Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.


Go Back   Doom9's Forum > General > Decrypting

Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
Old 9th February 2007, 12:30   #11  |  Link
Registered User
Join Date: Sep 2006
Posts: 390
I think I've found the Volume ID of a Blu-Ray disc. Well its from a memdump of WinDVD playing Lord of War.

Anyway here it is:

Length Code: 00 22 00 00 
Volume ID:   9F A6 47 7B B0 10 30 A5 63 7F 36 E1 9D C4 ED 11 
MAC:         xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx
As you can see this is properly random and not at all guessable. I'm not sure if its possible the volume ID is encrypted here because then the 00 22 00 00 would probably have been encrypted too (although the protocol might not allow that). Not sure. My gut says its not encrypted. We can check this though if we have two dumps of the same disc (but the second dump after a restart of WinDVD) and compare the Volume IDs. They should be the same.

Because it has no 40 00 in it (like with HD DVDs) its much harder to find in a memdump but sniffing should be easier (searching for "00000000: 00 22 00 00"). But if you have a Blu-Ray burner and have a memdump of WinDVD you can try to hex search for 00 22 00 00. You will find many occurrences of that but only one with 32 random bytes behind it (= Volume ID + MAC). Thats the way I found it anyway (I mainly looked at the ascii part when pressing F3 so I could quickly see if it was followed by random bytes. I found it around Offset 4ABxxx but it could vary: between 300000 and 500000 would be my guess).

Something different. Regarding Device Keys. Could some people count the number of 0xx.fcl files their PowerDVD version has? (where xx are sequenced numbers) I suspect the newer versions have more of them. This is still a "feeling" but it could be interesting (its possible the new PowerDVD version got a different set of Device Keys already...)

Back to hunting



PS. I just found out my xbox 360 HD DVD is not capable of Bus Encryption . If you do a text search in your sniff log on "00000000: 00 72" you'll find two occurrances. The one with 01 (not 02) at the blue byte is the Drive Certificate. The byte right next to it should be 00 (red) if not then you're screwed otherwise you will always be able to sniff volume IDs . Here is mine:

00000000: 00 72 00 00 xx xx xx xx xx xx xx xx xx xx xx xx
00000010: xx xx xx xx xx xx xx xx 01 00 00 5c xx xx xx xx
Be careful with posting this stuff. If you are not you could reveal your drive id. Btw. if you have a PC drive and a memdump you may be able to find it using a hex search for 00720000 or 0100005C or 0101005C (but there are either lots or none of those so its hard).

PPS. Apparently WinDVD isn't capable either. Seems they really haven't implemented Bus Encryption yet.

Last edited by arnezami; 15th March 2007 at 20:38.
arnezami is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +1. The time now is 20:19.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, vBulletin Solutions Inc.