** │**         │**     │** ├── contrib
    │** │**         │**     │** │** └── _securetransport
    │** │**         │**     │** ├── packages
    │** │**         │**     │** │** └── backports
    │** │**         │**     │** └── util
    │** │**         │**     └── webencodings
    │** │**         └── pip-23.3.2.dist-info
    │** └── lib64 -> lib
    └── UK-FTA
        ├── Downloads
        │** └── Finished
        │**     └── RakutenTV
        ├── ukfta
        │** ├── bbc_dl
        │** ├── c4_dl
        │** │** └── tmp
        │** ├── configs
        │** ├── itv_dl
        │** ├── my5_dl
        │** │** └── keys
        │** ├── stv_dl
        │** ├── tmp
        │** ├── tptvencore
        │** └── uktvp
        └── WVD

'venv creates a folder env there it stores all the 'extra' modules you download to run a script. If you no longer want the environment - just delete the 'env' folder.

### Summary
You are not confined to the folder where the venv was created. You can activate and use the venv from any directory. The activation process is slightly different across operating systems, but the general principle remains the same.

Now following the above method you can create as many enviroments as needed to keep each library of scripts safely apart from each other on your system.

Just remember to start the necessary environment before running your script.

Create a wvd file by hand from ClientID and Private-key.pem

Code:

pywidevine create-device -k device_private_key  -c device_client_id_blob -t ANDROID -l3 -o WVD

for me it responded

/home/angela/Programming/WKS-KEYS/pywidevine/L3/cdm/devices/emulator_1/WVD/google_aosp_on_ia_emulator_14.0.0_d6xxxxx4_l3.wvd

[Attachment 74182 - Click to enlarge]
It works the same on linux and Windows

Now when you wish to run a script that does not use WKS-KEYS you activate the environment pywidevine is installed in and install any scripts plus its required modules. They are functionally separate from anything outside the env(iroment).
Most scripts that use a wvd file to access your key and blob will need to know its location.

Mine now looks like this for an emulator key/blob /home/angela/Programming/WKS-KEYS/pywidevine/L3/cdm/devices/emulator_1/WVD/google_aosp_on_ia_emulator_14.0.0_d6ixxxxxx64_l3.w vd

Now you need an l3.py to use for simple keys. It is a python program. It runs from the command line. At first run it will complain of missing modules, unless you have used python scripts before.

Code:

(python -m) pip install pywidevine httpx

should do. If not read the error message and use pip to install any other missing modules. (some systems may need python - m before the pip command.

Before using the program you need to know briefly of 'headers' . In any http comunication there is the html of the message but also meta-data that passes between client and server it is contained in section called headers.
The may look like this or be more complex.

Code:

headers = {
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0',
 'Accept': '*/*', 'Accept-Language': 'en-GB,en;q=0.5', 'Accept-Encoding': 'gzip, deflate, br, zstd', 
'Access-Control-Request-Method': 'POST',
 'Access-Control-Request-Headers': 'content-type', 
'Referer': 'https://uktvplay.co.uk/', 
'Origin': 'https://uktvplay.co.uk',
 'DNT': '1', 'Connection': 'keep-alive', 
'Sec-Fetch-Dest': 'empty', 
'Sec-Fetch-Mode': 'cors', 
'Sec-Fetch-Site': 'cross-site', 
'Priority': 'u=4', 'TE': 'trailers'
}

to run the code below you will need a headers file. And the best way to get one is to copy the 'license url as cURL' an paste to curlconverter .com as above in the last image. For simple sites just copy "headers = { ...... } and save it to a file in the same folder called headers.py. It gets imported into l3.py below.

[Attachment 79837 - Click to enlarge]
Copy similar headers as highlighted in to your headers.py

l3.py

PHP Code:

import logging
from pywidevine.cdm import Cdm
from pywidevine.device import Device
from pywidevine.pssh import PSSH
import httpx

logging.basicConfig(level=logging.DEBUG)
logger = logging.getLogger(__name__)

WVD_PATH = "/home/angela/Programming/WKS-KEYS/device.wvd"
from headers import headers

def get_key(pssh, license_url):
    logger.debug("Loading device...")
    device = Device.load(WVD_PATH)
    cdm = Cdm.from_device(device)
    session_id = cdm.open()
    logger.debug("Session opened...")

    challenge = cdm.get_license_challenge(session_id, PSSH(pssh))
    response = httpx.post(license_url, data=challenge, headers=headers)
    cdm.parse_license(session_id, response.content)

    keys = []
    logger.debug("Retrieving keys...")
    for key in cdm.get_keys(session_id):
        logger.debug(f"Key found: {key.kid.hex}:{key.key.hex()}, Type: {key.type}")
        if key.type == 'CONTENT':
            keys.append(f"--key {key.kid.hex}:{key.key.hex()}")

    cdm.close(session_id)
    logger.debug("Session closed...")
    return "\n".join(keys)

if __name__ == "__main__":
    pssh_str = input("PSSH? ")
    lic_url = input("License URL? ")
    result = get_key(pssh_str, lic_url)
    logger.debug("Result:")
    print(result) 


That's all I know!

Please follow netiquette and ask your questions here in this thread, so all may benefit.

Some 18 months after posting this my python coding has improved to the extent I can now produce AIO single, series or part-series down-loaders with a site search function.

https://forum.videohelp.com/threads/411884-UK-Free-to-Air-Downloader
https://forum.videohelp.com/threads/412382-More-Android-Phone-Stuff

And Finally
A noobs starter pack. This contains a script that will download anything encrypted with Widevine. Use it wisely
https://files.videohelp.com/u/301890/hellyes2.zip

For more detail of the Widevine to help you understand the process see 'Decryption: The Dungeon of Despair'

[lomero]

wow great discover ...

better late than never

[cimbor]

Did you try using Netflix? I made first attempts with bitmovin demos in Chrome and using amazon app on some boxes and phones with no result, but using Netflix succeeded quickly.

Enviado desde mi Redmi Note 4 mediante Tapatalk

[A_n_g_e_l_a]

better late than never

Late? It was perfectly on time for me, Sunshine

[A_n_g_e_l_a]

Did you try using Netflix? I made first attempts with bitmovin demos in Chrome and using amazon app on some boxes and phones with no result, but using Netflix succeeded quickly.

Enviado desde mi Redmi Note 4 mediante Tapatalk

No. Just bitmovin..

[A_n_g_e_l_a]

Yikes!

I have just used my cdm in the defunct narrowvine-reborn and it only bloody works!!! Off to watch some videos..

[[ss]vegeta]

Eventually when I tried to decrypt keys I got an error about the key length being wrong. Some WiseHead wrote in their experience it was because the CDM was not working --- uurgh!!

Now, who would that be?

Off to watch some videos..

The videos can be watched anyhow.
That's not the actual joy

Also, excellent detailed write-up, thanks for sharing.

[A_n_g_e_l_a]

Now, who would that be?

Why you of course! I've learnt a lot; thanks so much!

[zeosle]

Thanks for documenting, in detail. Important for future reference, when needed.

[gnodde]

just wanted to say, great write up

[k2000]

widevine reborn does not decrypt even with an Android CDM L3.My can download .

[A_n_g_e_l_a]

widevine reborn does not decrypt even with an Android CDM L3.My can download .

I beg to differ. And it would have been infinitely more polite just to say you haven't managed to get it working, wouldn't it? Yoof today!!

It might not do everything and headers may be a problem; but it does work. You cannot just replace the CDM. You need to configure narrowvine-reborn.py and another file I cannot remember the name of. But you will see it when narrowvine complains.

I got it to work with this https://player.stv.tv/episode/48d2/sony-commons. No header problems here.

[edit 6 April 2022]
The video link above has had an upgrade to its manifest. The manifest now loads around 17 part video and audio files. Most of them are adverts. You can tell the 'updated' manifests as the start will be ssai. Yt-dlp will now fail with simple configurations.

The link above is not a good one to practice on now - find somewhere else.

[gnodde]

Same here, most of my stuff is based of Narrowvine-reborn, it needs some custom stuff here and there and it probably isn't the best solution out there but it is all I had when I got into this stuff.

[k2000]

widevine reborn does not decrypt even with an Android CDM L3.My can download .

I beg to differ. And it would have been infinitely more polite just to say you haven't managed to get it working, wouldn't it? Yoof today!!

It might not do everything and headers may be a problem; but it does work. You cannot just replace the CDM. You need to configure narrowvine-reborn.py and another file I cannot remember the name of. But you will see it when narrowvine complains.

I got it to work with this https://player.stv.tv/episode/48d2/sony-commons. No header problems here.

Yes sorry I didn't know I only tested my CDM without changing anything else.

[ridibunda]

A great guide for beginners. That's exactly what the forum needs. (instead of "hey bro, gimme the keys" messages)

I won't use these methods but I want to thank Angela.

Unfortunately I sold my Android TV Box (with 9.0) last year and I'm afraid to root my Android 9.0 phone (there's a high risk about its camera functionality after root).

[p13]

Great guide, I finally got this working with a T95 S1 TV box.

[rajhlinux]

Notes on my journey to get a working Content Decryption Module (CDM)

I chose a cheap Android TV box T95 S1 2Gb/16Gb at £29.99 from Amazon.

Download a frida-server from https://github.com/frida/frida/releases

I had success with frida-server-15.1.17-android-arm.xz - the latest release - although I tried many other releases along the way.

That’s all I know and now I am off to see if I can do it for real. I may be away for some time!!

Will this work to get decryption keys from Udemy website?

[oijm17]

I chose a cheap Android TV box T95 S1 2Gb/16Gb at £29.99 from Amazon.

What versions of Android do you recommend? Can I use 7.x, 8.x, 9.x or 10.x without problems?
In the case of your box, what version was it?

[A_n_g_e_l_a]

The TV box T95 S1 is android version 7. I think I read that it all works up to Android 9. Perhaps others can confirm?

[codehound]

The TV box T95 S1 is android version 7. I think I read that it all works up to Android 9. Perhaps others can confirm?

Its pre rooted too.

https://forum.videohelp.com/threads/404994-Decryption-and-the-Temple-of-Doom#post2650297 - great write up

[codehound]

Will this work to get decryption keys from Udemy website?

Yes, until you make an incorrect licence request because you haven't understood the process, and first analysed it in a good debugger - and the vdo lic server will revoke your cdm. You will be dumping cdm's daily unless you learn the process of the site you keep asking questions / making threads about.

The cdm by itself is not the answer to udemy / vdo as people have told you in numerous threads. You will not stumble on the answer to this, you need to understand the process of the website and the calls and responses.

[rajhlinux]

Will this work to get decryption keys from Udemy website?

Yes, until you make an incorrect licence request because you haven't understood the process, and first analysed it in a good debugger - and the vdo lic server will revoke your cdm. You will be dumping cdm's daily unless you learn the process of the site you keep asking questions / making threads about.

The cdm by itself is not the answer to udemy / vdo as people have told you in numerous threads. You will not stumble on the answer to this, you need to understand the process of the website and the calls and responses.

I don't have the time to play guessing games with the server(s) or what not. It's super dumb and just makes the backend web devs to update their servers.

It would be more logical of my time to reverse engineer the widevine DRM engine which isn't so hard to do. It's similar to cracking/breaking keyed softwares, just that I need to dump decryption keys. Basically I click a video (no need to clown around with the license requests which children here do) and voila, decryption keys. Oddly enough "Udemy.com" actually have some fascinating courses which teaches you noobs fundamental reverse engineering down to assembly language to do these kinds of stuffs.
Reverse engineering is fun, it's like solving a puzzle with some detective and investigation mindset.

You can use Hex Rays' IDA Pro bundle to get busy at it... good luck spending thousands for it. But obviously everyone here would torrent it out.
Maybe Ghidra could be a free alternative... last time I heard about Ghidra, it was good news that it's able to help reverse engineers crack softwares.

[codehound]

I don't have the time to play guessing games with the server(s) or what not. It's super dumb and just makes the backend web devs to update their servers.

It would be more logical of my time to reverse engineer the widevine DRM engine which isn't so hard to do. It's similar to cracking/breaking keyed softwares, just that I need to dump decryption keys. Basically I click a video (no need to clown around with the license requests which children here do) and voila, decryption keys. Oddly enough "Udemy.com" actually have some fascinating courses which teaches you noobs fundamental reverse engineering down to assembly language to do these kinds of stuffs.
Reverse engineering is fun, it's like solving a puzzle with some detective and investigation mindset.

You can use Hex Rays' IDA Pro bundle to get busy at it... good luck spending thousands for it. But obviously everyone here would torrent it out.
Maybe Ghidra could be a free alternative... last time I heard about Ghidra, it was good news that it's able to help reverse engineers crack softwares.

I thought only English was acceptable on here ? Plus it looks like you're hijacking a great tutorial thread into yet another udemy / vdo fiasco.

[rajhlinux]

Thanks for reminding me only low IQ lurks around here who doesn't even know what "English" is and loves to clown around with servers. No fool, I didn't deliberately ask to make it into an Udemy topic, just asked a simple question which it's answer could've been "yes" or "no". Get over with it, go chew on a different topic.

[A_n_g_e_l_a]

Thanks for reminding me only low IQ lurks around here who doesn't even know what "English" is and loves to clown around with servers. No fool, I didn't deliberately ask to make it into an Udemy topic, just asked a simple question which it's answer could've been "yes" or "no". Get over with it, go chew on a different topic.

Hi rajhlinux!
Thanks for commenting in my thread. However it appears no-one knows the answers you seek. Isn't udemy a subscription or pay site? And doesn't that make asking for information about gaining access to the site against this forum's rules? I wouldn't want you to upset anybody!

I wrote this thread in a spirit of being helpful; do you think you could subscribe to that ideal, for me, and leave out the unpleasant vitriol in the comments you make? I'm sure you are a nice man, and indeed have something useful to say; but I guess you've been having a few bad days. I know a man of your ability, as you told us, could make short work of reverse engineering binary code so I'm sure, if you really tried, you could access the site yourself quite easily. Perhaps, if the moderators are looking the other way, you might even return and, in your own thread, show everybody how you did it.

Kind regards,

[[ss]vegeta]

Hi rajhlinux!
Thanks for commenting in my thread. However it appears no-one knows the answers you seek. Isn't udemy a subscription or pay site? And doesn't that make asking for information about gaining access to the site against this forum's rules? I wouldn't want you to upset anybody!

I wrote this thread in a spirit of being helpful; do you think you could subscribe to that ideal, for me, and leave out the unpleasant vitriol in the comments you make? I'm sure you are a nice man, and indeed have something useful to say; but I guess you've been having a few bad days. I know a man of your ability, as you told us, could make short work of reverse engineering binary code so I'm sure, if you really tried, you could access the site yourself quite easily. Perhaps, if the moderators are looking the other way, you might even return and, in your own thread, show everybody how you did it.

Kind regards,

That's one of the most incredible replies I've ever read, along with some of Jack's.

[rajhlinux]

Hi rajhlinux!
Thanks for commenting in my thread. However it appears no-one knows the answers you seek. Isn't udemy a subscription or pay site? And doesn't that make asking for information about gaining access to the site against this forum's rules? I wouldn't want you to upset anybody!

I wrote this thread in a spirit of being helpful; do you think you could subscribe to that ideal, for me, and leave out the unpleasant vitriol in the comments you make? I'm sure you are a nice man, and indeed have something useful to say; but I guess you've been having a few bad days. I know a man of your ability, as you told us, could make short work of reverse engineering binary code so I'm sure, if you really tried, you could access the site yourself quite easily. Perhaps, if the moderators are looking the other way, you might even return and, in your own thread, show everybody how you did it.

Kind regards,

Well Reverse engineering is simply a hobby of mine, I do not like the idea to make profit or hurt the content creators based on piracy, I like to crack things just so that it benefits me.
However reverse engineering down to the machine code is extremely time consuming, could take day(s) or even week(s) to crack anything.
It's like drawing a map and writing details of a "New World" from scratch.
It all boils down to what it's worth cracking. With my time and effort, I could make more money spending those time in "cracking" with other resources.
Cracking widevine DRM so that I can download paid courses is simply ridiculous and laughable, losing thousands based on my time for something that is not worth it.

I do not understand what makes people think I am being "frustrated" for not being able to easily download Udemy content.
Screen capture is working very well for me, it is a win-win, I learn the course as I screen capture.

I originally assumed that people found a way in downloading and decrypt DRM videos easily, but after sending few days on this site, it seems that the low level software engineers at google (Widevine) have done some phenomenal job in perfecting their DRM engine. Its so effective that widevine makes it extremely difficult and near impossible for web devs to pirate content.

Hence I find it super silly how web devs here are finding silly ways to get by widevine.

Anyhow, if I have the "luxury" to spend some "hobby" time, I'll definitely get involved in cracking widevine. But as of now I guess I have no choice but to screen capture (which isn't a big deal). I personally hate python, curl and other languages and also hate the idea that one needs to "chit chat" with web severs. The only things I would rather spend time to crack are low level languages since it is more meaningful.

[PUOPUO]

LMAO, the only answer suited to most drm related threads here. and maybe this thread too. Too much grammar and less googling is the cause , it seems XD

Hence I find it super silly how web devs here are finding silly ways to get by widevine

ways so silly that a great linux hacker like you could not understand even after all this time, there are literally codes left in pieces in some places here, but no I HaTe PyThOn, cuz its too much for me to understand, or even trying to understand.

[rajhlinux]

Yea silly kids like you doesn't know the difference between a wannabe "linux hacker" and someone who does low level reverse engineering, it absolutely has nothing to do with Linux or what not.
I don't even use linux, don't have the time to do all the childish "hacking" loaded on youtube. I use Unix (FreeBSD/MacOS) (You obviously don't even know the difference between Linux/Unix). Anyways, keep staying busy with python, it's better for low level hardware/software engineer folks to keep getting paid more than all the high level python dev kids.
The more you stay busy with "python" and clowning around with "servers" the more google's low level software engineers will keep you kids frustrated for not being able to pirate DRM content and begging your souls for help on this forum.

Theres a good reason why "pyhton" wasn't used to create widevine's DRM software same goes for creating "chrome". Your computers, phones, routers, internets and etc all functions because of low level c/c++ NOT because of python.

The best "pirates" or "hackers" doesn't even waste their time playing around with python. (Yes theres a difference between a "pirate" and a "hacker")

My username has "linux" just so that I can tell you that I do not even use it.

[PUOPUO]

doesnt look like im the the one begging for udemy around lol


gimme gimme udemy