summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornetop://ウエハ <1288356+NetOperatorWibby@users.noreply.github.com>2020-10-20 19:10:17 +0200
committerGitHub <noreply@github.com>2020-10-20 19:10:17 +0200
commit5f4358573fb9436aa1278c8100704d8098b63987 (patch)
tree1ccaa91cb95a188a213e709b321353439d05b1c5
parentMerge branch 'main' of https://github.com/tomer8007/widevine-l3-decryptor into main (diff)
downloadwidevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar.gz
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar.bz2
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar.lz
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar.xz
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.tar.zst
widevine-l3-decryptor-5f4358573fb9436aa1278c8100704d8098b63987.zip
-rw-r--r--README.md24
1 files changed, 14 insertions, 10 deletions
diff --git a/README.md b/README.md
index a2727be..e09d176 100644
--- a/README.md
+++ b/README.md
@@ -1,28 +1,33 @@
# Widevine L3 Decryptor
-[Widevine](https://www.widevine.com/solutions/widevine-drm) is a Google-Owned DRM system that's in use by many popular streaming services (Netflix, Spotify, ...) to protect media contnet from being downloaded.
+[Widevine](https://www.widevine.com/solutions/widevine-drm) is a Google-owned DRM system that's in use by many popular streaming services (Netflix, Spotify, &c) to prevent media content from being downloaded.
But Widevine's least secure security level, L3, as used in most browsers and PCs, is implemented 100% in software (i.e no hardware TEEs), thereby making it reversible and bypassable.
-This Chrome extension demonstates how it's possible to bypass Widevine DRM by hijacking calls to the browser's [Encrypted Media Extensions (EME)](https://www.html5rocks.com/en/tutorials/eme/basics/) and decrypting all Widevine content keys transferred - effectively turning it into a clearkey DRM.
+This Chrome extension demonstates how it's possible to bypass Widevine DRM by hijacking calls to the browser's [Encrypted Media Extensions (EME)](https://www.html5rocks.com/en/tutorials/eme/basics) and decrypting all Widevine content keys transferred - effectively turning it into a clearkey DRM.
## Usage
-To see this concept in action, just load the extnesion in developer mode and browse to any website that plays Widevine-protected content, such as https://bitmovin.com/demos/drm.
+To see this concept in action, just load the extension in Developer Mode and browse to any website that plays Widevine-protected content, such as https://bitmovin.com/demos/drm.
-Keys will be logged in plaintext to the javascript console:
+Keys will be logged in plaintext to the javascript console.
-`WidevineDecryptor: Found key: 100b6c20940f779a4589152b57d2dacb (KID=eb676abbcb345e96bbcf616630f1a3da)
-`
+e.g:
+
+```
+WidevineDecryptor: Found key: 100b6c20940f779a4589152b57d2dacb (KID=eb676abbcb345e96bbcf616630f1a3da)
+```
Decrypting the media itself is then just a matter of using a tool that can decrypt MPEG-CENC streams, like `ffmpeg`.
e.g:
-`ffmpeg -decryption_key 100b6c20940f779a4589152b57d2dacb -i encrypted_media.mp4 -codec copy decrypted_media.mp4`
+```
+ffmpeg -decryption_key 100b6c20940f779a4589152b57d2dacb -i encrypted_media.mp4 -codec copy decrypted_media.mp4
+```
## How
In the context of browsers the actual decryption of the media is usually done inside a proprietary binary (`widevinecdm.dll`, known as the Content Decryption Module or CDM) only after receiving the license from a license server with an encrypted key in it.
-This binary is usually heavily obfuscated and makes use of third-party solutions that claim to offer software "protection" such as [Arxan](https://digital.ai/application-protection) or [Whitecryption](https://www.intertrust.com/products/application-shielding/).
+This binary is usually heavily obfuscated and makes use of third-party solutions that claim to offer software "protection" such as [Arxan](https://digital.ai/application-protection) or [Whitecryption](https://www.intertrust.com/products/application-shielding).
Some reversing job on that binary can then be done to extract the secret keys and mimic the key decryption algorithm from the license response.
@@ -30,5 +35,4 @@ Some reversing job on that binary can then be done to extract the secret keys an
This PoC was done to further show that code obfuscation, anti-debugging tricks, whitebox cryptography algorithms and other methods of security-by-obscurity will eventually by defeated anyway, and are, in a way, pointless.
## Legal Desclaimer
-This is for educational purposes only. Downloading copyrighted matirials from streaming services may violate their Terms Of Service. Use at your own risk.
-
+This is for educational purposes only. Downloading copyrighted materials from streaming services may violate their Terms of Service. **Use at your own risk.**