Find the WVD_PATH in the script:-
[Attachment 80563 - Click to enlarge]
and edit it to the FULL path where you have placed your wvd file .
On Windows:
WVD_PATH = "C://Users/Karn/Decryption/Devices/my_best_CDM_ever.wvd" for example.
On Linux:
WVD_PATH = "/home/Karn/Decryption/Devices/my_best_CDM_ever.wvd"
Note the paths use forward slashes even on Windows when writing scripts in Python. That was probably where you were going wrong.
Try StreamFab Downloader and download from Netflix, Amazon, Youtube! Or Try DVDFab and copy Blu-rays!
+ Reply to Thread
Results 61 to 90 of 187
Thread
-
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
-
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Great script, really makes things easier!
One thing I found though is it doesn't return all the keys for me - at least on max.com which is the one I tried.
Using wvg extension I do find the keys I need, but this script only finds the one key.
This is the output from the script (some info redacted, but you get the point):
Code:__ ________ / / ___ / / /_ / / _ \/ -_) / //_ < /_//_/\__/_/_/____/ A Generic L3 Downloader: For DRM content only. Prepare three inputs. 1. MPD URL 2. cURL of license server request 3. Video name MPD URL? https://fly.eu.prd.media.max.com/s/eu-west-1/v1/playlist/dash/16343b8c-8a4a-4b66-9a59-a8091b1c2428/3c3df515-93b8-4410-b10a-414079529821.mpd?ps=CAQ[...snip...] Found pssh element: AAAA[...snip...] Extracted or generated PSSH: AAAA[...snip...] Paste cURL of license server request: And press ENTER. cURL is saved but not displayed. cURL? URL: https://busy.any-any.prd.api.discomax.com/drm-proxy/any/drm-proxy/drm/license/widevine?keygen=playready&drmKeyVersion=1&auth=eyJhb[...snip...]&x-wbd-tenant=beam&x-wbd-user-home-market=emea Method: POST Headers: {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0', 'Accept': '*/*', 'Accept-Language': 'en-US,en;q=0.5', 'Accept-Encoding': 'gzip, deflate, br, zstd', 'Origin': 'https://play.max.com', 'Connection': 'keep-alive', 'Referer': 'https://play.max.com/', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'cross-site', 'TE': 'trailers'} Data: None --key 01008cdcb9598130cf60da54230e5e65:14a55ee4d3d4ad395ebac3106e2bbc83 Save Video as?
[Attachment 80668 - Click to enlarge]
Error on my part? -
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
I was downloading Dune Part Two, and to decrypt I needed the second key from wvg, the one ending in ...1a7.
I tried a few different resolutions and yours decrypted none, but that one did. Only reason I found the difference between the two scripts.
Yeah, wasn't sure exactly what could be turned into my personal information so just redacted most of it just in case. You gurus can reverse anything it seems. 😊
Let me know what info you need from me to troubleshoot, either here or as a dm. -
Thanks. All I can say is if it plays in the browser you'll get the key(s) the browser uses. Reasons you didn't get the right key maybe the the script. It would be the first report, if so. I find that unlikely. And that statement isn't hubris, but evidence based. At the moment I'm more inclined to suspect you've mixed up mpd with a mismatched cURL.
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Yeah, probably an error on my part. Not sure where though.
Here's some non-redacted output.
PSSH seems to match between the two scripts:
WVG -> "Select" PSSH:
[Attachment 80703 - Click to enlarge]
and output from script:
Code:MPD URL? https://akm.eu.prd.media.max.com/s/eu-west-1/v1/playlist/dash/0fd0c2c4-7a75-4c81-bbe9-36eb64d30b18/3c3df515-93b8-4410-b10a-414079529821.mpd?ps=CAQSATEaE21zLlZvZFBsYXliYWNrU3RhdGUi9QMotS_9YCQDXQ8AdpxeNmBL2gZQEAQAJekwDMNguWm3WGuRu1-okUyZFpySVzVJEPpD1Jhto0YmrS1bomgcBdgT30ugsU4AUABKAEtmWYoLq6xrfBbvFSu07xN4vpVdKVqvCEhDQgJu-CzYVWKB3V89-E4jaHSs23TAL9kq2-6oDklhm7RsHf1l83o17Ju02uGQ2OveSoCGh60ukMZhHNMgTiTyJo23K-atLoyLNK-6HikwEdO8W1HxF0y6QXX7npodAUbZswIBzPo9Zm1asnmbAVcKy9IqAYHvRSFNS2K1ilO7paQ7-dumL707e_6dLE4z7pfPLllghxN8M1Kx0lYXv2RziYEcZKJR4Br9tGMcB0WPi7i7Jf4H5PADvWNvyHz0_Lv2pzhbvhlbtrq451RWvBUKhOIQQKIwHGBgeL0Ye2anmcRSAxbvTP3ORONwzONAYD_gA5JYepyIvyMPR-6ZeIo4qGkibx4eLJQLGzI4VHAKA4AzQKCAwoBYvPtWbckvacX1LSY7LyCAQmZzDPojhEtoXj8AUw7jK2MegnglrJqefNuERMSQG_bEKIssAjJeKOMVuZbvMhYHLhxEdx1MuXm0D7GMxYGFC64vIDyocwEHSgfXpPEJQXhwu4NZyLdpwX8gPhDLhKxjfZ2lBngDOguWBTM=&ctx=CgRiZWFtEjBVU0VSSUQ6Ym9sdDo4OWJhYTFiMy00YmNiLTRhNDEtOWI3MS05MWQxMDA0Y2U2OTMaJDRjMTBjMWQwLWRmOGUtNGE4My1iMDZhLTM1MDhhZDFkNThjOCIkMGZkMGMyYzQtN2E3NS00YzgxLWJiZTktMzZlYjY0ZDMwYjE4KiQzYzNkZjUxNS05M2I4LTQ0MTAtYjEwYS00MTQwNzk1Mjk4MjEyDTE4NS4xMTIuMTEyLjY6UE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEyOC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEyOC4wQgsI5ObLtAYQopyAQ0gDYgN3ZWJqBERBU0hyDkR1bmU6IFBhcnQgVHdvegN3ZWKCAQJTRYoBBGVtZWGQAQegAQE= Found pssh element: AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAEAjNy5WYEwz2DaVCMOXmVI49yVmwY= Extracted or generated PSSH: AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAEAjNy5WYEwz2DaVCMOXmVI49yVmwY=
I'm not sure how to troubleshoot the cURL part. Tips on what could be the culprit?
I tried both with allhell3 in Firefox and Chrome, and just hell3 inside Firefox. Same results - just the one key.
In devtools I find two links for license, URL is the same as with WVG, so I guess I have the correct URL as well?
[Attachment 80706 - Click to enlarge]
[Attachment 80704 - Click to enlarge]
Difference of the two seems to be one contains "TE: trailers" in headers and has more data/payload.
I tried to copy value -> cURL (Posix) on both of them, same result - the key ending in ...c83.
I do see that data is set to None, could that be an issue?
Code:Paste cURL of license server request: And press ENTER. cURL is saved but not displayed. cURL? URL: https://busy.any-any.prd.api.discomax.com/drm-proxy/any/drm-proxy/drm/license/widevine?keygen=playready&drmKeyVersion=1&auth=<let me know if you need this one, this seems good to redact ;)>&x-wbd-tenant=beam&x-wbd-user-home-market=emea Method: POST Headers: {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0', 'Accept': '*/*', 'Accept-Language': 'en-US,en;q=0.5', 'Accept-Encoding': 'gzip, deflate, br, zstd', 'Origin': 'https://play.max.com', 'Connection': 'keep-alive', 'Referer': 'https://play.max.com/', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'cross-site'} Data: None
Couldn't figure out if the extension sends data or not when finding the keys, js and python mixed is new to me unfortunately.
Recorded a small clip of my process just to make sure I didn't miss a step somewhere as well, see attached.
(edited hell3.py to sys.exit after printing key results, that's why it stops, otherwise original script) -
Well, the fact that the script completes and provides keys really means the script is doing what the script should do. So not too relevant.
Technically the script waits for a key or for many keys. The fact it only gives you one says to me only one was issued.
The question is why should that be so? In all honesty I have no idea. I have read here, on VH, of sites giving the wrong keys when they 'quietly reject' a CDM.
Hell3.py and allhelll3.py use the same CDM. And there are many hundreds of users all demanding keys with the same old CDM taken from a Virtual Android Device.
here is a simple l3.py with inbuilt debug phrases.
Code:import logging from pywidevine.cdm import Cdm from pywidevine.device import Device from pywidevine.pssh import PSSH import httpx from headers import headers logging.basicConfig(level=logging.DEBUG) logger = logging.getLogger(__name__) #################### #BE SURE TO EDIT THIS!!!!! #################### WVD_PATH = "<path to your>/device.wvd" def get_key(pssh, license_url): logger.debug("Loading device...") device = Device.load(WVD_PATH) cdm = Cdm.from_device(device) session_id = cdm.open() logger.debug("Session opened...") challenge = cdm.get_license_challenge(session_id, PSSH(pssh)) response = httpx.post(license_url, data=challenge, headers=headers) cdm.parse_license(session_id, response.content) keys = [] logger.debug("Retrieving keys...") for key in cdm.get_keys(session_id): logger.debug(f"Key found: {key.kid.hex}:{key.key.hex()}, Type: {key.type}") if key.type == 'CONTENT': keys.append(f"--key {key.kid.hex}:{key.key.hex()}") cdm.close(session_id) logger.debug("Session closed...") return "\n".join(keys) if __name__ == "__main__": pssh_str = input("PSSH? ") lic_url = input("License URL? ") result = get_key(pssh_str, lic_url) logger.debug("Result:") print(result)
Code:WVD_PATH = "./device.wvd"
Take the cURL of your video page license and go to curlconvverter.com and paste it there.
Partially copy the transform, the bit that says headers= {...........} into a new file.
Call it headers.py.
This is just normal l3.py stuff which I'm probably teaching you to suck eggs with.
Use your pssh found from hell3 and the license URL with l3debug.py that should give you the same keys as hell3. If that gives you the same result then it makes the CDM suspect. But still suspect only - not yet proven. But post any debug information that look useful.
You've been using hell3 and firefox - you haven't said which browser you use with WVG - is that Chrome? If it is, then the game changes again. It is known for some CDN to provide Chrome with better resolutions for video. And it could be that a WVG on Chrome returns a key for each resolution whereas a non-chrome CDM does not. To check use N_M3u8DL-RE and test the single key you've found against all resolutions that ~RE finds. Maybe one works?
EDIT: I've looked back at some testing results and a tester reported
DL ok for Max, resolution 720p with L3 - they do 1080p and 4K but its L1 CDM
(And Android app endpoints needed to fetch 4K)Last edited by A_n_g_e_l_a; 14th Jul 2024 at 06:28.
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Tried it, same results.
Tested with your device.wvd from the zip and my own CDM, the one I use for the extension.
Also tried your CDM in WVG, still gets more keys and this script only one.
Code:(.venv) HellYes2 > python .\l3debug.py PSSH? AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAEAjNy5WYEwz2DaVCMOXmVI49yVmwY= License URL? https://busy.any-any.prd.api.discomax.com/drm-proxy/any/drm-proxy/drm/license/widevine?keygen=playready&drmKeyVersion=1&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcmF0aW9uVGltZSI6IjIwMjQtMDctMTRUMjA6NTU6MzYuNDcyMzg5Mzc0WiIsImVkaXRJZCI6IjNjM2RmNTE1LTkzYjgtNDQxMC1iMTBhLTQxNDA3OTUyOTgyMSIsImFwcEJ1bmRsZSI6ImJlYW0iLCJwbGF0Zm9ybSI6IndlYiIsInVzZXJJZCI6IlVTRVJJRDpib2x0Ojg5YmFhMWIzLTRiY2ItNGE0MS05YjcxLTkxZDEwMDRjZTY5MyIsInByb2ZpbGVJZCI6IlBST0ZJTEVJRDRjMDcyYTYwLWJlNjItNDg0Zi1hZWNiLWRmOTYyZjM5MmU1OCIsImRldmljZUlkIjoiYWU3MmY0ZjctN2M3My00MDRjLTg0MGEtY2RkNGMyNjBmMjk2Iiwic3NhaSI6dHJ1ZSwic3RyZWFtVHlwZSI6InZvZCJ9.a4zWfUhBYk8_xiNmIW9sJ1SIfjlQ4gOpNWbSN4_8xp8&x-wbd-tenant=beam&x-wbd-user-home-market=emea DEBUG:__main__:Loading device... DEBUG:__main__:Session opened... DEBUG:httpx:load_ssl_context verify=True cert=None trust_env=True http2=False DEBUG:httpx:load_verify_locations cafile='C:\\Users\\Thomas\\Desktop\\streamdl\\HellYes2\\.venv\\lib\\site-packages\\certifi\\cacert.pem' DEBUG:httpcore.connection:connect_tcp.started host='busy.any-any.prd.api.discomax.com' port=443 local_address=None timeout=5.0 socket_options=None DEBUG:httpcore.connection:connect_tcp.complete return_value=<httpcore._backends.sync.SyncStream object at 0x00000229E7662C20> DEBUG:httpcore.connection:start_tls.started ssl_context=<ssl.SSLContext object at 0x00000229E75269C0> server_hostname='busy.any-any.prd.api.discomax.com' timeout=5.0 DEBUG:httpcore.connection:start_tls.complete return_value=<httpcore._backends.sync.SyncStream object at 0x00000229E7662BF0> DEBUG:httpcore.http11:send_request_headers.started request=<Request [b'POST']> DEBUG:httpcore.http11:send_request_headers.complete DEBUG:httpcore.http11:send_request_body.started request=<Request [b'POST']> DEBUG:httpcore.http11:send_request_body.complete DEBUG:httpcore.http11:receive_response_headers.started request=<Request [b'POST']> DEBUG:httpcore.http11:receive_response_headers.complete return_value=(b'HTTP/1.1', 200, b'OK', [(b'Date', b'Sun, 14 Jul 2024 15:05:23 GMT'), (b'Content-Type', b'application/octet-stream'), (b'Content-Length', b'673'), (b'Connection', b'keep-alive'), (b'access-control-allow-credentials', b'true'), (b'access-control-allow-methods', b'OPTIONS, POST'), (b'access-control-allow-origin', b'https://play.max.com'), (b'x-b3-spanid', b'981e32f3290195d4'), (b'x-b3-traceid', b'5f6233a5a16159e849a6ae35972aa810'), (b'access-control-expose-headers', b'x-wbd-session-state,x-wbd-refresh,x-wbd-ace,date,x-wbd-transport')]) INFO:httpx:HTTP Request: POST https://busy.any-any.prd.api.discomax.com/drm-proxy/any/drm-proxy/drm/license/widevine?keygen=playready&drmKeyVersion=1&auth=eY...&x-wbd-tenant=beam&x-wbd-user-home-market=emea "HTTP/1.1 200 OK" DEBUG:httpcore.http11:receive_response_body.started request=<Request [b'POST']> DEBUG:httpcore.http11:receive_response_body.complete DEBUG:httpcore.http11:response_closed.started DEBUG:httpcore.http11:response_closed.complete DEBUG:httpcore.connection:close.started DEBUG:httpcore.connection:close.complete DEBUG:__main__:Retrieving keys... DEBUG:__main__:Key found: 00000000000000000000000000000000:efde5857e22a6369a501c7acc8ea70ae5523f1f5ff5e8c9634be6492bf7dd1b9f3dac7975715904ed01b360c9264072c4d1cb7d5148bffef698a55385bc053f7, Type: SIGNING DEBUG:__main__:Key found: 01008cdcb9598130cf60da54230e5e65:14a55ee4d3d4ad395ebac3106e2bbc83, Type: CONTENT DEBUG:__main__:Session closed... DEBUG:__main__:Result: --key 01008cdcb9598130cf60da54230e5e65:14a55ee4d3d4ad395ebac3106e2bbc83 (.venv) HellYes2 >
I myself use Chrome as my daily driver, so my Firefox instance is a fresh install with nothing but that extension (temporary install as per github instructions) and the only site visited is Max.
I'll try to download all resolutions and see if the key decrypts one of them.
Will report back with results.
Yeah, also found that 1080p and up is L1, so only tried 720p and below.
Edit: Test results are in:
I downloaded all video resolutions up to 720p.
Code:Key 01008cdcb9598130cf60da54230e5e65:14a55ee4d3d4ad395ebac3106e2bbc83 : nothing decrypted Key 0101a7fbee818b8d92348fd71cd47d16:aa92f78586ea9296cfffe29a5d3c01a7 : all resolutions decrypted Key 0102190f76823bc3fc58ba72b5bc812b:078d3e3ec14c78de3e423213af84ea07 : nothing decrypted
Last edited by insideoutegg; 14th Jul 2024 at 11:10. Reason: Test results
-
Angela thank you for this tool!
I'm struggling to enter the cURL, I'm getting a key symbol. Do you know what the problem could be? I'm trying to get a video from Showmax which uses similar security to Peacock -
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Last edited by kruglianin; 14th Jul 2024 at 12:45.
-
My mind still is turning this one around a bit and another thought just came. We are not comparing like with like. Your WVG is on Chrome; your hell3 takes instruction from Firefox.
Coul you use allhell3.py in my signature and take the mpd and cURL from Chrome and see what happens?Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
No, it is in fact like with like.
Like I said, I do normally use Chrome but to rule that out (and because WVG worked better on Firefox) I took Chrome out of the equation.
All tests done now are on Firefox, in the same window, session and tab in a fresh install with only WVG installed (temporarily).
I did however test in Chrome again just now, same result unfortunately. Again - script edited with a sys.exit after key print:
Code:(.venv) HellYes2 > python .\allhell3.py __ ________ / / ___ / / /_ / / _ \/ -_) / //_ < /_//_/\__/_/_/____/ A Generic L3 Downloader: For DRM content only. !!This version is for ALL browsers!!. Prepare three inputs. 1. MPD URL 2. cURL of license server request 3. Video name MPD URL? https://gcp.eu.prd.media.max.com/s/eu-central-1/v1/playlist/dash/a32195c0-2db2-4de2-8684-10b4d0309806/3c3df515-93b8-4410-b10a-414079529821.mpd?ps=CAQSATEaE21zLlZvZFBsYXliYWNrU3RhdGUi2gUotS_9YGcFhRYApu6ON1BN2gYwLaMqxqgro-qKqqqq_7BuyW5C2mxmd6aUuLBxS_5lpQZ52d3dXtm2GeUG4PU5bsPNbA-LAIEAewBUBOL8g4uOcH1qHgI1heo8DWlgUCf97kwU65hAVEPgayGZomthAlOSBYUkT3Ujjm2fIJS6eEqxjolkspCqyNQofuJQknPr9H6BoZ-evpDoSgsiRYUG3LWR1L4WHLX7I019jxZEjletWAUuPUpkal_u8kRVuehHacf_UfxKSvWKVCHLUjFJFBUREKIRjQkSDA4twQEEjAkCEg31ktsP_xNF-P5UPf20oaCGnrpweDTh_ufZaQb2amsDORDnRsp1uPQoThds8cEcNIp-3ZZrUL4mubspPwMdP_iNvet6-b6hprcO1E8DOf0o19Eajx4NL1GuIzK32lKim7OBIofqW7lyHatN1kQodzAsuVgT8vFr77k5-j3hL2mdwQdbqNfmsTFMrM_0eXO3fSztdPyrVmY62UEEiAEARjTGROWBvre7B1ssY2qd1qczDFtWKc9mH09LIdMIGf9VWUOCBGPDhwm_ElfP7NGkYoIUkKgPIWOPtcD5pqOxZWSNq0PJHf2xy8gYrmkpc84CDAKMAQEq6nLrH2xpbrJejTFMnUyZa17UHzsXH9um1J82a0iIrsSMqamfp4qZDMhnvPZjLU96tLApdCbybNjcUz7udgzPxdDIVMcaGBasv9xjLXJ6jfGhU8k4uiWZWfExjW7xN1vjZLTysOKEcsb3sVrY6DdT7z4gkMJUZBv8BOB16fL69wBbWPUyStBCXila8IpbFOuqUF9g13uKTq5GbPmRTEVoGiMAAw7jK2Mehng9rDI9sbYJiYghR9gToyxkUZLxQhmvybV8lbF84Pogu-tgyY2jcQhkLB5YXnB9AelBvQt4oHxwTRofIcgObmMwC_LtLfgXxAdiuZB1r69nqQ3e4M6CZcYM&ctx=CgRiZWFtEjBVU0VSSUQ6Ym9sdDo4OWJhYTFiMy00YmNiLTRhNDEtOWI3MS05MWQxMDA0Y2U2OTMaJDAzNDUwMjY4LWFmMWEtNDI0OC1hNzFhLWM3MjYwZWFlMTliOCIkYTMyMTk1YzAtMmRiMi00ZGUyLTg2ODQtMTBiNGQwMzA5ODA2KiQzYzNkZjUxNS05M2I4LTQ0MTAtYjEwYS00MTQwNzk1Mjk4MjEyDTE4NS4xMTIuMTEyLjY6b01vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjYuMC4wLjAgU2FmYXJpLzUzNy4zNkIMCI3k07QGEKixopIDSANiA3dlYmoEREFTSHIORHVuZTogUGFydCBUd296A3dlYoIBAlNFigEEZW1lYZABB6ABAQ== Found pssh element: AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAEAjNy5WYEwz2DaVCMOXmVI49yVmwY= Extracted or generated PSSH: AAAAOHBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAABgSEAEAjNy5WYEwz2DaVCMOXmVI49yVmwY= Next. 1. Paste your cURL of license request. 2. Press Ctrl-D (Linux) or Ctrl-Z (Windows) to save it. cURL? URL: https://busy.any-any.prd.api.discomax.com/drm-proxy/any/drm-proxy/drm/license/widevine?keygen=playready&drmKeyVersion=1&auth=ey...&x-wbd-tenant=beam&x-wbd-user-home-market=emea Method: UNDEFINED Headers: {'accept': '*/*', 'accept-language': 'sv,en;q=0.9', 'dnt': '1', 'origin': 'https://play.max.com', 'priority': 'u=1, i', 'referer': 'https://play.max.com/', 'sec-ch-ua': '"Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"', 'sec-ch-ua-mobile': '?0', 'sec-ch-ua-platform': '"Windows"', 'sec-fetch-dest': 'empty', 'sec-fetch-mode': 'cors', 'sec-fetch-site': 'cross-site', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'} Data: None --key 01008cdcb9598130cf60da54230e5e65:14a55ee4d3d4ad395ebac3106e2bbc83 (.venv) HellYes2 >
Data is still None.
Edit: WVG gave me all keys in Chrome as well, btw.
I'm gonna look into the WVG extension when I have time, and see if I can get it to log to console, a file or something else to see if anything stands out.
Need to read up a bit on JS, pyodide and stuff first. Time to learn. -
I was wondering why the script produces a lot of blank lines/pages between pressing ctrl-z and the keys.
-
Hello, A_n_g_e_l_a.
Thank you so much for the script!
The script has never let me down.
I decided to return to the topic with a one-time token.
I had the opportunity to dump a couple of new CDMs.
I decided to check out the first CDM.
I blocked the license URL and received a new token.
I suspect that this method may not be universal for my site.
With all due respect to you.
If possible I am willing to provide a new CDM from a real device to PM.
I dumped 3 new ones today.
Thanks in advance!Last edited by kruglianin; 16th Jul 2024 at 23:38.
-
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Thanks for answers.
I also think about the token and its short life.
I wanted to clarify one more point. I saw messages in topics where they noted that the token is not always visible in Firefox.
Here are 2 screenshots of the license being blocked.
The difference between them is 2 seconds.
[Attachment 80750 - Click to enlarge]
After the second request, the token no longer appears for me.
[Attachment 80751 - Click to enlarge]
Google Chrome token is updated constantly.
Do you know what this might be connected with? -
Well to make something appear and then disappear will be happening because of a javascript routine, the page has loaded, rewriting the the display. There is no human interactive way around that.
I note from vdocipher.com in part of their PR they say:-
Backend Licensing, Geo, Time, Domain, Authentication Restrictions
Our backend authentication system keeps your videos safe from the downloader plugins and hacks. Restrict access to a particular Geo/IP. Stop playback on emulators, rooted devices & duplicate apps on mobileNoob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
-
Hello @A_n_g_e_l_a
Thank You for a wonderful script, I was curious, Is there a m3u8 version of this script? -
I now have time to flesh out my initial - 'oh' - surprised response to your question.
Firefox produces a curl that has no return characters and is all on one line.
PHP Code:curl 'https://widevine.entitlement.eu.theplatform.com/wv/web/ModularDrm?token=eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJydGUtcHJkLXByZC10cnQvYW5vbnltb3VzX25ncnBfcGxheWVyQHJ0ZS5pZSIsImlzcyI6IjEiLCJleHAiOjE3MTk1ODUzNTUsImlhdCI6MTcxOTQ5ODk1NTYwMywianRpIjoiYTQzMGE0NDktYTFlNy00MDMxLWIwZjgtNWY4Mjk1NGUzYmJlIiwiZGlkIjoicnRlLXByZC1wcmQtdHJ0IiwidW5tIjoiYW5vbnltb3VzX25ncnBfcGxheWVyQHJ0ZS5pZSIsImN0eCI6IntcInVzZXJOYW1lXCI6XCJhbm9ueW1vdXNfbmdycF9wbGF5ZXJAcnRlLmllXCJ9XG4iLCJvaWQiOiIyNzAwODk0MDAxIn0.efgp5-MNK1Hh9MVZ0M3XlzTumf1JdBF_e2vm3n-lQBFO-wt4zeabY3xW6F-MKfXCMD3PHgschfH-MEO0LqOqFTiFgewu456K2rAUDTYcEZhvu1O6mJ24EY-IiPeF_DGYqmyaIwdB1zq_UCwCh_9RSh2fti7OemF-n83iHdA4NqlgU5P1QRl3hPxNNHyiyFYFh81HIdeI7NheVjCrqNlP-Ve5z3Vlv8NlkcC3I7Jgcl1Bp6r54_ndyUbpSAAf-COEevBLn2x0VmUXZgg15dFSt-9YAZxelZMijrpXfHXV3EkuDUY5iP5u0kmIkElv44SRQVHCmQIIQYsdkEk8iRQTwg&account=http%3A%2F%2Faccess.auth.theplatform.com%2Fdata%2FAccount%2F2700894001&form=json&schema=1.0' -X POST -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0' -H 'Accept: */*' -H 'Accept-Language: en-GB,en;q=0.5' -H 'Accept-Encoding: gzip, deflate, br, zstd' -H 'content-type: text/plain;charset=UTF-8' -H 'Origin: https://www.rte.ie' -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Site: cross-site' -H 'Priority: u=4' --data-raw '{"getWidevineLicense":{"releasePid":"54ndDGZryAC4","widevineChallenge":"CAESsAwKugsIARKeCgrcAggCEhBIa4PbkkFF6EtcACIHk3RqGInHtKMGIowBMIGJAoGBAIlcNZ3JZnd5X3+l2Ca1ER6i4Py1LZVLNGkYvmGtSlaLf1BJjHaylSbWG6SCl9tHl2pgIbXmFGBKmx3EfVC/Ki4bgbxdBhlSUifhOT0MQBxGzRfFSUovm0lXedmhUBHRaz93OLJhV0VVRPkjVFsWfPSqFKrNurPlqX6U7OeFf0iJAgMBAAEo0tEBSAFaqgEQARqlAQqQAfhlSHBDKXnNMoh1XN/skoJgY64dsXzLWO0lm5O6GGELvEJu99fmQdKJODJ8U8SSSVQ4OxQlmp3jooeEI6TbeSjrmgwGBB4SfeaNhbRXKmpGnoDk91QzRj+AehCjDDtmUdDliu4MX7onx2qbo7o/IuoVcL0bFIzbqZOAlAig8Ao6fm7TAjMPI49yzu4JQMvMxxIQzKw4Ewjsj63cENuLqgHRfhKAAkIHAxv8DySY/1B5vrb+ts73hC0YRAx/tJhSr5ldI4BYm8iGGN5hvV831vwrgkNgXhVfZI1M8rfPTdjocyaj4K0B8/lWoEBenCm50Qd3iCbTkpHOSYv98de6dFrZsimwBKeNh1Wbgc+FBkYyMHdBstZohF6By1YNXin9pJpOScqotaO4d3xwNmX9kFbYnOMitVaTa6Hy6oXm5NQ7mk1yF4TvaQySSkqT11WySREl0FdhINNBXB09Y9AsLVBhIfLql9zphGJs8U3Sj1KU2C0R/RgTweXdYGdeDrsgXsfzXVjd8UbO7eJ6kdqcj1VvFSj56z1/Rv2h/KiIMAzggumOLVAatwUKsQIIARIQzGy9L1wAzel5uU4mVjpQVRjH/KiVBiKOAjCCAQoCggEBALLsopntw29Q+0+WEGm5d5hi4Y+fXExeAROiUr/KTjJBxyq18xgl7KfwQO6UZmw2wP9uchy102HNIo3IZLXKlpS+9dJHFCb9WLgcC3qHJ6uJ38xURWaJPyrX0IVZa4U/FQwY6BD/RhnFjjvigH9ia0IxeovTMvw6hamfT5YACXgbbhhR52KsTxz8GB1LwPdqGe48gu8+bPqSNs2fGQr4jXeK9faUtKcVGMd4HPg7dvyUQhqcDf1f1pchiF/fOVuJqiCXY6mOEY/yv8sLn2iztfORuWdOGiZT20kOSJIq+8yd5zUIZ0vzcBiCTIgc/uBONg04DrpKQhU0eavxjegw/fsCAwEAASjS0QFIARKAA1YA/hjXAWYptlqFF15DFMqD69tMr3Zp0PzQ2jMo4/ka44HAUu4yLwEUHe9z6Rhl/WzygZmMnVkGMmYnqu58nRcrxit95Gk4hDVB0L7cRw7mch+PCrU9mjihLr8whgfApfXRYVOrZbSnPq+Ph4rqyvUnEQcOa4DZU23P+V9AiC7wLBaKzoUESRkiIn63BfKFIM9p1xpu5riTBskt42mTgaDXA4M/bMSaG9yG8v4qyxRiIhE3ye/6Q/owC30RdNO9abFvpFTaxzIsTzeEAD0JEX+XGcfeR+IYDx8cy5xozMn2aFZw2ULMspoAPy2g9+kHlG4xe92h7iXj0nQt9XEBOnsOFtbVxHCF++TZXntMlYMPaR5K+raH8VeQaFWHrYfSVbLyFolL81m7MpwwdMq5nm0BfHBZJ7yB4FvYjVtxtllpCrushWDRCu/rJ4rotGBuJ6P/qnVFNknmjkdQOJU7MainZo5SsOkc3RS8Yg9t7MJkOrdb0hFupKll8Wxeoxn4BiACGhsKEWFyY2hpdGVjdHVyZV9uYW1lEgZ4ODYtNjQaFgoMY29tcGFueV9uYW1lEgZHb29nbGUaFwoKbW9kZWxfbmFtZRIJQ2hyb21lQ0RNGhYKDXBsYXRmb3JtX25hbWUSBUxpbnV4GiMKFHdpZGV2aW5lX2NkbV92ZXJzaW9uEgs0LjEwLjI3MTAuMDIKCAAQABgBIAAoEBJUClIKPAgBEhBltJ9Y7aoc8XHB6gvP8mm2Ggh1c3AtY2VuYyIYWmJTZldPMnFIUEZ4d2VvTHovSnB0Zz09KgAyABABGhCSCjRuymmsJw+fL6fhv97xGAEglvX1swYwFjjZ4JmXC0oLNC4xMC4yNzEwLjAagAEdITz+d3YK0YhIczmWSRLTFoN0Z2rqrpDdMiANVnK8dbfBFt1H1Em9+ISl7rhblpXUwy+ao4KxtKDQ5d/H6XMtPbVNWE2iRmeNuB5R2lCt6N/d/uwh04AwCYISASety1ezM0avMzQTX4tERBMwz0Evr29inUP4GKebPZ/uY4GWs0oUAAAAAQAAABQABQAQsuZwWRZyjGE="}}'
PHP Code:curl 'https://widevine.entitlement.eu.theplatform.com/wv/web/ModularDrm?token=eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJydGUtcHJkLXByZC10cnQvYW5vbnltb3VzX25ncnBfcGxheWVyQHJ0ZS5pZSIsImlzcyI6IjEiLCJleHAiOjE3MjEyOTk0MDEsImlhdCI6MTcyMTIxMzAwMTY3NCwianRpIjoiNDI0MGZlNjMtZjU1Mi00MjJjLTljYTktOTIxMDg5MDI5NGZkIiwiZGlkIjoicnRlLXByZC1wcmQtdHJ0IiwidW5tIjoiYW5vbnltb3VzX25ncnBfcGxheWVyQHJ0ZS5pZSIsImN0eCI6IntcInVzZXJOYW1lXCI6XCJhbm9ueW1vdXNfbmdycF9wbGF5ZXJAcnRlLmllXCJ9XG4iLCJvaWQiOiIyNzAwODk0MDAxIn0.LtahoMle3v-CBnQQazg5wpOMHa6ogS25QvupT_e-huTgcTGhQdKglSpXXbd7P-0bcJrSnN3UNWaN9KfiHHO5suLJAca7HI41Zfip5w3SLcR72Hm0rwzC9gu06-TJxBjXaU7eaIa1gUtkN6wNnW7hL-NJzsLrtwmPxaClV_swHRpCpjoGJWV1K5mHMr3QKAve8mBPLJbd389kjPOOsRgt04G2DOAXF9RQPihfnAI__vDkK1lTq3Hly7fUzNvGh7jUHIdnnax7gPpRaXdej23QAdSZlka4vQPhGKnMkQCM6Z-Icm07Kv3az0B1oy6dAOLuGgfnk1xN3nBwjmJJZG72nA&account=http%3A%2F%2Faccess.auth.theplatform.com%2Fdata%2FAccount%2F2700894001&form=json&schema=1.0' \
-H 'accept: */*' \
-H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' \
-H 'dnt: 1' \
-H 'origin: https://www.rte.ie' \
-H 'priority: u=1, i' \
-H 'sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua-platform: "Linux"' \
-H 'sec-fetch-dest: empty' \
-H 'sec-fetch-mode: cors' \
-H 'sec-fetch-site: cross-site' \
-H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36' \
--data-raw '{"getWidevineLicense":{"releasePid":"UoN1PWv_MivE","widevineChallenge":"CAESsAwKugsIARKeCgrcAggCEhBIa4PbkkFF6EtcACIHk3RqGInHtKMGIowBMIGJAoGBAIlcNZ3JZnd5X3+l2Ca1ER6i4Py1LZVLNGkYvmGtSlaLf1BJjHaylSbWG6SCl9tHl2pgIbXmFGBKmx3EfVC/Ki4bgbxdBhlSUifhOT0MQBxGzRfFSUovm0lXedmhUBHRaz93OLJhV0VVRPkjVFsWfPSqFKrNurPlqX6U7OeFf0iJAgMBAAEo0tEBSAFaqgEQARqlAQqQAfhlSHBDKXnNMoh1XN/skoJgY64dsXzLWO0lm5O6GGELvEJu99fmQdKJODJ8U8SSSVQ4OxQlmp3jooeEI6TbeSjrmgwGBB4SfeaNhbRXKmpGnoDk91QzRj+AehCjDDtmUdDliu4MX7onx2qbo7o/IuoVcL0bFIzbqZOAlAig8Ao6fm7TAjMPI49yzu4JQMvMxxIQzKw4Ewjsj63cENuLqgHRfhKAAkIHAxv8DySY/1B5vrb+ts73hC0YRAx/tJhSr5ldI4BYm8iGGN5hvV831vwrgkNgXhVfZI1M8rfPTdjocyaj4K0B8/lWoEBenCm50Qd3iCbTkpHOSYv98de6dFrZsimwBKeNh1Wbgc+FBkYyMHdBstZohF6By1YNXin9pJpOScqotaO4d3xwNmX9kFbYnOMitVaTa6Hy6oXm5NQ7mk1yF4TvaQySSkqT11WySREl0FdhINNBXB09Y9AsLVBhIfLql9zphGJs8U3Sj1KU2C0R/RgTweXdYGdeDrsgXsfzXVjd8UbO7eJ6kdqcj1VvFSj56z1/Rv2h/KiIMAzggumOLVAatwUKsQIIARIQzGy9L1wAzel5uU4mVjpQVRjH/KiVBiKOAjCCAQoCggEBALLsopntw29Q+0+WEGm5d5hi4Y+fXExeAROiUr/KTjJBxyq18xgl7KfwQO6UZmw2wP9uchy102HNIo3IZLXKlpS+9dJHFCb9WLgcC3qHJ6uJ38xURWaJPyrX0IVZa4U/FQwY6BD/RhnFjjvigH9ia0IxeovTMvw6hamfT5YACXgbbhhR52KsTxz8GB1LwPdqGe48gu8+bPqSNs2fGQr4jXeK9faUtKcVGMd4HPg7dvyUQhqcDf1f1pchiF/fOVuJqiCXY6mOEY/yv8sLn2iztfORuWdOGiZT20kOSJIq+8yd5zUIZ0vzcBiCTIgc/uBONg04DrpKQhU0eavxjegw/fsCAwEAASjS0QFIARKAA1YA/hjXAWYptlqFF15DFMqD69tMr3Zp0PzQ2jMo4/ka44HAUu4yLwEUHe9z6Rhl/WzygZmMnVkGMmYnqu58nRcrxit95Gk4hDVB0L7cRw7mch+PCrU9mjihLr8whgfApfXRYVOrZbSnPq+Ph4rqyvUnEQcOa4DZU23P+V9AiC7wLBaKzoUESRkiIn63BfKFIM9p1xpu5riTBskt42mTgaDXA4M/bMSaG9yG8v4qyxRiIhE3ye/6Q/owC30RdNO9abFvpFTaxzIsTzeEAD0JEX+XGcfeR+IYDx8cy5xozMn2aFZw2ULMspoAPy2g9+kHlG4xe92h7iXj0nQt9XEBOnsOFtbVxHCF++TZXntMlYMPaR5K+raH8VeQaFWHrYfSVbLyFolL81m7MpwwdMq5nm0BfHBZJ7yB4FvYjVtxtllpCrushWDRCu/rJ4rotGBuJ6P/qnVFNknmjkdQOJU7MainZo5SsOkc3RS8Yg9t7MJkOrdb0hFupKll8Wxeoxn4BiACGhsKEWFyY2hpdGVjdHVyZV9uYW1lEgZ4ODYtNjQaFgoMY29tcGFueV9uYW1lEgZHb29nbGUaFwoKbW9kZWxfbmFtZRIJQ2hyb21lQ0RNGhYKDXBsYXRmb3JtX25hbWUSBUxpbnV4GiMKFHdpZGV2aW5lX2NkbV92ZXJzaW9uEgs0LjEwLjI3MTAuMDIKCAAQABgBIAAoEBJUClIKPAgBEhBr+3ARtznseZo2KGYM3xieGgh1c3AtY2VuYyIYYS90d0ViYzU3SG1hTmlobUROOFluZz09KgAyABABGhDfW8hWYoepcw7p69sk8ib7GAEgscnetAYwFjiproa7CEoLNC4xMC4yNzEwLjAagAF3nSqqG6+kua5vYtTE50FpyTZrxXN3P4lRj+k1BrYxGE797I0hcdO1/FJJQbiE3aiszl715BJWRRbDWjsmmvYGID1GeRpODWLt1ddjZGWcHcLUcS1CgdvPxhAhrACl/5G4gmWH9oeSSpWJ2RJXE09I4gxJZfTyA4fftZcNMmHv4UoUAAAAAQAAABQABQAQh2GXKfgwOZw="}}'
Noob Starter Pack. Just download every Widevine mpd! Not kidding!.
https://files.videohelp.com/u/301890/hellyes6.zip -
Despite telling the terminal not to print to screen the reaction to a new line character is, seemingly, an unwanted-artifact produced by def getch() in the code. Hope this helps. The blank lines have never worried me; function is more important than form; and most importantly, the code works.
I was just curious about blank spaces.
Indeed code works and produces the keys.
Respect. -
Similar Threads
-
"From Hell to Texas (1958)-And Disney's Vault Hoarders from Hell
By dped91 in forum DVD RippingReplies: 5Last Post: 9th Jul 2023, 13:48 -
Having a hell of a time transfering VHS
By Inniss in forum CapturingReplies: 2Last Post: 28th Mar 2023, 19:18 -
Panasonic HC-x1500 loose battery trick
By realspeed in forum Newbie / General discussionsReplies: 0Last Post: 7th Jul 2022, 10:39 -
very Buggy if u loose password - back after 10 years
By melani in forum FeedbackReplies: 2Last Post: 25th Jan 2022, 21:56 -
USB-C Braided 10' Cord Loose And Doesn't Charge Tablet
By Tom Saurus in forum Off topicReplies: 5Last Post: 30th Dec 2020, 23:42