16.07.2015, 03:58, "Vesselin Bontchev" <vesselin.bontc...@yandex.com>: > Hi, > > A sample Audible .aax file can be downloaded from the following link, > > https://gitlab.com/vesselin.bontchev/audible-samples/tree/master > > Usage, > > ffmpeg -activation_bytes 62689101 -i Audible_AAX_sample_62689101.aax -vn -c:a > copy -v debug output.mp4
Hi, I am attaching a Python script to fetch the "activation bytes" from Audible servers (as an alternative to doing offline attacks on the AAX files). Vesselin
#!/usr/bin/env python import traceback try: import requests except ImportError: print("Please install the missing python-requests package.") import hashlib import binascii import sys import base64 import time def password_encoder(password): shift = 8 output = "8" # rot(8) for c in password: t = ord(c) - shift output = output + "{:02x}".format(t) return output payload = {'action': 'register', 'user_alias': '', 'epassword': '', 'domain': 'www.audible.com', 'player_type': 'software', 'license_type': 'individual', 'license_name': '', 'player_slots': 8, 'player_manuf': 'Audible', 'client_code': 'generic', 'player_model': 'Desktop', 'time_unused': int(time.time()), 'player_id': ''} if __name__ == "__main__": if len(sys.argv) < 3: sys.stderr.write("Usage: %s <email> <password>\n" % sys.argv[0]) sys.exit(-1) payload["user_alias"] = sys.argv[1] payload["epassword"] = password_encoder(sys.argv[2]) # generate base64 digest of a random 20 byte string ;) fake_hash = hashlib.sha1(b"").digest() payload["player_id"] = base64.encodestring(fake_hash).rstrip() # sys.stderr.write("[+] Player ID is %s\n\n" % (payload["player_id"])) url = "http://www.audible.com/cgi-bin/licensemgr.cgi" headers = { 'User-Agent': "AudibleActivation", 'Host': 'www.audible.com', 'Cache-Control': 'no-cache', 'Cookie': 'AM=5.5.0.5; ADM=6.6.0.15; download_audio=' } # print(headers, payload) try: response = requests.get(url, headers=headers, params=payload) data = response.content if b"BAD_LOGIN" in data or b"Whoops" in data: print(data) print("\nActivation failed! ;(") sys.exit(-1) k = data.rfind(b"group_id") l = data[k:].find(b")") keys = data[k + l + 1 + 1:] output_keys = [] # each key is of 70 bytes for i in range(0, 8): key = keys[i * 70 + i:(i + 1) * 70 + i] h = binascii.hexlify(bytes(key)) h = [h[i:i+2] for i in range(0, len(h), 2)] h = b",".join(h) output_keys.append(h) except SystemExit as e: sys.exit(e) except: traceback.print_exc() # only 4 bytes of output_keys[0] are necessary for decryption! ;) print(output_keys[0].replace(b",", b"")[0:8]) # de-register! payload["action"] = "de-register" response = requests.get(url, headers=headers, params=payload) # print(response.text) # print(password_decoder(payload["epassword"]))
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel