Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion. Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules. |
3rd January 2007, 11:36 | #282 | Link |
Registered User
Join Date: Dec 2006
Posts: 3
|
Keys
You don't have to make a search on volume key but on Volume Unique Key.
But i haven't found any interresting informations on how to get any keys. I have all the hadware requirement to test. So if somebody have an idea... |
3rd January 2007, 12:01 | #283 | Link |
Registered User
Join Date: Mar 2004
Posts: 1,120
|
am i the only person who's completely confused??
hope you can bring out a new version soon muslix64, even if you only post here once a month like you did yesterday along with a new release. hope 1.01 will have a windows interface, that would be cool! i hope you can find the keys and release them on p2p! p.s you should update the first post on this thread with the link to version 1.00 otherwise people who dont read all these pages wont know there is a new version out. Last edited by hajj_3; 3rd January 2007 at 12:09. |
3rd January 2007, 13:00 | #284 | Link |
Registered User
Join Date: Dec 2006
Posts: 8
|
If this is real after all (I'm still not sure) then I'm getting it.
muslix64 has problems with his/her conscience. muslix64 wants to show that he/she has found a weakness, but she/he does not want to be fully responsible for major piracy issues. (which would definately come up) I don't believe muslix64 is afraight of getting caught. |
3rd January 2007, 18:55 | #290 | Link |
Registered User
Join Date: May 2003
Posts: 22
|
what ive gathered
From what ive gathered this info might be helpful to more info and ill share it here
Memory.dmp--you can generate the Memory.dmp file by holding CTRL on the right side of the spacebar while you press SCROLL LOCK two times. Not verified to work but someone said it may...... Windows XP Service Pack 2 Support Tools has a command called dumpchk that will verify the dump and display information about it. This command can be found in the Windows XP Support Tools. The easiest way to run it is to copy the dumpchk.exe into the same folder as the memory.dmp file. IE c:\windows\memory.dmp At a command prompt in this folder run the command “dumpchk memory.dmp”. To really dig into the memory.dmp file you will need to use the Microsoft Debug Tools. You also need the correct symbols for the os that the memory dump came from. These can be downloaded here. http://www.microsoft.com/whdc/devtoo...nstallx86.mspx http://www.microsoft.com/whdc/DevToo...symbolpkg.mspx After all that is installed, open up the Debug program windbg. It can be found in the start menu. First set the symbol path, by clicking File, symbol path; and add the path that you installed the symbols to. Default is c:\windows\symbols. To open up the memory.dmp file, select File, Open Crash dump. It will first show the same info that dumpchk displayed. To get more detailed info, enter this command: !analyze -v. This will display a much more detailed analysis of the problem. Some other useful things you can look at are the call stack (View, Call Stack) to see what system calls were being run when the crash occured, registers (view, registers) to see what registers were being used, and the actually memory (view, memory) to view the contents of the memory when the crash occured. You could also view the dissassembly to see what code was running. |
3rd January 2007, 19:26 | #292 | Link |
Registered User
Join Date: Dec 2005
Posts: 560
|
Brute forcing the memory for keys should work. The title key or whatever is needed to actually decrypt the content of the disc will probably be stuck on the heap as aposed to the stack as it will probably need to outlive the scope of the decryption functions
Someone suggested the key will be in the registers .. well it will be eventually but i guess the key is probably bigger than the current x86 registers so probably easier to get it out of mem. I can't really see how you can protect against this hack. |
3rd January 2007, 19:45 | #294 | Link |
RPC-1 to people
Join Date: Sep 2003
Location: from Mars to Earth
Posts: 39
|
You can just look @ C:\program files\CyberLink\PowerDVD (6.5 HD) and check what "some specific files" do.
I doubt is on registry, must be on memory (RAM). I do not have a HD-DVD, nor HD-DVD movies, so I cannot try it by myself.
__________________
Gradius Living in Mars is nice! |
3rd January 2007, 19:58 | #296 | Link |
Registered User
Join Date: Aug 2002
Posts: 151
|
From what I had understood EACH AND EVERY HD-DVD TITLE has it's own volume key (or more).
Like "Superman" released in US has it's own volume key ,"Superman" released in Europe has it's own volume key , "Enter the dragon" released in US has it's own volume key, etc... Morever even same title like "Superman" released in US can have SEVERAL volume keys like one for disks produced in October-November and one for disks produced in December-February, etc ... This means for each HD-DVD disk someone will need to find a right volume key , not just once per player or even one per title. This means this someone need to post it somewhere to be accessible by other users and therefor this someone can be sued. Also since wast majority of users will not be able to extract Title key for every disk they put in their drive by themselves they will need someone to do it for them. No Automatic key extraction software will be possible, let's say someone for example develop such software that uses speciffic version of PowerDVD (just for example it can be any other software player even on Vista 64 despite all the protections built-in) to extract volume key. Then very soon studios will block that player's key (so it will not play new titles at all) and PowerDVD will release new version with new player key. So no reason to stick with old version and new version can't be "harvested" for keys automatically. All the above means that probably same as with ISO "releases" one of two "industries" will develop : 1. "Indexing" sites that hold a lot of volume keys for different versions of the movies. 2. "Images" releases same as cracked games will spread on Torrent or other P2P networks with already decoded versions of HD-DVDs same way as now they "release" images of games with crack. (This option I believe more feasible, after all what is 25 or even 50GB for Torrent ? And internet speeds continue to increase all the time). In both cases it will be either professional programmers that will do the debugging (like now only few people in the world do software cracking) or people around industry steal volume keys (like now steal games before they even get released). So that's my analysis on the future of HD-DVD (and probably BD too). This means no "immediate" threat for studios, there will be no such programs as DVDDecriptor for DVDs that any kid can use at home to decrypt but in a long run - yes, AACS IS cracked. I think for the studios it's again (like with CSS or/and region protected DVDs) the situation becoming worse then if no protection were used since legal user will have many limitations (streaming for example if forbidden etc) while pirates will have more "usable" versions. Last edited by Lord_KiRon; 3rd January 2007 at 20:10. |
3rd January 2007, 20:45 | #297 | Link |
Registered User
Join Date: Dec 2006
Posts: 154
|
I have a theory for how to figure out where to find a key for any given player application after PowerDVD 6.5 HD gets revoked (you know it's coming).
Say you picked some HD-DVD available in stores today and figured out its keys via Muslix's PowerDVD exploit. You now have a copy of the decrypted key. You would then play back that same disk for which you already know the key in any other current or future HD-DVD playing application. You would then watch memory (knowing in advance the decrypted key) for the decrypted key to appear and remember the memory location where it was found. Now you know where in memory decrypted keys are kept and you can play any other disk, go to the same memory location, and there's the decrypted key. A program could easily be written to automate all of this. |
3rd January 2007, 21:32 | #299 | Link |
Registered User
Join Date: Apr 2004
Location: NTSC R1
Posts: 173
|
Let's look logicaly...
1. Task is to encript content and deliver it to the public without discovering the keys for decription.
2. At the same time they have to give you (user) the key in some form so you can watch the movie. 3. You own the player, soft or standalone and have acces to it. 4. If you have the acces to it, you could extract the keys or the algorithm in theory - everyhing should be there. 5. Main rule for authrized decription is not followed. Key is public on the media side, key is public on the player side. Even encripted, they are accesible. 6. Only way to have message secure is to have user specific key that only he/she knows (public/private key scheme). 7. In this case "private" key is accesible (in some way) by "malevolent hacker'. 8. Logical conclusion is that there is now way to protect content available to all public in secure way. It is just matter of time spent to get there. 9. If we remember Enigma machine, only way English could decipher it was to get hands on code book and a machine. Germans changed the code, but too late, and the alghoritm wasn't changed for the compatibility reasons (sounds familiar for standalones). I am not saying that it couldnt be done brute force at the end, language is closed set and it has its own distribution and syntaxe, but it would take indefinite time. 10. AACS alghoritm was made public, keys are out there, so only logical conclusion is - it could be done! I am not a programmer, have no clue how to do it, but please comment on above statements. I figure, the only reason for content scrambling is to stop "average joe" to copy movies. Remember NagraVision 2, it was praised as unbrakable, Asian sat dealrs were offering 1M$ for a solution, I know (and you too) that money is collected. The only way to secure something is to keep one part secret (totally, not encrypted in some form and accesible), either private key or algorithm, or content probability distribution. All else is just increasing workload. Having computers and smart hackers out there, even workload could be shortened. just my 2c... Regards... |
3rd January 2007, 21:33 | #300 | Link | |||
Registered User
Join Date: Sep 2003
Location: On The Beach
Posts: 714
|
Quote:
Quote:
As Lanier said, if a player will be upgraded with some revocation, comparing the firmware after and before inserting new HDDVD disc will give us some informations. The wrong step from them is to release a disc which include revocation. Another way is to read the memory dump from the player when inserting a HDDVD disc. I never made this type of dump, but some people already did it when hacking the Mediatek firmwares. Edit: Quote:
enjoy, Mtz Last edited by Mtz; 3rd January 2007 at 21:48. |
|||
Thread Tools | Search this Thread |
Display Modes | |
|
|