Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM
Widevine is a Google-owned DRM method that’s in use by several common streaming expert services (Netflix, Spotify, and many others.) to reduce media articles from becoming downloaded.
But Widevine’s least protected protection amount, L3, as utilised in most browsers and PCs, is applied 100% in software package (i.e no hardware TEEs), thus creating it reversible and bypassable.
This Chrome extension demonstrates how it really is doable to bypass Widevine DRM by hijacking calls to the browser’s Encrypted Media Extensions (EME) and decrypting all Widevine articles keys transferred – efficiently turning it into a clearkey DRM.
Utilization
To see this notion in action, just load the extension in Developer Mode and search to any site that plays Widevine-secured information, these as https://bitmovin.com/demos/drm [Update: link got broken?].
Keys will be logged in plaintext to the javascript console.
e.g:
WidevineDecryptor: Uncovered critical: 100b6c20940f779a4589152b57d2dacb (Child=eb676abbcb345e96bbcf616630f1a3da)
Decrypting the media alone is then just a make a difference of utilizing a instrument that can decrypt MPEG-CENC streams, like ffmpeg
.
e.g:
ffmpeg -decryption_crucial 100b6c20940f779a4589152b57d2dacb -i encrypted_media.mp4 -codec duplicate decrypted_media.mp4
Note: The extension currently supports the Windows system only.
How
In the context of browsers the genuine decryption of the media is generally done inside a proprietary binary (widevinecdm.dll
, known as the Content Decryption Module or CDM) only soon after receiving the license from a license server with an encrypted important in it.
This binary is usually closely obfuscated and would make use of third-party options that assert to supply program “defense” these kinds of as Arxan or Whitecryption.
Some reversing occupation on that binary can then be performed to extract the top secret keys and mimic the key decryption algorithm from the license response.
Why
This PoC was done to further exhibit that code obfuscation, anti-debugging tricks, whitebox cryptography algorithms and other procedures of security-by-obscurity will eventually by defeated in any case, and are, in a way, pointless.
Lawful Disclaimer
This is for academic purposes only. Downloading copyrighted products from streaming companies may perhaps violate their Phrases of Support. Use at your have chance.