16.07.2015, 03:58, "Vesselin Bontchev" <vesselin.bontc...@yandex.com>:
> Hi,
>
> A sample Audible .aax file can be downloaded from the following link,
>
> https://gitlab.com/vesselin.bontchev/audible-samples/tree/master
>
> Usage,
>
> ffmpeg -activation_bytes 62689101 -i Audible_AAX_sample_62689101.aax -vn -c:a
> copy -v debug output.mp4
Hi,
I am attaching a Python script to fetch the "activation bytes" from Audible
servers (as an alternative to doing offline attacks on the AAX files).
Vesselin
#!/usr/bin/env python
import traceback
try:
import requests
except ImportError:
print("Please install the missing python-requests package.")
import hashlib
import binascii
import sys
import base64
import time
def password_encoder(password):
shift = 8
output = "8"
# rot(8)
for c in password:
t = ord(c) - shift
output = output + "{:02x}".format(t)
return output
payload = {'action': 'register', 'user_alias': '', 'epassword':
'', 'domain': 'www.audible.com', 'player_type': 'software',
'license_type': 'individual', 'license_name': '', 'player_slots': 8,
'player_manuf': 'Audible', 'client_code': 'generic', 'player_model':
'Desktop', 'time_unused': int(time.time()), 'player_id': ''}
if __name__ == "__main__":
if len(sys.argv) < 3:
sys.stderr.write("Usage: %s <email> <password>\n" % sys.argv[0])
sys.exit(-1)
payload["user_alias"] = sys.argv[1]
payload["epassword"] = password_encoder(sys.argv[2])
# generate base64 digest of a random 20 byte string ;)
fake_hash = hashlib.sha1(b"").digest()
payload["player_id"] = base64.encodestring(fake_hash).rstrip()
# sys.stderr.write("[+] Player ID is %s\n\n" % (payload["player_id"]))
url = "http://www.audible.com/cgi-bin/licensemgr.cgi";
headers = {
'User-Agent': "AudibleActivation",
'Host': 'www.audible.com',
'Cache-Control': 'no-cache',
'Cookie': 'AM=5.5.0.5; ADM=6.6.0.15; download_audio='
}
# print(headers, payload)
try:
response = requests.get(url, headers=headers, params=payload)
data = response.content
if b"BAD_LOGIN" in data or b"Whoops" in data:
print(data)
print("\nActivation failed! ;(")
sys.exit(-1)
k = data.rfind(b"group_id")
l = data[k:].find(b")")
keys = data[k + l + 1 + 1:]
output_keys = []
# each key is of 70 bytes
for i in range(0, 8):
key = keys[i * 70 + i:(i + 1) * 70 + i]
h = binascii.hexlify(bytes(key))
h = [h[i:i+2] for i in range(0, len(h), 2)]
h = b",".join(h)
output_keys.append(h)
except SystemExit as e:
sys.exit(e)
except:
traceback.print_exc()
# only 4 bytes of output_keys[0] are necessary for decryption! ;)
print(output_keys[0].replace(b",", b"")[0:8])
# de-register!
payload["action"] = "de-register"
response = requests.get(url, headers=headers, params=payload)
# print(response.text)
# print(password_decoder(payload["epassword"]))
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
