Secure Token

Steam recording with RTMPDump or FFmpeg.
Post Reply
svnpenn
Posts: 263
Joined: Tue Nov 01, 2011 12:19 am

Secure Token

Post by svnpenn » Sat May 25, 2013 5:03 pm

Coming from this post
stream-recorder.com/forum/showpost.php?p=62388&postcount=9

Code: Select all

http://97ff0e7e610f20512dbe-483e6ce63d68aeb3d05af6c054efb801.r29.cf1.rackcdn.com/p4.swf
I too want a reliable way to gain the Secure Token. Using this SWF I try
http://showmycode.com
but no result

Code: Select all

$ grep -r Token ShowMyCode.com | wc
      0       0       0
Next I try SwfScan
h30499.www3.hp.com/t5/Following-the-Wh1t3-Rabbit/SWFScan-FREE-Flash-decompiler/ba-p/5440167
but it just crashes

Code: Select all

SwfScan has stopped working
Next I try furnace-avm2
http://github.com/whitequark/furnace-avm2
but no again

Code: Select all

furnace-swf -i p4.swf abclist
ABC tags:
 0) "": 245961 byte(s)
furnace-swf -i p4.swf abcextract -n '' -o a.abc
furnace-avm2 -i a.abc -d -o b.abc
/furnace/cfg/graph.rb:20:in `find_node': Cannot find CFG node 6 (RuntimeError)
Finally I try JPEXS
http://free-decompiler.com/flash
and it works!

Code: Select all

$ grep -r secureTokenResponse ffdec_1.6.0
ffdec_1.6.0/com/longtailvideo/jwplayer/media/521423272340123423632234.as:
this._connection.call("secureTokenResponse",null,TEA.decrypt(evt.info.secureToken,
"[email protected][email protected][email protected][email protected][email protected][email protected]"));

chap
Posts: 8
Joined: Sun Aug 19, 2012 5:54 am

Re: Secure Token

Post by chap » Sat May 25, 2013 7:50 pm

svnpenn
Thanks for your work 8-)

xpn
Posts: 3
Joined: Wed May 22, 2013 2:23 pm

Re: Secure Token

Post by xpn » Sun Aug 18, 2013 7:05 pm

First of all, thanks from me too.

Second of all, the swf has changed again and now incorporates a whole procedure with bitwise operations (XOR) that takes a hard-coded integer as input and through some functions produces the token. Alas, I do not have the knowledge to fully understand and replicate the functions in order to get the final token. JPEXS shows exactly which functions are called and can be used as a pilot in order to mock up a c/c++ program that produces the token. If you have time, I kindly request that you take a look at this please.

Again, thanks for all the hard work.

gorillamaguila
Posts: 1
Joined: Sun Oct 06, 2013 4:57 pm

Re: Secure Token

Post by gorillamaguila » Sun Oct 06, 2013 5:02 pm

I'm able to get the token but I'm stuck at what it seems a librtmp bug.

http://stream-recorder.com/forum/showpo ... stcount=49

Any Ideas anybody?

magenama
Posts: 1
Joined: Thu Nov 28, 2013 9:05 pm

Re: Secure Token

Post by magenama » Thu Nov 28, 2013 9:11 pm

Hi SVNPENN,
Finally I try JPEXS
http://free-decompiler.com/flash
and it works!

CODE: SELECT ALL
$ grep -r secureTokenResponse ffdec_1.6.0
ffdec_1.6.0/com/longtailvideo/jwplayer/media/521423272340123423632234.as:
this._connection.call("secureTokenResponse",null,TEA.decrypt(evt.info.secureToken,
"[email protected][email protected][email protected][email protected][email protected][email protected]"));
svnpenn
Could you please tell how you did this.
Did you first open the swf file using ffdec?
Is it in Linux?
Because i tried so and could not get anything.

Regards,
magenama

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests