You can burn a hd-dvd in a standard dvd. Indeed, you can already demux a hd-dvd (dvdlogic has a demuxer), compress video to avc lowering bitrate and reauthor. ;)

The file 001.fcl is loaded by Cyberlink and is used in the computation.

If you bp where neviens suggests you will get a chance to see where the 001.fcl code is used in the calculations. This leads me to believe this is the number that is unique to Cyberlink for future changes/updates.

Working to find a Title Key is all good and dandy, but shouldn't more effort be placed on getting ahold of a Volume Unique Key as the AACS specifications say that some videos could require the use of multiple Title Keys.

The file 001.fcl is loaded by Cyberlink and is used in the computation.

If you bp where neviens suggests you will get a chance to see where the 001.fcl code is used in the calculations. This leads me to believe this is the number that is unique to Cyberlink for future changes/updates.

It's very unique! Device keys are stored in this file.



...
My version of WinDVD HD crashes when I load the file..

WinDVD is attempting to use some antidebugging techniques.
You can estimate which player is less secure now :)

still no method of us non hd-dvd owners can test this?

You could try using the images I put up a few posts ago. The video isn't encrypted but PowerDVD might still load the volume/title key.

I can't get them to work without a UDF 2.5 filesystem driver though. The Toshiba one won't install, probably because I have no HD-DVD drive. Anyone know how to get UDF 2.5 to work with a Daemon Tools drive?

*cough* virtualisation *cough*

maybe take a little look at debugging a virtual machine, giving you access to the complete memory structure ( whether windows tries to protect or not ) at all times. you wont have native hdcp support, but should be able to view downscaled, and therefore grab the neccesary title keys.

*walks away quickly*

Borbus: It worked fine on my system without HD-DVD. Make sure you have the latest Daemon Tools and this http://rapidshare.com/files/3149367/XBOX360-1.HD-DVDRom.UDF.Reader.v2.5.WindowsXP-BluePrint.rar.html UDF driver.

What about Neros InCD? I heard that this one also does the UDF 2.5 stuff.

All what you need is Deamon tools (I have old 3.47v.) and installed Nero InCD. Works perfectly.

Daemon Tools + that Toshiba driver posted by tjf works. Thanks.

Hey people, i'm glad i can post now.

Just to let you guys know, i've been playing around with a debugger (OllyDbg), a plugin to hide the debugger (IsDebuggerPresent) and PowerDVD. I've been reading through this thread for the passed few days and have gone through many trials and errors to try and find the mystery keys.

Here is a link to the debugger: http://www.kongoo.com/odbg110.zip
Here is a link to the plugin: http://www.kongoo.com/SV_IsDebug14.zip

By the way, if the debugger crashes sometime after you pushed the "play" button, give it the Shift + F7 command, press "play" again, if the movie doesn't start playing, give it the Shift + F7 command and push "play" one last time. When ever the movie crashes, you can do this and it worked for me all the times.

Now that we know that we can't encrypt our own AACS content, i guess we'll have to debug the hard way.

In OllyDbg, i've been looking at patterns of the PowerDVD memory while HD-DVD content is being played. I'm not sure if it has anything to do with the keys, but anyone that has OllyDbg with PowerDVD will notice that some memory at particular addresses change every few seconds or so.

Here are the changing addresses:

02690000
02772000
0277E000

02C69000
02C88000

732F0000 mscat32
732F1000 mscat32 .text
732F2000 mscat43 .data
732F3000 mscat32 .rsrc
732F4000 mscat32 .reloc

Now, since i am no ASM guru, i am not able to do much with these.
There might be other changing addresses as well, some of them are hard to grasp.

If this might help anybody, maybe we can get more clues and get closer to these keys.

• You perhaps could try a brutal and simple way : with a dump you can reduce tremendously the exhaustive search of the media key (verification values are described in the AACS specs). With 128 bits keys, 2^128=10^37 trials are necessary with AES: if we take one ms per test, you need 3 10^26 years! Forget it. But if you locate key somewhere in a 1 MB space in the RAM of the PC, and simply stored as a 16 bytes array, you only need 10^6 tests, or 17 minutes!
• Does SO know if the Hollywood content Providers have or will have some policy to accept HD on PC only if they can be trusted, ie not only with OS like VISTA but more over with the stuff defined in TCG (old name TCPA) based on a trusted module called TPM and a lot of other features? Does it require VISTA "ultimate" and not the "basic / premium/ business" versions?
More over are these new approaches really trustable? ie it is likely that executing a player under the control of a debug program will be impossible, but is it possible to prevent to force a crash and perform afterwards a dump of RAM memory, for example?

I laso noticed that some code is written / deleted at the following address:

02735000

The code is:

02735000 42 INC EDX
02735001 0100 ADD DWORD PTR DS:[EAX],EAX
02735003 00EE ADD DH,CH
02735005 04 EE ADD AL,0EE
02735007 0108 ADD DWORD PTR DS:[EAX],ECX
02735009 0075 02 ADD BYTE PTR SS:[EBP+2],DH
0273500C 8837 MOV BYTE PTR DS:[EDI],DH
0273500E 76 02 JBE SHORT 02735012

Btw, PowerDVD DOES check for a debugger on "play".

I also wanted to note that some constants of the AES-128 encryption / decryption can be found in a few places in memory such as:

- Rcon from the Rijndael key schedule
- Rijndael's S-box
- Inversed S-box
- Iv0 which is the initialisation vector for AES-128CBCE and AES-128CBCD

If you want to find these constants in the memory yourselves, simply load up your debugger with PowerDVD, push the "play" button and then do a search for these constants:

- Rcon: 63 7c 77 7b
- S-box: 01 00 00 00 02 00 00 00 04 00 00 00 08 00 00 00
- Inversed S-box: 52 09 6A D5
- Iv0: 0B A0 F8 DD

Like noted previously, these would have to be used at some point for encrypting / decrypting the keys.

Yes, I pointed that out previously, but didn't think that anyone actually noticed.

Basically, you'll only need to hook into the key schedule function since that one is being fed the raw decryption key. The AES-128 decryption function itself uses that computed key schedule later on, so hooking into that would be too late already.

Pseudo-code for the key schedule looks something like this:


for i from 0 to Nk-1 {
w[i] = word (key[4*i], key[4*i+1], key[4*i+2], key[4*i+3])
}

for i from Nk to Nb(Nr+1) -1 {
if (i is multiple of Nk) then {
w[i] = SubstituteBytes( PermuteWord(w[i-1]) ) XOR RoundConstant[i/Nk]
} else if (Nk = 8 and i - 4 is multiple of Nk) then {
w[i] = SubstituteBytes( w[i-1] )
}
w[i] = w[i] XOR w[i-Nk]
}

Hi

My first post here, so I would like to tell what software I use to manipulate and dump memory, debug and so on. There is very good debugger IDA PRO http://www.datarescue.com/ and file/disk/memory editor http://www.x-ways.net/winhex/ which helped me a lot with weird protections. I don't have HD-DVD drive yet, but soon I will buy one, and I will join you.

Greetings for all.

If anyone is interested to live chat, we could all gather up on IRC on EFNet on the #doom9 channel. We can then share ideas live and maybe progress quicker.

Just a thought.

Sounds like a lot of fun...I would like to create a bulletin bored with your up to the minute updates on finding a key/crack at http://www.aacskeys.com . What do you guys think?

After discussion with Doom9, it has been decided to allow publication of decryption keys

I've noticed in the FAQ.txt for 0.99 and 1.00, Muslix64 uses the following example TITLE key:

12-08A3DC61910280F2...

None of the example discs in the .cfg files use key # 12, but so far I haven't seen confirmed nor denied that this is part of an actual title key (instead of some random hex gibberish). Did Muslix leave this there on purpose -without mentioning which disc it is- so people can look for this string in memory/registers?

(I don't own a HDDVD drive so I can't help out).

Just a thought...
If BackupHDDVD is able to take an encrypted video and a key, and from that write an unencrypted video, can it be modded to take an unencrypted video with key and produce encrypted video?

There seem to be quite a few posts around claiming that BackupHDDVD is very simple Java code that pulls together standard encryption packages and writes the output. I'm assuming that if packages exist to decode AACS encryption, then they also exist to encode.

If this is the case, then it would be possible to produce encrypted content for which the key is known.

Cheers, Beastie.

For the video stream it would be possible, but not for the keys (they are encrypted differently).

I've noticed in the FAQ.txt for 0.99 and 1.00, Muslix64 uses the following example TITLE key:

12-08A3DC61910280F2...

None of the example discs in the .cfg files use key # 12, but so far I haven't seen confirmed nor denied that this is part of an actual title key (instead of some random hex gibberish). Did Muslix leave this there on purpose -without mentioning which disc it is- so people can look for this string in memory/registers?

(I don't own a HDDVD drive so I can't help out).


If looking for the the FAQ.txt key snippet doesn't work, maybe the easiest would be playing the movie "Van Helsing" and only look for memory locations starting with 19 to find the title key.
Maybe try to first play Van Helsing and then play for example Tomb Raider 1 and then look for memory locations changing from 19 to 6 (is it 06 ??).

CE6339246F34087AB355681DEB656D23DCD5BD86=Full Metal Jacket | 1-00000000000000000000000000000000
486198E3855B57CD40F6DC0C60645BDE8E1E9AC5=Van Helsing |19-00000000000000000000000000000000
B5A8E784B83E793AB246D0C5F7C148A39D7F4856=Tomb Raider 1 | 6-00000000000000000000000000000000
4ACABE525F5CBF77DAA43EA2B83E04918D5FA6D4=Apollo 13 | 1-00000000000000000000000000000000
3D357B0653A66176583C5218FD0149EAF8832FB0=The Last Samurai | 1-00000000000000000000000000000000
610CF1EB362D40050123E92F063D51AC05676F37=The Fugitive | 1-00000000000000000000000000000000

Field 1 is the SHA1 Hash of the VTKF000.AACS file on your HDDVD disk, you can use this to make sure you got the same movie version as used above.

Perhaps a "side channel" attack could be implemented, similar to the one described in Adi Shamir's Cache Timing Attack (http://www.wisdom.weizmann.ac.il/~tromer/papers/cache.pdf)? Just throwing it out there :)

just curious what are the unencrypted keys supposed to be in
hex, decimal, octal, binary?

Looks like to be decimals.

19-A8249382FD7237CA etc, would looks odd !

Anyway it should to be HEX ! (doh!)

Just so you know, the XX- is not a part of the key (it's the key #) and the textual representation of the keys that you see is not what would be in memory. You would have to convert that Hex string to actual hex values which would be half the length of the string, ie 16 bytes.

I wonder why he didn't put the king kong movie in there.
After all, it does come free with the Xbox 360 HD-DVD drive.

To see Muslix64's java code, I noticed that Muslix64 did not do a very complex task. But now, so many people start dump PowerDVD's memory and trace PowerDVD's code, but we still cannot do the same thing as Muslix64. why ?

In the FAQ, Muslix64 said he has two players and he found the key in the memory. So I give up trace PowerDVD's code and try to dump WinDVD's memory. Wa, I can found the title key in the WinDVD's memory and use this key to rip the movie. You should be curious about why I know this is a title key. ^Q^ I just put the value into backupHDDVD.

Now, I realize the whole Muslix64's story. Why did Muslix64 play the video with PowerDVD? ^Q^ That is because WinDVD cannot play .evo file. We waste too much time is just we chosen a wrong player.

Care to enlighten us on how to find keys in WinDVD then Frank? Breakpoint addresses and instructions on how to find the key from there would be nice.

To see Muslix64's java code, I noticed that Muslix64 did not do a very complex task. But now, so many people start dump PowerDVD's memory and trace PowerDVD's code, but we still cannot do the same thing as Muslix64. why ?

In the FAQ, Muslix64 said he has two players and he found the key in the memory. So I give up trace PowerDVD's code and try to dump WinDVD's memory. Wa, I can found the title key in the WinDVD's memory and use this key to rip the movie. You should be curious about why I know this is a title key. ^Q^ I just put the value into backupHDDVD.

Now, I realize the whole Muslix64's story. Why did Muslix64 play the video with PowerDVD? ^Q^ That is because WinDVD cannot play .evo file. We waste too much time is just we chosen a wrong player.

Yes, but every software-player will have the key in memory at some time, however some may be easier to debug. And when they revoke WinDVDs player key, we still need to find another player, so its good to have several players memory "debugged".

Can anybody enlighten me as to what WinDVD version plays HD-DVDs ?
I got my hands on WinDVD 8 but it wont play any HD-DVD movies i feed it.

Yes, but every software-player will have the key in memory at some time, however some may be easier to debug. And when they revoke WinDVDs player key, we still need to find another player, so its good to have several players memory "debugged".

Yes, you are right. After we finding a key in a player, then AACS will revoke the device key of the player. So we must do again and again the same thing. And of course the player will try to make it stronger than previous version. So we will very tired always.
This is also the purpose of AACS, it knows it is impossible to do a un-crackable device or software, so it designs a way to revoke the device key. Finally, we will give up to crack it. Because it is too tired and too bored.

Care to enlighten us on how to find keys in WinDVD then Frank? Breakpoint addresses and instructions on how to find the key from there would be nice.

Sorry, I do not trace the WinDVD code by Ollydbg or Idapro. I just search the memory and call backupHDDVD. If the value can rip a short segment of video header, I think I find it. It mays take a long time but it works.

Hi Frank,

Sounds like you found the key.

Send it in a private message to blutach

Quick Links > Private Messages > Send New Message

If you can, send him the complete line out of the BACKUPHDDVD TKDB.cfg file.

Regards,
Feizex.

Frank, so have you successfully found a key yet using this technique or is this just what you're planning on doing?

Frank, so have you successfully found a key yet using this technique or is this just what you're planning on doing?

Now, I can realize why Muslix64 do not talk any more. This topic is too sensitive. I just want to say "Muslix64 did not lie". You can do it by yourself, and then you will find everything you want.

@Frank:

The latest version of WinDVD i.e. ver 8 does not play HD-DVD or bluray discs yet (says so on Intervideo's website also). So Im wondering what version of WinDVD did you use to play while you dumped the memory...

Muslix64 had stated that the reason he got to write BackupHDDVD is because (from his Saga.txt):

"But when I realized the 2 software
players on windows don't allowed me to play the movie at all, because my video card is not HDCP compliant and because I
have a HD monitor plugged with DVI interface, I started to get mad..."

Notice that he said he had 2 software players. He also repeatedly stated that "as long as there are weak players, key extraction will be possible" He used PowerDVD in the video and Cyberlink stated many times that PowerDVD is secure.... leads me to think that the other player that Muslix64 had was the weak one from which key extraction from memory was possible. Perhaps the reason why he chose not to mention the name of the player or show it in the video is because once the player is known, the device key would be revoked....

Could people who know please post all the makes and versions of software players out there that are currently capable of HD-DVD playback....

Only Windvd-8 Japanese version can play HD-DVD

The $26 upgrade HD pack is very close to be released.

If you could get a free trail download of this pack to
go with the free trial of WinDVD 8 Platinum you could tinker around for awhile.

But no news when the HD pack is coming out.

@Frank:

so did you use the Japanese version 8 of WinDVD capable of HD-DVD playback?

I can confirm it has been done....only a matter of time before it spreads.

WinDVD has a plugin that allows it to play HD-DVD and Blu-Ray discs. The plugin is available but they state on their site (http://www.intervideo.com/WinDVD/) that:

HD DVD and Blu-ray Playback Support:
To be purchased separately. Available soon - check back often!

It is already available but they seem to be making it hard to get the plugin.

Regarding the player key, there are only three scenarios (only if the player key is leaked):

1. Players each have an individual key.
Revoking one player's key means no consequences for everyone else, but if many are cracked, the 1MB revocation table on HD-DVD discs will fill up rapidly.

Losers: AACS LA
Winners: Consumers, crackers (when table is full).

2. Each brand/version of a player has only a single key.
Revoking this key means a large number of people will be very angry, file lawsuits, etc.

Losers: large number of player-buying consumers, definitely software publisher.
Winners: AACS LA

3. Groups of 50-1000 players each have a unique key.
Revoking this key means significant groups of people will be very angry, file lawsuits, etc.

Losers: medium-sized blocks of player-buying consumers, possibly software publisher.
Winners: AACS LA

If looking for the the FAQ.txt key snippet doesn't work, maybe the easiest would be playing the movie "Van Helsing" and only look for memory locations starting with 19 to find the title key.
Maybe try to first play Van Helsing and then play for example Tomb Raider 1 and then look for memory locations changing from 19 to 6 (is it 06 ??).

CE6339246F34087AB355681DEB656D23DCD5BD86=Full Metal Jacket | 1-00000000000000000000000000000000
486198E3855B57CD40F6DC0C60645BDE8E1E9AC5=Van Helsing |19-00000000000000000000000000000000
B5A8E784B83E793AB246D0C5F7C148A39D7F4856=Tomb Raider 1 | 6-00000000000000000000000000000000
4ACABE525F5CBF77DAA43EA2B83E04918D5FA6D4=Apollo 13 | 1-00000000000000000000000000000000
3D357B0653A66176583C5218FD0149EAF8832FB0=The Last Samurai | 1-00000000000000000000000000000000
610CF1EB362D40050123E92F063D51AC05676F37=The Fugitive | 1-00000000000000000000000000000000

Field 1 is the SHA1 Hash of the VTKF000.AACS file on your HDDVD disk, you can use this to make sure you got the same movie version as used above.

That's just Muslix's bizarre way of formatting the title key index, which is worthless.

If anybody knows where i could buy / get a copy of WinDVD HD, that would be great.

Thanks.

Instructions on how to buy WinDVD 8 HD from intervideo.co.jp are here:
http://www.avsforum.com/avs-vb/showthread.php?p=8871286&&#post8871286

Thanks Warren,

I just bought WinDVD 8 HD (Jap) and am downloading right now.
I will update you with results (if any).

I will also put it up for download on torrentspy for those interested.
I will post the link when i have.

This might speed up things a bit :)

1. Players each have an individual key.
Revoking one player's key means no consequences for everyone else, but if many are cracked, the 1MB revocation table on HD-DVD discs will fill up rapidly.

Losers: AACS LA
Winners: Consumers, crackers (when table is full).

2. Each brand/version of a player has only a single key.
Revoking this key means a large number of people will be very angry, file lawsuits, etc.

Losers: large number of player-buying consumers, definitely software publisher.
Winners: AACS LA

3. Groups of 50-1000 players each have a unique key.
Revoking this key means significant groups of people will be very angry, file lawsuits, etc.

Losers: medium-sized blocks of player-buying consumers, possibly software publisher.
Winners: AACS LA

Isn't it in the AACS specs that the AACS Specs will only take the most current version of the MKB (Media Key Block) File? As soon as HD-DVD burners come out doesn't this mean that we might be-able to create a MKB File that has a Max Version number of the MKB file and make the contents of that file Invalid but Valid. If that doesn't make sense what I mean is to create a MKB file that has a MAX Version number while containing only one players/host key or even an invalid file all together. This would thus create a hard coded file on the drive itself that wouldn't accept any other MKB file since it already has the highest version.

I can see it now really....any .ISO or some other version that is labeled "HDDVDUnlock.*"

I hope that someone is able to test this theory out in due time and minimal cost (Emulate and burn minimal time please! Save yourself the $$$$)

Unfortunately i can't post the link but you can easily find it on mininova.
Hint: Do a search for "windvd hd"

Make sure you install it in "HD" mode and that you run WinDVD HD when you want to watch an HD-DVD movie.
(You will have 2 folders, WinDVD and WinDVD HD)

Also, if the program freezes on startup, try starting it by loading any movie file on your computer and then switching to the HD-DVD movie source.

Let's hope this gets us to the long awaited keys.

Btw, WinDVD is much nicer / quicker than PowerDVD with HD-DVD playback.

I just bought WinDVD 8 HD (Jap) and am downloading right now.
I will update you with results (if any).How did you get past the "Your machine is not configured for Japanese. Please download the English (US) version of WinDVD" popup from the Japanese version installer?

Update: I found a guide. http://greggman.com/japan/xp-ime/xp-ime.htm

Not sure if it works yet.