Profile cover photo
Profile photo
Manuel Hirth
Eating your children. Failing to properly use C, Python, Common Lisp and a load of other languages.
Eating your children. Failing to properly use C, Python, Common Lisp and a load of other languages.
Manuel's posts

Post has shared content
Almost as clever as the CSS stuff for DVDs :D
I bought a digital video download today that required a video player from Leaping Brain. As usual, the proprietary player wasn't great and to transfer it to my iPhone I'd need another proprietary player. Ugh. But I browsed around and found that the video had been downloaded into a hidden directory as a bunch of .mov files. Great, except none of the files would play.

It turned out the actual player, launched from their compiled app, was a Python wrapper around some VLC libraries. Nothing funny going on, as far as I could tell, but when I tried to launch the player directly, nothing happened. The compiled app was modifying the .mov files right before they were loaded into the player, and then reverting the file on disk. According to

 "We apply our BrainTrust™ proprietary video encryption to your movies before we upload them to our servers. If someone ever was able to gain access to your content, the files would be useless and unplayable, because they are stored in a scrambled, encrypted format. Once downloaded to the user’s hard drive, the files are still encrypted and only readable via the MOD Machine Player by a legitimate owner. We are not aware of a better DRM scheme than ours. Where Windows Media DRM is easily crackable, and doesn’t run on Macs, BrainTrust™ works great on Windows 8, Vista, Windows XP and Mac, and is virtually uncrackable."

Virtually uncrackable? Well, since they load the file from a Python script, it's easy to make a copy of the "decrypted" file before it's reverted. Having done so, I was curious to see the encryption scheme. By comparing the binary files, I discovered the "proprietary video encryption" algorithm: for the first 15kB, each 1kB block has its initial bytes xor'd with the string "RANDOM_STRING". That's the "scrambled, encrypted format" that leaves these files "useless and unplayable".

Post has attachment
le bam.

Post has attachment

Ich komm mir gerade irgendwie blöd vor…
Ich kriegs nich' in mein Hirn, wie ich 'nen String
bei allen Kommata splitte, die nicht in einem durch
Anführungszeichen eingegrenzten Substring sind.

Also zB.: "foo, bar, \"foo, bar\", bleh"

Ich könnte natürlich erst alle Kommata in quotierten Substrings durch Platzhalter ersetzen, jedoch kann man darf dieser Platzhalter dann nirgendwo mehr direkt vorkommen… -.-

Nerd Achievment unlocked: Mit Lisp-Features hausieren gehen.

Da ja irgendwie abzusehen ist, dass ich auch vom 3. Ticket-Batch für den 28C3 nix abkriege: Was gehtn nerd- und hackermäßig sonst so gegen Jahresende?
Wait while more posts are being loaded