Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Closed Thread
 
Thread Tools Search this Thread Display Modes
Old 26th April 2007, 06:59   #241  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
OK. I need time to think this through. But things don't seem to add up here .

Anyway. Lets go for brute force shall we .

Here is KenD00's dumpvid program adapted for bluray:

dumpvid 0.3 (adapted)

Screenshot:



Works like a charm for PowerDVD 7.3 (for me when using the HD DVD version) even including the upgrade.

See KenD00's post for more info. Just hit ENTER en then play with PowerDVD.

arnezami

Last edited by arnezami; 26th April 2007 at 07:24.
arnezami is offline  
Old 26th April 2007, 07:37   #242  |  Link
PepsiLee2001
Registered User
 
Join Date: Jan 2007
Posts: 47
Quote:
Originally Posted by arnezami View Post
OK. I need time to think this through. But things don't seem to add up here .

Anyway. Lets go for brute force shall we .

Here is KenD00's dumpvid program adapted for bluray:

dumpvid 0.3 (adapted)
dumpvid 0.30 + aacskey 0.25

dumpvid 0.30
Code:
C:\dumpvid0.30>dumpvid.exe n
DumpVID 0.3 by KenD00 (adapted for bluray testing)

Drive type is recognised as CDROM/DVD.

Sending SPC1 Test Unit CDB6 command..done.
Returned good status.

Press ENTER to start hammering

Hammering drive...
vid: 43F962AFDF015A7A2F01BFB8B29C4C92
Hammering finished.
aacskeys 0.25
Code:
C:\aacskeys_v0.2.5>aacskeys.exe n s 43F962AFDF015A7A2F01BFB8B29C4C92
aacskeys v0.2.5

Current path: C:\aacskeys_v0.2.5

First C-value:                459DE09775A9E7442416637D03D00552
First u mask nr:              17
First uv:                     00000001
Device key:                   AA856A1BA814AB99FFDEBA6AEFBE1C04
Processing key:               09F911029D74E35BD84156C5635688C0
Encrypted C-value:            459DE09775A9E7442416637D03D00552
Corresponding uv:             00000001

Decrypted C-value:            0028A88F4F50647D49962E02CFBFA9D7
Media key:                    0028A88F4F50647D49962E02CFBFA9D6

Encrypted verification data:  EB29317BB8DECA19A8879C6DFDB02D24
Decr verif data should be:    0123456789ABCDEF
Decrypted verification data:  0123456789ABCDEF373026BCC71B62E0

Volume ID:                    43F962AFDF015A7A2F01BFB8B29C4C92
Volume Unique Key:            61B6A65446D6F1AF353F5F7AF7E546D6
Unit Key File Hash (DiscID):  2CCC522CE0C26F04F4015FFF9D3EE9D4E80DA43D
Encrypted Unit Key 1:         C2FD8516BE84A8CEF789C913A38A0996

Decrypted Unit Key 1:         5F620690A99921E9B7CF4A756E69B8B8
PepsiLee2001 is offline  
Old 26th April 2007, 08:12   #243  |  Link
mrazzido
Registered User
 
mrazzido's Avatar
 
Join Date: Jan 2007
Posts: 114
i test the tool from kenD00

i got the right volume id...


DumpVID 0.3 by KenD00 (adapted for bluray testing)

Drive type is recognised as CDROM/DVD.

Sending SPC1 Test Unit CDB6 command..done.
Returned good status.

Press ENTER to start hammering

Hammering drive...
vid: 51FAA0C75C515D91429D23C2FF8C4173
Hammering finished.
mrazzido is offline  
Old 26th April 2007, 17:19   #244  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Great!

This is good news.

For some reason using the AGID as time marker interferes with both players (using a BD/multi-agid drive). Maybe there is an in between solution. But now we atleast got a way of retrieving Volume IDs from the current version of Power DVD.

For now I will probably concentrate on other stuff and maybe come back to this later when there is more time or need for it.

Much thanks to mrazzido and PepsiLee2001 for all their impressive efforts.

Btw: this means we now have a way of retrieving the VID for both HD DVD and Bluray. Meaning we effectively do not need the upcoming HPK anymore.

Regards,

arnezami

Last edited by arnezami; 26th April 2007 at 18:27.
arnezami is offline  
Old 27th April 2007, 00:40   #245  |  Link
Geremia
Registered User
 
Join Date: Feb 2007
Posts: 71
good work arnezami

there is always something more exciting than watching movie, right?

About the SD-S802A, i've found a (disabled) cdb command that reads any sector in any disc area (system lead-in included) with full 0x10 byte header too (header is first 0x10 bytes of the output)

plscsi.exe -v -p -x "08 00 00 ps ps ps" -i x810

where pspsps is the PSN

i've dumped all the "raw" copyright data segment of kingkong (where VolumeID LSB and KCD should be) but it doesn't seems to contain anything. Also the RSV 6byte field in the header is empty.

Reading AACS specs, they say that VID LSB and KCD "shall" be recorded here, but i also read that an AACS compliant standalone player may not use the KCD ...so, maybe we should look for a CopyrightDS of a movie that has full VolumeID (not the one with 00 20 20 20 20 20 ending)?
I've not such a movie, can anyone see how PSN 01E600 and > looks like?

ex:

plscsi.exe -v -p -x "08 00 00 01E600" -i x810

P.S.: the 08 CDB command is disabled by default, you have to enable disabled commands first (like done before for DF command)

Last edited by Geremia; 27th April 2007 at 00:43.
Geremia is offline  
Old 27th April 2007, 15:29   #246  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Geremia View Post
P.S.: the 08 CDB command is disabled by default, you have to enable disabled commands first (like done before for DF command)
It may seam like a stupid question, but could you provide the entire command ofr unlocking 08? I can't find it for DF.
lightshadow is offline  
Old 27th April 2007, 16:34   #247  |  Link
awhitehead
Registered User
 
Join Date: Jan 2007
Location: Tel-Aviv, Israel
Posts: 185
Quote:
Originally Posted by lightshadow View Post
It may seam like a stupid question, but could you provide the entire command ofr unlocking 08? I can't find it for DF.
Code:
Enabling DF:
plscsi -v -p -x "1D 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00" -f DFenable.bin -o x8
DFenable.bin is a binary file that contains the following 8 bytes:
88 00 00 04 02 6F 01 00

If you would like to disable DF, you need to create DFdisable.bin:
88 00 00 04 02 6F 00 00
and re-run the above plscsi command with an additional data in DFdisable.bin

HTH.
awhitehead is offline  
Old 27th April 2007, 16:56   #248  |  Link
Pelican9
Coder
 
Pelican9's Avatar
 
Join Date: Jan 2007
Location: Around the World
Posts: 697
Quote:
Originally Posted by awhitehead View Post
Code:
Enabling DF:
plscsi -v -p -x "1D 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00" -f DFenable.bin -o x8
DFenable.bin is a binary file that contains the following 8 bytes:
88 00 00 04 02 6F 01 00

If you would like to disable DF, you need to create DFdisable.bin:
88 00 00 04 02 6F 00 00
and re-run the above plscsi command with an additional data in DFdisable.bin

HTH.

I think lightshadow wants to know how he can enable the 08 command.
Pelican9 is offline  
Old 27th April 2007, 19:00   #249  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Pelican9 View Post
I think lightshadow wants to know how he can enable the 08 command.
Yes, and also the DF command, so thanks awhitehead for that =)
lightshadow is offline  
Old 27th April 2007, 19:28   #250  |  Link
awhitehead
Registered User
 
Join Date: Jan 2007
Location: Tel-Aviv, Israel
Posts: 185
Quote:
Originally Posted by Pelican9 View Post
I think lightshadow wants to know how he can enable the 08 command.
I apologize. After reading
Quote:
Originally Posted by Geremia
P.S.: the 08 CDB command is disabled by default, you have to enable disabled commands first (like done before for DF command)
I was under impression that the technique above enables disabled commands, including both DF and 08.

Once again, I apologize.
awhitehead is offline  
Old 27th April 2007, 19:54   #251  |  Link
Geremia
Registered User
 
Join Date: Feb 2007
Posts: 71
there should be about 4-5 disabled vendor specific commands that can be enabled all the same way.
DF, 08, 02....

DFenable.bin was originally named like this because i only needed the DF command, but it enables all others too
Geremia is offline  
Old 27th April 2007, 23:12   #252  |  Link
awhitehead
Registered User
 
Join Date: Jan 2007
Location: Tel-Aviv, Israel
Posts: 185
Quote:
Originally Posted by Geremia View Post
there should be about 4-5 disabled vendor specific commands that can be enabled all the same way.
DF, 08, 02....
Hi, Geremia

I must have missed you explaining it. What does 02 vendor specific command do, and what does the CDB look like?
awhitehead is offline  
Old 27th April 2007, 23:48   #253  |  Link
Geremia
Registered User
 
Join Date: Feb 2007
Posts: 71
not yet traced entirely, but from my notes:

02 01 00 00 00 00 dumps 0x4000 bytes from 0x7BC000?!?

02 00 ba ba ln ln dumps from unknown area,from baseaddress*4 with lenght*4
maybe memory address shared with motor driver?!?
bytes someway swapped, debug motor/lens text ?!?!

use -i x4000 for the 02 01
for the 02 00 the lnln lenght wil output 4times the size, so for ex
plscsi.exe -v -p -x "02 00 0000 2000" -i x8000
Geremia is offline  
Old 3rd May 2007, 12:43   #254  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Code:
Dear helpdesk,
I am trying to ping my server at
09F9:1102:9D74:E35B:D841:56C5:6356:88C0. However,
it seems like the address is in the unallocated space.
Perhaps there's a typo somewhere?
Code:
AACS LA:
That's the Processing key. You are not allowed to publish it.

Hacker:
No sir. That's a IPv6 address. Surely you won't deny me to have links on my website? =)
lightshadow is offline  
Old 3rd May 2007, 13:48   #255  |  Link
SuperGoof
Registered User
 
Join Date: Feb 2007
Posts: 86
Code:
select cast(newid() as varbinary) as GUID
Oops!

Code:
GUID
0x09F911029D74E35BD84156C5635688C0

(1 row(s) affected)
SuperGoof is offline  
Old 15th May 2007, 16:55   #256  |  Link
dito
Registered User
 
Join Date: Jun 2005
Posts: 12
New HD-DVD firmware to download on Xbox live now, beaware it's autoupdating....

Best regards!

Last edited by dito; 15th May 2007 at 18:34.
dito is offline  
Old 15th May 2007, 18:59   #257  |  Link
melakai
Registered User
 
Join Date: Jan 2007
Posts: 28
Quote:
Originally Posted by dito View Post
New HD-DVD firmware to download on Xbox live now, beaware it's autoupdating....

Best regards!
The update is only supposed to occur when you actually play an HD-DVD while connected to Xbox Live.

I am, however curious as to what is changed.
melakai is offline  
Old 16th May 2007, 00:55   #258  |  Link
BLACKBIRDxx
Registered User
 
Join Date: Feb 2007
Posts: 6
heres what the update covers
Amir Majidimehr, the corporate vice president of Microsoft's Consumer Media Technology Group, announced on the AVS Forum that a software update for the Xbox 360 HD DVD Player is scheduled for release tomorrow:

"It is my pleasure to let you all know that the HD DVD update for Xbox 360 is slated for release on 5/15 (i.e. tomorrow!). So when you wake up in the morning, you should be able to upgrade your software. And me free from telling you when are going to get it . Hope you all download it and provide feedback on what you think!"

Here's what the HD DVD audio update will include on May 15th:
* Fix DD being stuck in "Night Mode" which is essentially Dynamic Range Compression leading to the sound sounding very flat
* Option to output ALL HD DVD audio as DTS 1.5Mbps (list includes DD+, TrueHD, DTS, and any other audio option offered on HD DVD discs I may have missed)
* Option to output ALL HD DVD audio as DD 640Kbps, (which it currently does, but will be fixed from the Night Mode bug), list includes DD+, TrueHD, DTS, and any other audio option offered on HD DVD discs that I may have missed.
* Option to output ALL HD DVD audio as WMAPro (768Kbps I think), (list includes DD+, TrueHD, DTS, and any other audio option offered on HD DVD discs I may have missed) for those receivers that support WMA.
* Option to enable/disable Night Mode (with the default set to off)
* Fix a number of disc incompatibilities (including DVD Essentials) as well as a number of Lip Sync issues.
[/QUOTE]
BLACKBIRDxx is offline  
Old 16th May 2007, 00:58   #259  |  Link
Revgen
Registered User
 
Join Date: Sep 2004
Location: Near LA, California, USA
Posts: 1,545
Okay I'm confused here.

Is it a firmware update?

A software update?

Both?
__________________
Pirate: Now how would you like to die? Would you like to have your head chopped off or be burned at the stake?

Curly: Burned at the stake!

Moe: Why?

Curly: A hot steak is always better than a cold chop.
Revgen is offline  
Old 17th May 2007, 03:46   #260  |  Link
melakai
Registered User
 
Join Date: Jan 2007
Posts: 28
Quote:
Originally Posted by Revgen View Post
Okay I'm confused here.

Is it a firmware update?

A software update?

Both?
We might be able to find out for sure once the update is posted on Xbox.com. (They post the update that is burnable to a CD, so those not connected via Xbox Live can still update).
melakai is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 19:19.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.