Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM

Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM

Widevine is a Google-owned DRM method that’s in use by several common streaming expert services (Netflix, Spotify, and many others.) to reduce media articles from becoming downloaded.

But Widevine’s least protected protection amount, L3, as utilised in most browsers and PCs, is applied 100% in software package (i.e no hardware TEEs), thus creating it reversible and bypassable.

This Chrome extension demonstrates how it really is doable to bypass Widevine DRM by hijacking calls to the browser’s Encrypted Media Extensions (EME) and decrypting all Widevine articles keys transferred – efficiently turning it into a clearkey DRM.

Utilization

To see this notion in action, just load the extension in Developer Mode and search to any site that plays Widevine-secured information, these as https://bitmovin.com/demos/drm [Update: link got broken?].

Keys will be logged in plaintext to the javascript console.

e.g:

WidevineDecryptor: Uncovered critical: 100b6c20940f779a4589152b57d2dacb (Child=eb676abbcb345e96bbcf616630f1a3da)

Decrypting the media alone is then just a make a difference of utilizing a instrument that can decrypt MPEG-CENC streams, like ffmpeg.

e.g:

ffmpeg -decryption_crucial 100b6c20940f779a4589152b57d2dacb -i encrypted_media.mp4 -codec duplicate decrypted_media.mp4

Note: The extension currently supports the Windows system only.

How

In the context of browsers the genuine decryption of the media is generally done inside a proprietary binary (widevinecdm.dll, known as the Content Decryption Module or CDM) only soon after receiving the license from a license server with an encrypted important in it.

This binary is usually closely obfuscated and would make use of third-party options that assert to supply program “defense” these kinds of as Arxan or Whitecryption.

Some reversing occupation on that binary can then be performed to extract the top secret keys and mimic the key decryption algorithm from the license response.

Why

This PoC was done to further exhibit that code obfuscation, anti-debugging tricks, whitebox cryptography algorithms and other procedures of security-by-obscurity will eventually by defeated in any case, and are, in a way, pointless.

Lawful Disclaimer

This is for academic purposes only. Downloading copyrighted products from streaming companies may perhaps violate their Phrases of Support. Use at your have chance.

KLsbkY4t7u0

Impression and Article Source hyperlink

Go through Extra on Pentesting Resources

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: