Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 1st November 2008, 21:34   #321  |  Link
kkloster21
Registered User
 
Join Date: Jun 2008
Posts: 117
and another BD+ disc with a conv_tab.bin table successfully created:

Code:
$ java -jar Debugger.jar 
[W] No post-trap snapshot archive found!
[W] No post-break snapshot archive found!
[W] No program counter trace found!
[W] No instruction trace found!
[W] No timer trace found!
Loading /media/cdrom1/BDSVM/00000.svm ...
Volume ID set to: AB 82 C6 51 E6 0C 66 91 D4 BC 70 46 D0 5C 70 09 
[Event #00000000] 0110 ( 00000000, 0000FFFF )
[Event #00000001] 0210 ( 00000000, 00000001 )
[Event #00000002] 0110 ( 00000000, 00000001 )
Conversion table set
[Event #00000003] 0220 ( 00000000, 00000001, 00000000)
[Event #00000004] 0220 ( 00000000, 00000001, 00000001)
[Event #00000005] 0220 ( 00000000, 00000001, 00000002)
[Event #00000006] 0220 ( 00000000, 00000001, 00000003)
[Event #00000007] 0220 ( 00000000, 00000001, 00000004)
[Event #00000008] 0220 ( 00000000, 00000001, 00000005)
[Event #00000009] 0220 ( 00000000, 00000001, 00000006)
[Event #0000000A] 0220 ( 00000000, 00000001, 00000007)
[Event #0000000B] 0220 ( 00000000, 00000001, 00000008)
[Event #0000000C] 0220 ( 00000000, 00000001, 00000009)
[Event #0000000D] 0220 ( 00000000, 00000001, 0000000A)
[Event #0000000E] 0220 ( 00000000, 00000001, 0000000B)
[Event #0000000F] 0220 ( 00000000, 00000001, 0000000C)
.
.
.
[Event #000001B4] 0220 ( 00000000, 00000001, 000001B6)
[Event #000001B5] 0220 ( 00000000, 00000001, 000001B7)
[Event #000001B6] 0220 ( 00000000, 00000001, 000001B8)
[Event #000001B7] 0010 ( 00000000, 00000001 )
i'm going to try to actually rip one of these and see if i can get it repaired and up on the screen. hopefully i can figure it out.

i'll post as soon as i can get anything.
kkloster21 is offline   Reply With Quote
Old 1st November 2008, 21:42   #322  |  Link
774
Registered User
 
Join Date: Sep 2008
Posts: 1
Did anyone ever find any use for PortableBDVM? I've been working on other projects so I haven't had any time to update it with all the discovered traps myself, but since it seems most of them have been figured out, maybe it'd be time to make it actually useful.

I'm still too busy to do it right now, but does anyone else feel like taking up the torch? If you want this code in mplayer or VLC or most any other media player, there needs to be a C version, so it could be a good place to start.
774 is offline   Reply With Quote
Old 1st November 2008, 22:43   #323  |  Link
kkloster21
Registered User
 
Join Date: Jun 2008
Posts: 117
I successfully repaired and played Live Free or Die Hard! (I didn't play through the whole film but i watched enough to make sure that the content was repaired).

great job guys! hopefully KenD00 can implement this in dumpHD so that we don't have to rip the discs before we can play them .

let me know what else i can do to help.
kkloster21 is offline   Reply With Quote
Old 1st November 2008, 23:00   #324  |  Link
Oopho2ei
Guest
 
Posts: n/a
Quote:
Originally Posted by 774 View Post
I'm still too busy to do it right now, but does anyone else feel like taking up the torch? If you want this code in mplayer or VLC or most any other media player, there needs to be a C version, so it could be a good place to start.
Accident has been working for some weeks on a C implementation now. Maybe you could both join your efforts. I've sent him a private message. Maybe he will contact you soon. Would be great.

Quote:
Originally Posted by kkloster21 View Post
I successfully repaired and played Live Free or Die Hard! (I didn't play through the whole film but i watched enough to make sure that the content was repaired).
Great. Could you also rip the disc with AnyDVD-HD and compare the files (with vbindiff, md5sum or whatever) please?

Quote:
Originally Posted by kkloster21 View Post
let me know what else i can do to help.
I need the conversion tables of those movies which are handled correctly (compared with AnyDVD-HD result) together with the movie title and the volume id. Also a list of movies for which you can't get the conversion table or for which the console output contains warnings or error messages.
  Reply With Quote
Old 1st November 2008, 23:52   #325  |  Link
KenD00
Registered User
 
Join Date: Jan 2007
Location: Internet
Posts: 378
Success .

Using the latest debugger i got a working conversion table for Die Hard 4. I ripped the disc again with AnyDVD HD and the main movie file 00020.m2ts has in both cases the MD5 sum 0cbf12c33948e458883b060253f5f8d4.

While i made the old, non working, conversion table i made a mistake, i ran the debugger on the already aacs decrypted disc contents. I ran it again with the original disc and it produced a slightly different conversion table, about 20 spots in the files are different. However, using the new debugger i get identical conversion tables in both cases .

Now that i have a working conversion table i can start to implement support for this into DumpHD, but it will take some, i'm quite busy right now, so please be patient.

Oh, and hello arnezami, nice to see you again.

Edit:
Your BouncyCastle Debugger package doesn't work because its not enough to just put the jar archive into the classpath, you have also to register the provider. This can be done either statically by editing the java.security file or dynamically from the debugger. If you add this line to the debugger (make sure it gets executed only once)
Code:
java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
it will work (well, should, haven't tested this *g*).



Last edited by KenD00; 2nd November 2008 at 00:12.
KenD00 is offline   Reply With Quote
Old 2nd November 2008, 00:51   #326  |  Link
Accident
Registered User
 
Join Date: Aug 2002
Posts: 111
Quote:
Originally Posted by Oopho2ei View Post
Accident has been working for some weeks on a C implementation now. Maybe you could both join your efforts. I've sent him a private message. Maybe he will contact you soon. Would be great.
I have finished the Slot code, but I need to make it right before it gets checked in (memory dumps differ, I suspect the flash.bin is actually little endian). After that, trap_PrivateKey, and events are left to be done. At that point it should be able to do what the Java code does.

In theory.
Accident is offline   Reply With Quote
Old 2nd November 2008, 01:13   #327  |  Link
Oopho2ei
Guest
 
Posts: n/a
Apparently there are no major issues so i think it's time for the initial release: BDVM Debugger v0.1.1

The BouncyCastle security provider library is now included so at least in linux you don't need to install it manually (thanks to KenD00!) Simply call the debugger with "sh debugger.sh". Strangely the Debugger.jar is much larger now almost as if it includes the BouncyCastle library. But still the debugger fails to load if i remove the library from the classpath so you can find it in the lib/ directory after extraction.

Last edited by Oopho2ei; 2nd November 2008 at 18:48. Reason: Update to version 0.1.1
  Reply With Quote
Old 2nd November 2008, 12:48   #328  |  Link
Doom9
clueless n00b
 
Join Date: Oct 2001
Location: somewhere over the rainbow
Posts: 10,572
@Oopho2ei: the jar file is so large because it contains the bouncycastle lib.. it's packed into the jar file. Something must've gone wrong during the build mechanism. And if you distribute the lib with the software you might want to build so that the lib in the dist directory is automatically taken into account (like Netbeans does).
__________________
For the web's most comprehensive collection of DVD backup guides go to www.doom9.org
Doom9 is offline   Reply With Quote
Old 2nd November 2008, 18:53   #329  |  Link
Oopho2ei
Guest
 
Posts: n/a
Quote:
Originally Posted by Doom9 View Post
@Oopho2ei: the jar file is so large because it contains the bouncycastle lib.. it's packed into the jar file. Something must've gone wrong during the build mechanism. And if you distribute the lib with the software you might want to build so that the lib in the dist directory is automatically taken into account (like Netbeans does).
I have uploaded version 0.1.1 (see posting #327) which hopefully fixed the BouncyCastle problem. Luckily i have found a working example build.xml for ant which includes the BouncyCastle security provider so i could fix this issue quickly. Even in windows or any other operating system you should be able to run the debugger by simply typing "java -jar <filename of the jar>" in the console. In linux you should use "sh debugger.sh" as described in the readme.

If everything works as it should you don't need to install BouncyCastle manually anymore because it is already included in the jar.
  Reply With Quote
Old 3rd November 2008, 01:56   #330  |  Link
Accident
Registered User
 
Join Date: Aug 2002
Posts: 111
Anyone here familiar with OpenSSL's ecdsa? I am unsure how to apply q,a,b,x,y and d with the OpenSSL API. Or if indeed those BigInts are standard, and I just need to set PrivateKey and sign?
Accident is offline   Reply With Quote
Old 3rd November 2008, 02:20   #331  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Now that you all have succeeded in hacking BD+ and released the source code, can any of you give a cookbook how to:
  • obtain the 7 keys
  • obtain memory footprints
  • obtain player signatures
  • obtain new traps
  • detect that BD+ developers have found a bug in the VM and uses that against us?
Quote:
Apart from that the purpose of the program (called "content code") running inside the player on a virtual machine is to detect any known compromised players or known unlicensed emulators (like ours). The content code is give a wide range of opportunities to do that. For example it has (limited) access to the player memory and can even execute arbitrary code on the machine though we haven't seen that yet and our emulator doesn't support this either.
As long as we have access to a working (licensed) players all these measures are useless as we can record traces from this player and adjust the data "injected" in the virtual machine address space by traps or events to perfectly match our recordings. Even if whitebox attack resistant AES or ECDSA algorithms are used and nobody manages to break them we can still use the obfuscated algorithms and their keys.
Can a cookbook be given to this?

Also, can any of you show a diagram how BD+ works, like the famous AACS diagram?

Last edited by lightshadow; 3rd November 2008 at 02:21. Reason: typo
lightshadow is offline   Reply With Quote
Old 3rd November 2008, 20:07   #332  |  Link
KenD00
Registered User
 
Join Date: Jan 2007
Location: Internet
Posts: 378
@schluppo
I'm trying to send you a PM but the forum says you either don't want or are not allowed to receive PM's . Can you check your settings please?

KenD00 is offline   Reply With Quote
Old 3rd November 2008, 21:46   #333  |  Link
FoxDisc
Registered User
 
Join Date: Jan 2007
Posts: 274
Quote:
Originally Posted by Turtleggjp
... what can they do to protect future releases? With AACS, it's easy, just revoke the keys used. Does your implementation of BD+ use any revokable keys, or are they limited to the unused instructions to try and fool you in the future?
Quote:
Originally Posted by Oopho2ei View Post
The key set currently in use consists of 7 AES keys for TRAP_Aes and two ECDSA public/private key pairs for TRAP_PrivateKey. These keys can theoretically be revoked (e.g. by adding 7 more AES keys and don't use the old ones anymore for new movies)
Where are these keys located? For example, in AACS, the device stores device keys and the disc stores media keys and the VID. The media keys are easily readable and copyable, but they are encrypted. The VID is supposedly non-readable (outside of an authenticated AACS session) and is in a supposedly non-copyable area of the disc. You need the device keys to decrypt the media keys.

Where are the 7 AES keys and 2 ECDSA public/private key pairs kept - device or disc? Are they associated with a specific device, like the device keys, or do all devices have the same keys?
FoxDisc is offline   Reply With Quote
Old 4th November 2008, 09:30   #334  |  Link
Doom9
clueless n00b
 
Join Date: Oct 2001
Location: somewhere over the rainbow
Posts: 10,572
@Oopho2ei: if you see this, could you check your PMs please?
__________________
For the web's most comprehensive collection of DVD backup guides go to www.doom9.org
Doom9 is offline   Reply With Quote
Old 5th November 2008, 08:03   #335  |  Link
Accident
Registered User
 
Join Date: Aug 2002
Posts: 111
I have yet to implement trap_PrivateKey, as the OpenSSL documentation is rather sparse. So for now, it is returning static bytes as per snapshot, and completes the run until the end:

Code:
-rw-r--r--      1 owner  group  3211264 Nov  5 15:47 conv_tab.bin

00000000  00 24 00 00 00 01 01 53  00 00 05 54 00 00 05 58  |.$.....S...T...X|
00000010  00 00 0f 84 00 00 1f c8  00 00 2e 54 00 00 3c f4  |.......<C8>...T..|
I do not know if it is entirely correct as I do not have the media itself, but at least it starts with 0x24/36 segments, when it is ready.

libbluray is written in C, uses autoconf and has a MSVC++ project file, and is endian aware, so it should work on all platforms.

Edit1:
The fastest run I have managed to do takes 4 seconds. On average, up to 15 seconds. This is with loading cores for Random and PrivateKey. (If I use my Random, it fails, probably because PrivateKey is not yet implemented). I haven't really looked at optimisation yet.

Last edited by Accident; 6th November 2008 at 04:50. Reason: Statistics
Accident is offline   Reply With Quote
Old 5th November 2008, 09:05   #336  |  Link
tteich
Registered User
 
Join Date: Jul 2004
Posts: 40
Quote:
Originally Posted by Accident View Post
I have yet to implement trap_PrivateKey, as the OpenSSL documentation is rather sparse. So for now, it is returning static bytes as per snapshot, and completes the run until the end:

Code:
-rw-r--r--      1 owner  group  3211264 Nov  5 15:47 conv_tab.bin

00000000  00 24 00 00 00 01 01 53  00 00 05 54 00 00 05 58  |.$.....S...T...X|
00000010  00 00 0f 84 00 00 1f c8  00 00 2e 54 00 00 3c f4  |.......<C8>...T..|
I do not know if it is entirely correct as I do not have the media itself, but at least it starts with 0x24/36 segments, when it is ready.

libbluray is written in C, uses autoconf and has a MSVC++ project file, and is endian aware, so it should work on all platforms.
That's great, what you're contributing! A native implementation in C opens doors to have an open source BD player sometimes later...
tteich is offline   Reply With Quote
Old 5th November 2008, 14:33   #337  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Accident View Post
I have yet to implement trap_PrivateKey, as the OpenSSL documentation is rather sparse.
Have you tried the openSSL mailinglist? It is fairly high trafic, but have a high signal to noise ratio.

I wonder if the GPLv3 allows DRM breaking tools
lightshadow is offline   Reply With Quote
Old 5th November 2008, 22:11   #338  |  Link
dirio49
JuSt a PoWer uSEr
 
Join Date: Mar 2005
Location: None of your Business
Posts: 288
Does anybody think this thread should be a sticky?
__________________
Birthdays are good. Statistics show that the people who have the most live the longest.
dirio49 is offline   Reply With Quote
Old 6th November 2008, 00:37   #339  |  Link
LoRd_MuldeR
Software Developer
 
LoRd_MuldeR's Avatar
 
Join Date: Jun 2005
Location: Last House on Slunk Street
Posts: 12,891
Quote:
Originally Posted by lightshadow View Post
I wonder if the GPLv3 allows DRM breaking tools
Why not? The GPL defines what other people are allowed/required to do with your work. It doesn't put any restrictions on your work itself.

Also the basic idea of the GPL is "Copyleft" - keep free stuff free. Hence healing DRM-infected files corresponds to the "spirit" of the GPL.
__________________
There was of course no way of knowing whether you were being watched at any given moment.
How often, or on what system, the Thought Police plugged in on any individual wire was guesswork.


LoRd_MuldeR is offline   Reply With Quote
Old 6th November 2008, 03:55   #340  |  Link
XAvAX
Registered User
 
Join Date: Nov 2006
Posts: 13
Quote:
Originally Posted by dirio49 View Post
Does anybody think this thread should be a sticky?
Seconded.
XAvAX is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 05:29.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.