[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CADbNDXEoPwJF9PWU89Ku4gbiEehuXDKQmmu9p5NvmDY3gdhX_Q@mail.gmail.com>
Date: Mon, 6 May 2024 10:52:07 +0200
From: Security Explorations <contact@...urity-explorations.com>
To: fulldisclosure@...lists.org
Subject: [FD] Microsoft PlayReady toolkit - codes release
Hello All,
We released codes for "Microsoft PlayReady toolkit", a tool that has
been developed as part of our research from 2022:
https://security-explorations.com/microsoft-playready.html#details
The toolkit illustrates the following:
- fake client device identity generation,
- acquisition of license and content keys for encrypted content,
- downloading and decryption of content,
- content inspection (MPEG-4 file format),
- Manifest files inspection,
- combination of content fragments into single, ready to play or
distribute, plaintext movie file,
- watermarking detection / checks,
- CDN auth bypass,
- license crawling,
- automatic content security check for Canal+ environment.
Please, note that due to “not fixed” status (Microsoft didn't revoke
group cert and Canal+ didn't implement auth checks for license server
among others) the following has been removed from the public package:
- crypto secrets such as STB private keys, PlayReady private group
key, Canal+ client SSL certificates, CDN / VOD secrets,
- STB PlayReady binary
- reverse engineering API traces
- functionality pertaining to VOD purchases / orders (online and SMS
based, affecting users' billing)
As such, the toolkit is not "functional / ready to use" (the codes
cannot be used for the piracy of Canal+ VOD content without the
missing secrets).
Yet, we hope the released codes help both security researchers
interested in PayTV / content security along content providers gain a
more in-depth understanding of Microsoft PlayReady technology
operation and its limitations. We hope it helps others avoid some
mistakes too.
Thank you.
Best Regards,
Adam Gowdiak
----------------------------------
Security Explorations -
AG Security Research Lab
https://security-explorations.com
----------------------------------
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists