Quote:
Originally Posted by gir
It's not as simple as that, because Flash for the most part decodes the stream in software, you need to patch flash binary itself (you'd get raw pixel/audio data with dll hook -> loss in quality). Noone has done that AFAIK (and RCE effort involved tops that of reversing .swf itself).
But I see where you're coming from, if this will be done, flash is broken for eternity..
I just want to point out actually existing tools.
Again, such a patched Flash player is pure evil. rtmpdump is developed by highly skilled individuals, but for the sake of interoperability (to break out of adobe's walled garden), rather than to pirate stuff explicitly.
Imo theres simpler way to speculate about that. Use poker psychology: Casual (that is, harmless) pirate will just upload scenes he likes to private sites like chegg*t. The actual harm is imo neglible, may even serve as good promo if you strap huge site logo watermark somewhere.
People interested will come to you for more.
Regarding the dedicated pirate, their skill is imho at least on the google "how to record rtmpe securetoken" level. They're doing it for fun, race and glory in the warez underground. Unfortunately the release will find it's way to torrent sites eventually.
You might be onto something there. Perhaps the right way would be detecting and baiting the web-scraping bot in progress?
For example, there's no way for the evil guy to check all of those dozen hours he just scrapped, so injecting annoying "THIS STUFF IS PIRATED" every few frames once the bot is detected might be fun  |
LOL, i love having this chats
ok, i got the point, the stream is sent to the application and all the decryption is done inside it without sending out information to the OS, the thing here is, there is always interaction with the OS .... Again, i'm not that into windows internals, i'm more a linux guy, but there is no libc call on linux that doesn't end up firing up a kernel syscall ;) So you just need to know which one and when to hook it and you are done, i think the same procedure could be applied on Windows ( I INSISTS, i almost don't know Windows internals, but OSs at this point work all the same ... ), just thinking quick here as i won't find a reverse engeneering solution on a quick thread answer, but, even if the Adobe, Flash or whatover application you are refering too that does the decryption is not maybe calling the more generic syscalls ( read, write, etc ), it must be handleing memory ;) Every process that, and has to call the operating system as an application don't have the ability to enter kernel mode and assign itself the space on RAM he wants too :P So .... i insist ..... If you are sniffing the connection, there you might have a challenge, if you are watching the end stream on a computer, its just a matter of time and knowing which syscall to hook.
On the security consultant company i used to work, i'm not sure if i can talk about this, yes, the NDA has two years long so i guess i can, he developed a sort of DLL that hooked every fucking dll call an application called and called a python script to let him know what the application was doing, so, just doing a quick think here, if i had one of this movies frame and i used this tool, i would just have to make python parse every fucking dll call it gets triggered until i found that frame pattern, and there i am
I have where to look and fetch the movies ;) Honestly, it doesn't sound that challenging when i think about it, and you seem to be really into it, so i must be missing something here or you are not doing good your homework, but you seem to be, so surely i'm missing something here ...
And about the fingerprint LOL, i said FINGERPRINT, no WATERMARK, its totally different
A fingerprint is not shown on the video ;) Its transparent