Jump to content

rtmpdump - reversing the flash flowplayer

Recommended Posts


Sharing recording on public places (like here) has become almost impossible without an immediate ban from RLC. In the past, a few of us used to be able to record using rtmpdump, that means without any watermarks and the option to record multiple cams at the same time.

Finding the urls and parameters is easy. The difficult thing is to find the SecureToken (the -T parameter in rtmpdump).

One common way to find that SecureToken is to decompile the flash app (the swf file) and understand the scripts. (Sometimes the SecureToken can be found as a clear string in the code). 

However, the new flow player is encrypted and it's getting more difficult to reverse it.

I have made some progress (I'm learning swf reversing at the same time) but I'm far from done.

I would not mind any help though. Are there any people who enjoy programming/reversing ? I don't say I won't manage to do it on my own (I hope I will, but it takes time) but I suppose it could make things easier and faster if we share our findings.

If you think you have some skills for that and you are interested, feel free to contact me in private.








  • Upvote 2
Link to comment
Share on other sites

Another option would be to look at how the nasty 'dots' are added/rendered maybe ? There's a huge obfuscated javascript file and it's not easy at all to understand what's going on. I would not be surprised if those  dots are rendered in there. (using some css). They are different for each member, so I guess it's done locally not on the server.

I suppose we could modify the page/code at runtime using something like tampermonkey.

I have not looked much at this solution though, mainly because you can only record what's on the screen (so not many streams at the same time).

I can't be the only one interested by these kind of stuff.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...