rtmpdump - reversing the flash flowplayer

[smurfy08]

Hello,

Sharing recording on public places (like here) has become almost impossible without an immediate ban from RLC. In the past, a few of us used to be able to record using rtmpdump, that means without any watermarks and the option to record multiple cams at the same time.

Finding the urls and parameters is easy. The difficult thing is to find the SecureToken (the -T parameter in rtmpdump).

One common way to find that SecureToken is to decompile the flash app (the swf file) and understand the scripts. (Sometimes the SecureToken can be found as a clear string in the code). 

However, the new flow player is encrypted and it's getting more difficult to reverse it.

I have made some progress (I'm learning swf reversing at the same time) but I'm far from done.

I would not mind any help though. Are there any people who enjoy programming/reversing ? I don't say I won't manage to do it on my own (I hope I will, but it takes time) but I suppose it could make things easier and faster if we share our findings.

If you think you have some skills for that and you are interested, feel free to contact me in private.

 

 

 

 

 

 

 

[Maturin]

Hello, was this thread created by you? If not then maybe you can get together with this guy.

 

http://stream-recorder.com/forum/recording-reallifecam-com-t22383.html

[smurfy08]

Another option would be to look at how the nasty 'dots' are added/rendered maybe ? There's a huge obfuscated javascript file and it's not easy at all to understand what's going on. I would not be surprised if those  dots are rendered in there. (using some css). They are different for each member, so I guess it's done locally not on the server.

I suppose we could modify the page/code at runtime using something like tampermonkey.

I have not looked much at this solution though, mainly because you can only record what's on the screen (so not many streams at the same time).

I can't be the only one interested by these kind of stuff.