VideoHelp Forum
+ Reply to Thread
Results 1 to 30 of 30
Thread
  1. someone leaked this in telegram.
    t.me/getwvkeys

    notaghost#9997

    plus a 1gb key cache in there.
    Last edited by PUOPUO; 8th Jun 2022 at 03:55.
    Quote Quote  
  2. i'm not able to open the link pls help
    Quote Quote  
  3. thats really bad, is it WKS/Freyja doing this? why ruin such nice service
    Quote Quote  
  4. are they gonna leaked cdmdb aswell?or sell it to people?
    Quote Quote  
  5. Originally Posted by olmads View Post
    why ruin such nice service
    Why do you think this will ruin it?
    I don't think so. Most of the stuff is public anyway.
    I don't think this will have any effect on the site nor do I think notaghost and the others involved with the site will care about this.
    Originally Posted by JamesBaxter View Post
    are they gonna leaked cdmdb aswell?or sell it to people?
    Hardly doubt so. Also hardly doubt they got those.
    Quote Quote  
  6. Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    its a telegram link
    Quote Quote  
  7. Originally Posted by [ss]vegeta View Post
    Originally Posted by olmads View Post
    why ruin such nice service
    Why do you think this will ruin it?
    I don't think so. Most of the stuff is public anyway.
    I don't think this will have any effect on the site nor do I think notaghost and the others involved with the site will care about this.
    Originally Posted by JamesBaxter View Post
    are they gonna leaked cdmdb aswell?or sell it to people?
    Hardly doubt so. Also hardly doubt they got those.
    well, im curious about how they got to key db
    Quote Quote  
  8. Originally Posted by PUOPUO View Post
    well, im curious about how they got to key db
    Nothing spectacular.
    Maybe notaghost will tell here.
    Quote Quote  
  9. Originally Posted by [ss]vegeta View Post
    Originally Posted by PUOPUO View Post
    well, im curious about how they got to key db
    Nothing spectacular.
    Maybe notaghost will tell here.
    they said it was publicly given, good
    Quote Quote  
  10. Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    https://cyberfile.is/7y4/GETWVKEYS-source-code-main.zip
    https://cyberfile.is/7y5/keys.db
    Quote Quote  
  11. Originally Posted by id0ntcar3 View Post
    Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    https://cyberfile.is/7y4/GETWVKEYS-source-code-main.zip
    https://cyberfile.is/7y5/keys.db
    thank you so much
    Quote Quote  
  12. We need an expert to tell us what these are good for.
    Quote Quote  
  13. Maybe for someone who have nothing to do all day and parse db keys )
    Quote Quote  
  14. search locally for cache keys via KID

    sqlite3 keys.db "SELECT keys FROM DATABASE WHERE KID == '6c5c7d3b45af3de7beb2e8f07c9b4a00';"

    search locally for cache keys via pssh

    sqlite3 keys.db "SELECT keys FROM DATABASE WHERE pssh == 'AAAAbXBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAAE0IARIQv Oisat93mhzMKRdzYYDMjxoIY2FzdGxhYnMiJGV5SmhjM05sZEV sa0lqb2lZMnhwY0Y4eE1qa3hNekk1TlNKOTIHZGVmYXVsdA==' ;"
    Quote Quote  
  15. Excellent, thanks Jack.
    Quote Quote  
  16. That's great.

    Let's make the beginners understand it.

    1- Download Precompiled Sqlite Binaries for Windows and extract the contents to the same folder:

    https://www.sqlite.org/2022/sqlite-dll-win32-x86-3380500.zip

    https://www.sqlite.org/2022/sqlite-tools-win32-x86-3380500.zip

    You will end up with 5 files in that folder (sqldiff, sqlite3.def, sqlite3.dll, sqlite3, sqlite3_analyzer)


    2- Add Sqlite to Path. It doesn't have to be "C>Sqlite". Put the folder wherever you want, just don't forget to add that location to Path.

    "Control Panel > System > Advanced System Settings > Environment Variables".

    Double click the "Path" item from User variables. Click on "New", enter location.

    If you have a Path already, just modify it and add Sqlite location. Do not create another Path value, because it will replace the previous one (Your Python path would be removed, for example)


    3- Put "keys.db" file to that Sqlite folder. Then you can make your searches via Command-Prompt or Powershell.

    Powershell needs a "./" at the beginning of the command. Like that:

    ./sqlite3 keys.db "SELECT keys FROM DATABASE WHERE KID == '6c5c7d3b45af3de7beb2e8f07c9b4a00';"

    Good luck.
    Quote Quote  
  17. Thank you @ridibunda;
    I download also DB browser,
    and i edit DB keys and add mines key that i dont found.
    Quote Quote  
  18. I don't get the point, sorry. This database cannot contain a key for EACH pssh, can it? So for what cases is this meant?
    Quote Quote  
  19. tis DB work offline mode @Quint,
    is normal to be limited , i found inside more than 400.000 keys. Well i try to download a movie...and surprise , i didn't found so i use other way to get keys.
    Quote Quote  
  20. Member
    Join Date
    Feb 2022
    Location
    Search the forum first!
    Search PM
    Originally Posted by Quint View Post
    I don't get the point, sorry. This database cannot contain a key for EACH pssh, can it? So for what cases is this meant?
    Code:
    sqlite> select count(KID) as count FROM DATABASE;
    Gives 403466 unique KID's with their pssh and keys. And all you need to do is check if your kid is in there among nearly half a million others. Seems worth it to me.
    Last edited by A_n_g_e_l_a; 12th Jun 2022 at 14:17.
    Quote Quote  
  21. Thanks guys. I did all the steps. How do I start downloading stuff now?
    Quote Quote  
  22. Originally Posted by shampistols69 View Post
    Thanks guys. I did all the steps. How do I start downloading stuff now?
    You jump out of nowhere in this thread. You are not the thread starter nor do you have other posts in this thread.
    Downloading what? From where?
    Read the other threads of this sub-forum and if you don't find explanations, open a new thread.
    Downloading is usually done with yt-dlp.
    You did all the steps of what? Managing the keys database?
    Even though there are 400k + keys, doesn't necessarily mean they will match what you wanted to download.
    Quote Quote  
  23. Member
    Join Date
    Feb 2022
    Location
    Search the forum first!
    Search PM
    There is a lot of junk in the keys.db database that is not accessible from the usual SQL commands.

    For instance some of the headers included in the call to the getwvkeys.cc api are there.
    {"accept": "*/*", "accept-encoding": "gzip, deflate, br", "accept-language": "ja,zh-TW;q=0.9,zh;q=0.8,en-US;q=0.7,en;q=0.6", "content-length": "4277", "origin": "https://www.hulu.jp", "referer": "https://www.hulu.jp/", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36"}

    {"Connection": "close", "Content-Length": "234", "Accept-Encoding": "gzip", "Cf-Ipcountry": "TW", "X-Forwarded-For": "118.161.39.187", "Cf-Ray": "6e555cda7c537c5f-LAX", "X-Forwarded-Proto": "http", "Cf-Visitor": "{\"scheme\":\"http\"}", "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36", "Accept": "*/*", "Content-Type": "application/json", "Cf-Connecting-Ip": "118.161.39.187", "Cdn-Loop": "cloudflare"}

    "Connection": "close", "Content-Length": "319", "Accept-Encoding": "gzip", "Cf-Ipcountry": "US", "X-Forwarded-For": "2001:19f0:4400:60aa:5400:3ff:fea5:c30", "Cf-Ray": "6eebec312a134c53-SIN", "X-Forwarded-Proto": "https", "Cf-Visitor": "{\"scheme\":\"https\"}", "Content-Type": "application/json", "Cf-Connecting-Ip": "2001:19f0:4400:60aa:5400:3ffxxxxx", "Cdn-Loop": "cloudflare"}
    It is not good news for users, though, as some bare IP address are shown; as in the above example -i.e 118.161.39.187. And googling what 'Cf-Connecting-Ip' is gave "CF-Connecting-IP provides the client IP address connecting to Cloudflare to the origin web server"

    Interestingly a whois search revealed nothing for that IP
    {
    "rdapConformance": [
    "nro_rdap_profile_0",
    "cidr0",
    "rdap_level_0"
    ],
    "notices": [
    {
    "title": "Source",
    "description": [
    "Objects returned came from source",
    "JPNIC"
    ]
    },
    {
    "title": "Terms and Conditions",
    "description": [
    "This is the APNIC WHOIS Database query service. The objects are in RDAP format.",
    "This information has been partially mirrored by APNIC from JPNIC. To obtain more specific information, please use the JPNIC WHOIS Gateway at http://www.nic.ad.jp/en/db/whois/en-gateway.html or whois.nic.ad.jp for WHOIS client. (The WHOIS client defaults to Japanese output, use the /e switch for English output)"
    ],
    "links": [
    {
    "value": "https://jpnic.rdap.apnic.net/ip/118.161.39.187",
    "rel": "terms-of-service",
    "href": "http://www.apnic.net/db/dbcopyright.html",
    "type": "text/html"
    }
    ]
    },
    {
    "title": "Whois Inaccuracy Reporting",
    "description": [
    "If you see inaccuracies in the results, please visit: "
    ],
    "links": [
    {
    "value": "https://jpnic.rdap.apnic.net/ip/118.161.39.187",
    "rel": "inaccuracy-report",
    "href": "https://www.apnic.net/manage-ip/using-whois/abuse-and-spamming/invalid-contact-form",
    "type": "text/html"
    }
    ]
    }
    ],
    "description": [
    "The server has not found anything matching the Request-URI."
    ],
    "errorCode": 404,
    "title": "Not Found",
    "port43": "whois.apnic.net"
    }
    Very clever of someone.

    Less clever of getwvkeys.cc to let this out to the wild as it clearly contains data to identify users.

    Edit: I have just checked and counted 138634 IP addresses exposed for 'Cf-Connecting-Ip' and 148621 for 'X-Forwarded-For'.
    Last edited by A_n_g_e_l_a; 13th Jun 2022 at 05:19. Reason: Count of exposed IP adresses
    Quote Quote  
  24. I see. So the database a collection of what was asked for in the past.
    Quote Quote  
  25. Member
    Join Date
    Jun 2022
    Location
    Ur moms house
    Search PM
    Originally Posted by Quint View Post
    I see. So the database a collection of what was asked for in the past.
    Nah itís from the future bro, what else would a database contain
    Quote Quote  
  26. Member
    Join Date
    Jun 2022
    Location
    Ur moms house
    Search PM
    Originally Posted by A_n_g_e_l_a View Post
    There is a lot of junk in the keys.db database that is not accessible from the usual SQL commands.

    For instance some of the headers included in the call to the getwvkeys.cc api are there.
    {"accept": "*/*", "accept-encoding": "gzip, deflate, br", "accept-language": "ja,zh-TW;q=0.9,zh;q=0.8,en-US;q=0.7,en;q=0.6", "content-length": "4277", "origin": "https://www.hulu.jp", "referer": "https://www.hulu.jp/", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36"}

    {"Connection": "close", "Content-Length": "234", "Accept-Encoding": "gzip", "Cf-Ipcountry": "TW", "X-Forwarded-For": "118.161.39.187", "Cf-Ray": "6e555cda7c537c5f-LAX", "X-Forwarded-Proto": "http", "Cf-Visitor": "{\"scheme\":\"http\"}", "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36", "Accept": "*/*", "Content-Type": "application/json", "Cf-Connecting-Ip": "118.161.39.187", "Cdn-Loop": "cloudflare"}

    "Connection": "close", "Content-Length": "319", "Accept-Encoding": "gzip", "Cf-Ipcountry": "US", "X-Forwarded-For": "2001:19f0:4400:60aa:5400:3ff:fea5:c30", "Cf-Ray": "6eebec312a134c53-SIN", "X-Forwarded-Proto": "https", "Cf-Visitor": "{\"scheme\":\"https\"}", "Content-Type": "application/json", "Cf-Connecting-Ip": "2001:19f0:4400:60aa:5400:3ffxxxxx", "Cdn-Loop": "cloudflare"}
    It is not good news for users, though, as some bare IP address are shown; as in the above example -i.e 118.161.39.187. And googling what 'Cf-Connecting-Ip' is gave "CF-Connecting-IP provides the client IP address connecting to Cloudflare to the origin web server"

    Interestingly a whois search revealed nothing for that IP
    {
    "rdapConformance": [
    "nro_rdap_profile_0",
    "cidr0",
    "rdap_level_0"
    ],
    "notices": [
    {
    "title": "Source",
    "description": [
    "Objects returned came from source",
    "JPNIC"
    ]
    },
    {
    "title": "Terms and Conditions",
    "description": [
    "This is the APNIC WHOIS Database query service. The objects are in RDAP format.",
    "This information has been partially mirrored by APNIC from JPNIC. To obtain more specific information, please use the JPNIC WHOIS Gateway at http://www.nic.ad.jp/en/db/whois/en-gateway.html or whois.nic.ad.jp for WHOIS client. (The WHOIS client defaults to Japanese output, use the /e switch for English output)"
    ],
    "links": [
    {
    "value": "https://jpnic.rdap.apnic.net/ip/118.161.39.187",
    "rel": "terms-of-service",
    "href": "http://www.apnic.net/db/dbcopyright.html",
    "type": "text/html"
    }
    ]
    },
    {
    "title": "Whois Inaccuracy Reporting",
    "description": [
    "If you see inaccuracies in the results, please visit: "
    ],
    "links": [
    {
    "value": "https://jpnic.rdap.apnic.net/ip/118.161.39.187",
    "rel": "inaccuracy-report",
    "href": "https://www.apnic.net/manage-ip/using-whois/abuse-and-spamming/invalid-contact-form",
    "type": "text/html"
    }
    ]
    }
    ],
    "description": [
    "The server has not found anything matching the Request-URI."
    ],
    "errorCode": 404,
    "title": "Not Found",
    "port43": "whois.apnic.net"
    }
    Very clever of someone.

    Less clever of getwvkeys.cc to let this out to the wild as it clearly contains data to identify users.

    Edit: I have just checked and counted 138634 IP addresses exposed for 'Cf-Connecting-Ip' and 148621 for 'X-Forwarded-For'.
    Less clever of the kid that threw a temper tantrum to leak stuff as revenge.
    Quote Quote  
  27. Member
    Join Date
    Feb 2022
    Location
    Search the forum first!
    Search PM
    Originally Posted by Puyodead1 View Post
    Less clever of the kid that threw a temper tantrum to leak stuff as revenge..
    Of course. It takes two to tango though.
    Anyone running a web facing site knows intrusion attempts happen daily.
    So, as a site owner, you have a responsibility to lock up your goodies.
    Encrypt your back-office data.
    Set up your database to only work from local user and one other IP only (yours) - all traffic comes via the local API and is thus seen as the local user.
    Place Nginx reverse proxy in front of everything as a first line of defence.
    Nginx might have helped against the DoS attacks too.

    To be clear; I applaud Ghost for setting up an excellent service for those without their own CDM. The implementation, it appears, was a little naive. But learn from mistakes and build-back better! Onwards and upwards...
    Last edited by A_n_g_e_l_a; 15th Jun 2022 at 03:45.
    Quote Quote  
  28. Originally Posted by id0ntcar3 View Post
    Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    https://cyberfile.is/7y4/GETWVKEYS-source-code-main.zip
    https://cyberfile.is/7y5/keys.db
    could you pls reupload it?thanks...
    Quote Quote  
  29. Search, Learn, Download! Karoolus's Avatar
    Join Date
    Oct 2022
    Location
    Belgium
    Search Comp PM
    Originally Posted by yuinen View Post
    Originally Posted by id0ntcar3 View Post
    Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    https://cyberfile.is/7y4/GETWVKEYS-source-code-main.zip
    https://cyberfile.is/7y5/keys.db
    could you pls reupload it?thanks...
    https://github.com/GetWVKeys
    Quote Quote  
  30. Originally Posted by Karoolus View Post
    Originally Posted by yuinen View Post
    Originally Posted by id0ntcar3 View Post
    Originally Posted by luvmichelle View Post
    i'm not able to open the link pls help
    https://cyberfile.is/7y4/GETWVKEYS-source-code-main.zip
    https://cyberfile.is/7y5/keys.db
    could you pls reupload it?thanks...
    https://github.com/GetWVKeys
    thx but no keys.db inside...
    Quote Quote  



Similar Threads

Visit our sponsor! Try DVDFab and backup Blu-rays!