Quote:
Originally Posted by borked
so glad I brought you out of lurking... 
Why do you say this - if you can give me an example of an app that can rip an rtmpe stream that is secured with "SecuredToken" or similar, I'm all ears. |
exactly the false sense of security i'm talking about, ignorance is bliss..
Quote:
|
Originally Posted by hysteria.cz/sd/rtmpdump/rtmpsuck.c
/* This is a Proxy Server that displays the connection parameters from a
* client and then saves any data streamed to the client.
*/
|
rtfm....
Quote:
|
Originally Posted by hysteria.cz/sd/rtmpdump/README
rtmpsuck - proxy server. See below...
All you need to do is redirect your Flash clients to the machine running this
server and it will dump out all the connect / play parameters that the Flash
client sent. The simplest way to cause the redirect is by editing /etc/hosts
when you know the hostname of the RTMP server, and point it to localhost while
running rtmpsrv on your machine. (This approach should work on any OS; on
Windows you would edit %SystemRoot%\system32\drivers\etc\hosts.)
On Linux you can also use iptables to redirect all outbound RTMP traffic. You
need to be running as root in order to use the iptables command.
In my original plan I would have the transparent proxy running as a special
user (e.g. user "proxy"), and regular Flash clients running as any other user.
In that case the proxy would make the connection to the real RTMP server. The
iptables rule would look like this:
iptables -t nat -A OUTPUT -p tcp --dport 1935 -m owner \! --uid-owner proxy \
-j REDIRECT
|
Go play for yourself.
The problem is, of course, that RTMPE is just mere weak obfuscation (the key is computed from .swf sha256).
The source .swf is all you need for successful proxying via rtmpsuck. the token is just simple _connection.call("secureTokenResponse", null, "blahblah"); hardcoded in the .swf ... does not matter, rtmpsuck just follows the session along and hops on the play packet.
Note that securetoken wowza plugin *does not* encrypt the flv data (aside the initial RTMPE obfuscation), it just authorizes the current session to issue the play call. It relies on the already broken Adobe scheme, which is why you need to go great lengths if things should be really hard to break.
Not sure about if there are any working windows GUI tools, however rtmpdump is what is used for real-world browser automaton scraping (see my rants about complete siterips).
note: Yes, I am somewhat involved with mplayer/ffmpeg/rtmpd folk. Don't hate em, you're all using the same shady ffmpeg nonetheless..