wvdumper / dumper Goto Github PK
View Code? Open in Web Editor NEWDump L3 CDM from any Android device
Dump L3 CDM from any Android device
Does anyone have any idea on how to find the RSA Key to put into KNOWN_DYNAMIC_FUNC.
I know that it's a function in the libwvdrmengine.so file, but how to specificly find it isn't really clear to me.
does this still work?
I install the frida-server
But I don't know , how to continue ?
the android device is rooted
https://i.imgur.com/n4GPKhW.png
`C:\New folder>adb devices
List of devices attached
85bbc700 device
C:\New folder>python dump_keys.py
2022-02-02 04:43:33 PM - root - 38 - ERROR - No devices. Please connect your Android device.
C:\New folder>`
Note: Phone is already rooted. Phone model "MI Note 5 Pro"
if i dump cdm from my personal xiomi device for my personal use only, what are the problems i might face in future ?
,
and is there any possiblity that my cdm could be revoked ? if it revoked then what problem it may cause for my device ?
,
and can anybody please help me out with some more detail procedures for cdm dumping ?
has anyone managed to dump there l1 cdm using this software? if yes please tell me how so i can do it thanks
Python dump_keys.py
Traceback (most recent call last):
File "c:\Users\dumper\dump_keys.py", line 6, in
from Helpers.Scanner import Scan
ModuleNotFoundError: No module named 'Helpers'
i did pip install Helpers... any ideas?
Tried 4 Devices so far and all are unable to Dump Private Keys
Samsung A20 - Android 9
Samsung S10 - Android 10
Pixel 3a - Android 9
Samsung S21 - Android 11
All Devices only pass Keybox
I have heard from somone of a successful Dump of Keys on a LG Nexus 5 ..but at this point its all about luck
..
Hi, i tried with a Samsung Galaxy Note 4(trlte) with LineageOS 14(Android 7.1.2) rooted using Magisk 21, and received an error message from the tool:
Error: Error: unable to intercept function at 0xa857980d; please file a bug at F: _lcc46
Only keyboxs can be obtained, but private keys cannot be obtained
2021-12-02 01:37:43 PM - root - 17 - INFO - scanning all processes for the following libraries
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=1, name="init", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=523, name="init", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=524, name="init", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=525, name="ueventd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=547, name="logd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=548, name="qseecomd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=549, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=566, name="vold", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=567, name="hwservicemanager", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=582, name="servicemanager", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=583, name="vndservicemanager", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=584, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=637, name="netd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=638, name="zygote64", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=639, name="zygote", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=646, name="iptables-restore", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=647, name="ip6tables-restore", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=697, name="sscrpcd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=698, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=699, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=700, name="healthd", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=701, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=702, name="[email protected]_64", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=703, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=704, name="[email protected]", parameters={})
2021-12-02 01:37:43 PM - root - 19 - DEBUG - Process(pid=705, name="[email protected]", parameters={})
Traceback (most recent call last):
File "C:\Users\summe\Downloads\Compressed\dumper-main\dumper-main\dump_keys.py", line 24, in
scanner.hook_to_process(device, process.name, library)
File "C:\Users\summe\Downloads\Compressed\dumper-main\dumper-main\Helpers\Scanner.py", line 168, in hook_to_process
script.exports.inject(library, process)
File "C:\Users\summe\AppData\Roaming\Python\Python39\site-packages\frida\core.py", line 468, in method
return script._rpc_request('call', js_name, args, **kwargs)
File "C:\Users\summe\AppData\Roaming\Python\Python39\site-packages\frida\core.py", line 26, in wrapper
return f(*args, **kwargs)
File "C:\Users\summe\AppData\Roaming\Python\Python39\site-packages\frida\core.py", line 400, in _rpc_request
raise result[2]
frida.core.RPCException: ReferenceError: 'TextEncoder' is not defined
at sender_payload_info (/script1.js:781)
at inject (/script1.js:29)
at apply (native)
at (frida/runtime/message-dispatcher.js:13)
at c (frida/runtime/message-dispatcher.js:23)
Hi,buddy,may I ask how to fix this?
thank you~
Now I got the script to run.
after hooks I start the widewine content on bitmovin and a lot of data i shown. But I do not get any keys.
I tried to use liboemcrypto.so disabler using magisk but that did not work, so I rebooted into recovery and renamed the file in /system/lib/vendor
But still the keys are not dumped.
Can I get any help?
I have rooted my Samsung SM-G955F and installed frida on it.
I have started frida using adb to my device and installed wvdumper on my computer using protobuf 3.20.1 and get the following when I start dump_keys.py:
c:\platform-tools\dumper>python dump_keys.py
2022-08-20 10:03:55 PM - root - 16 - INFO - Connected to SM G955F
2022-08-20 10:03:55 PM - root - 17 - INFO - scanning all processes for the following libraries
Traceback (most recent call last):
File "c:\platform-tools\dumper\dump_keys.py", line 18, in
for process in device.enumerate_processes():
File "C:\Users\tilde\AppData\Local\Programs\Python\Python310-32\lib\site-packages\frida\core.py", line 34, in wrapper
return f(*args, **kwargs)
File "C:\Users\tilde\AppData\Local\Programs\Python\Python310-32\lib\site-packages\frida\core.py", line 118, in enumerate_processes
return self._impl.enumerate_processes(*args, **kwargs)
frida.NotSupportedError: unable to handle 64-bit processes due to build configuration
Can anyone point me in the right direction?
I got private_keys, then??
i have played https://bitmovin-a.akamaihd.net/content/art-of-motion_drm/mpds/11331.mpd
after i get below output and 1 file license_request.bin so how to get widevine decryption key from those
2021-12-29 11:16:43 PM - Helpers.Scanner - 75 - DEBUG - { "from": "[email protected]", "message": "OEMCrypto_LoadKeys", "payload": { "Status": "OEMCrypto_SUCCESS", "Message": "0a540a203337393534384233434142313745304631303030303030303030303030303030122033373935343842334341423137453046313030303030303030303030303030301a0020012800380040004880beb28e06120208011a6612100102dbcfc1eaa0eba4f31518f62b77bc1a504d59e4c3da79b3359f8ebab3de61df4dece678ad940ddfdab6fc5f4ac6761d00430536e977917ddd7d210fd90d64f02cbafa61f47cecbd7803a0634c79ebc60d80a856081678ac3695be776de96f493520011a84010a10eb676abbcb345e96bbcf616630f1a3da121084c4eaa56a41c7921d90952662890c9b1a200bd1f1a6231710787d79d791810302b1e09c798d3b3a17e184e3774f5181cd172002280142340a207b053688120e4f9b6f721894afb41694ddfce0f287e5867402ad15b06c9838951210ae06c1840e8a906873bbe939194cccf6620248441a84010a100294b9599d755de2bbf0fdca3fa5eab7121097920dde25f14cdd01b0bd77a67c42781a20c4dc8f16d1a9c5aa7f315c303da82765da6784b442f92b7f0732e043c5e19fe42002280142340a203a78f55c1db60847f0743beebcc6543584d7a91e177a73c3393b8c8ada886b0f121035983316a859c454a818f3d566f8daa8620253441a87010a10639da80cf23b55f3b8cab3f64cfa5df61210324fc667ea53de560782e1f5dc3a8c7c1a20ab1d09368780dff8806566f6b906758e7cdea2363bc6540199a36141dcd488d32002280142340a205207b978bcd5a3827cb7354366b456393f7264de9caabdd3f1347348dcc33853121007fbde631d2bf0df5d5d368bc8623e846205415544494f2080beb28e063800", "Signature": "06f5b26fc895062efca62b60c263e50aad9855f0c341816f46133d6dc7256967"
New issue finally manged to get Private Keys and a Few things are happening
This is a just a research that i did in Android 11.
I managed to go until this.
2021-12-29 10:35:10 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"data": "Captured Private Key , expname: dmwdqnvg"
}
BUT
2021-12-29 10:35:10 AM - Helpers.Scanner - 54 - DEBUG - processing private key
2021-12-29 10:35:10 AM - Helpers.Scanner - 102 - ERROR - unable to load private key
any helpful idea people?
Using this tool, a key_dumps
folder appeared containing client_id.bin
and private_key.pem
files, also a file named license_request.bin
.
Thank you so much!
title
Helpers.Scanner - 102 - ERROR - unable to load private key
Helpers.Scanner - 103 - ERROR - b'0\x82...............................\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f\x0f'
hey im new how do i get this to extract keys from my huawei p30 pro please thanks, please explain what i need to do thanks
Hi,
I'm trying to dump client-id-bin and private-key-pem files. However, I only get license_request.bin in the folder. I'm running Frida on a rooted Samsung A8 running on Android 9. The hooking is a success when I run the python file.
Here is the console extraction:
2022-09-13 07:51:00 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetProvisioningMethod",
"payload": {
"Method": "OEMCrypto_Keybox"
}
}
2022-09-13 07:51:00 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetKeyData",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Size": 72,
"Device_Token": "000000020000115d4c181b9504cac2ba265fec716cf26ffb9a7c60b77d71f3a7999550227e58bde11a337f3e60b026c499f674bdd00d63baa1228f50296eb1ae2a5392a5f484e363"
}
}
2022-09-13 07:51:00 AM - Helpers.Scanner - 63 - DEBUG - processing device token
2022-09-13 07:51:00 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCryptoVersion",
"payload": {
"Version": 13
}
}
2022-09-13 07:51:00 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetProvisioningMethod",
"payload": {
"Method": "OEMCrypto_Keybox"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetKeyData",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Size": 72,
"Device_Token": "0000000200001c08b5ccae5953c3fe1bebfa0a96ad8b53342d4e87630b964fc20caea8799880d49f9e182eb800dc6d5936ddfe0bcf6fd76df2783186ecb87709df9b251f9dcfb7cc"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 63 - DEBUG - processing device token
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCryptoVersion",
"payload": {
"Version": 14
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L1"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L1"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetProvisioningMethod",
"payload": {
"Method": "OEMCrypto_Keybox"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetKeyData",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Size": 72,
"Device_Token": "000000020000115d4c181b9504cac2ba265fec716cf26ffb9a7c60b77d71f3a7999550227e58bde11a337f3e60b026c499f674bdd00d63baa1228f50296eb1ae2a5392a5f484e363"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 63 - DEBUG - processing device token
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCryptoVersion",
"payload": {
"Version": 13
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_GetOEMPublicCertificate",
"payload": {
"Status": "OEMCrypto_ERROR_NOT_IMPLEMENTED"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_GetOEMPublicCertificate",
"payload": {
"Status": "OEMCrypto_ERROR_NOT_IMPLEMENTED"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_LoadDeviceRSAKey",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Session": 2,
"Length": 1312,
"Context": "fc56d41426dbf7c137583dce410d0a0e4eb176bf7f1b5895614d4a4df85a728b0ddd31f0d4d95c1cb3d6d75a13d5ba5dbfeea186c38b224c0f0d447ae77f50bb16a75e353b31bc8ef82057cdb3ef62dfee68b64c20a7ea2e35243e8fdd77e1770be5c51d147810c4257504de366d4979f58ad12c2ac84e8567b82ce12d782a7c346298e4bff6e7ef74eafd550d814d9a05b3a837e5a6b796f3b7daf04e96589574c477801f26a7faae6962c6ed4d54950486292c08fd0e4e35d799bd93061c84afacf045f8f13bc17c7c196c5662b0e179390c6c7bc70b0134da35e28e26d2bcd8bcdf65e5f690bc2a7ee5317da380a09c1dad9f139121e227575542b7f34f79a0ee66fadd8f92d6d1656f22191755ef243a561af758cd5311a69d166a80949f98961ca18624b5543aa195663c38807fb20a1f7d7cd49ebf01667702409ddf5b7df3dae93afe79bf80ee9dbf4ef23284cab5fad05fd81351619a51e1c30acad43f3fd5a7e6132a62fe58241cd63de72b76f421b0df37bb28aa8b351710c5ad4f7590460d40193f0b1cd1f2b04086eb926b2c0fa4076604e953b6e9e3eb0b67e08f5e6d0211134b21323bcbd72a8d88c69aa582c7ccdc0d917eec451ba2d0a9e7b42a052acfc0c752edb0a6f176be96803e23358d8a6e0b56cdf91aa5934ab4e576775e2d2ab488f7d313b7f290c7ab3e5ddd4e5971ca4983f3660c8cdd3998d7a7a31e99cb6299159e63f2c5410883e54e26f05bfe1081c94a45a62c2ed458d886ca7447dae462d5d27cb9266a6a2122a0b663fb374bb7e9eb137e94d4a0f9323aa12322345457e48f3feb277c9a2d3b071aa59320d7e211fb2142d1ab98f24789214b95fc1c4d84d203f73c3f00112ac1f048954d8e6b029f9eaa5403eefa22cffd4425b49d1c250dfbea5f15566c1f9ab02b95fcfe0170077908d667222143c43f575d59105f3dcc29e2d8617c9eeba6408ac039f83fce2bf87bb2d541df8fccb3e7ecce0166097a69c8b2b9d1cd0aed5c7a03acd89e3fcb69b34aeec2a62043aff5237b833533f470997af23fa55612c366a680c6f432e4239ab6e21b85e3ce0135bb55a82926f4e1e2a6dd934d484b0a28ed66c5e453af9996b61152a0926524aa622268faf8ba5978d80fbfe31d5efbd950ef39f9805bb958520ef1ba7e1b5a0cf5ae2c64e3aedb506772b6c5ad0c305939fedb7c74ee880a9e84b0b0169c4c93404c85cd4e69acf49c9cdc1de4cab1744532187d4040b00121b15d8cbe42727d804261ff686c58c28be08571a62ef221380b60790d54f2bbc1cc756b8934c467153e592afe8d2576e932cccf230f3a82f81e1e346000254e3ef6f54c6456f24293b5df0c2ab4ab1460d6522cd14aa2dd0d3a7b0a06fa858608e2e89762715f1ded12282ccda72d9a0b9bbc5c9a2491b0f56279bb3e85c0b25fa2110b2391f1478835a0a748e7d880a950b87b0d9b3b5ade9964eda4b23efc3ce2ef0231ffb15701904fbcdd382a67447effffe4282a62ba99f66608599b219b0e45357accb8b213990a856eb4529208b0f4ec7b742d5e01910f6b58e6ea4d74bb448dd35c64648fb29c48d35f642b3c08180d792bf99159cca6024d0ce3d3efa59b715b811e05ca1fbaa2e144689e2b6f20557d180ca910b340c15a683f50ad68be811c38c9be287f4e15f77aefb9b34d2c356830415029ffdf6c3eab9bff33d7969fc07e8c69e23db8ffcce9f7027bdb94843ff0a01232481b06b0f8df4f0ee9ae37972fbac04beb0108b4b2af99ebfa5d50f99ee2ded0b71a3647c6db6f157efe2b21713a2aa32426bd4bfd3268c1632261c36e71351ff23402ac2483ecec182a6c96"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_LoadDeviceRSAKey",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Session": 25602,
"Length": 1312,
"Context": "fc56d41426dbf7c137583dce410d0a0e4eb176bf7f1b5895614d4a4df85a728b0ddd31f0d4d95c1cb3d6d75a13d5ba5dbfeea186c38b224c0f0d447ae77f50bb16a75e353b31bc8ef82057cdb3ef62dfee68b64c20a7ea2e35243e8fdd77e1770be5c51d147810c4257504de366d4979f58ad12c2ac84e8567b82ce12d782a7c346298e4bff6e7ef74eafd550d814d9a05b3a837e5a6b796f3b7daf04e96589574c477801f26a7faae6962c6ed4d54950486292c08fd0e4e35d799bd93061c84afacf045f8f13bc17c7c196c5662b0e179390c6c7bc70b0134da35e28e26d2bcd8bcdf65e5f690bc2a7ee5317da380a09c1dad9f139121e227575542b7f34f79a0ee66fadd8f92d6d1656f22191755ef243a561af758cd5311a69d166a80949f98961ca18624b5543aa195663c38807fb20a1f7d7cd49ebf01667702409ddf5b7df3dae93afe79bf80ee9dbf4ef23284cab5fad05fd81351619a51e1c30acad43f3fd5a7e6132a62fe58241cd63de72b76f421b0df37bb28aa8b351710c5ad4f7590460d40193f0b1cd1f2b04086eb926b2c0fa4076604e953b6e9e3eb0b67e08f5e6d0211134b21323bcbd72a8d88c69aa582c7ccdc0d917eec451ba2d0a9e7b42a052acfc0c752edb0a6f176be96803e23358d8a6e0b56cdf91aa5934ab4e576775e2d2ab488f7d313b7f290c7ab3e5ddd4e5971ca4983f3660c8cdd3998d7a7a31e99cb6299159e63f2c5410883e54e26f05bfe1081c94a45a62c2ed458d886ca7447dae462d5d27cb9266a6a2122a0b663fb374bb7e9eb137e94d4a0f9323aa12322345457e48f3feb277c9a2d3b071aa59320d7e211fb2142d1ab98f24789214b95fc1c4d84d203f73c3f00112ac1f048954d8e6b029f9eaa5403eefa22cffd4425b49d1c250dfbea5f15566c1f9ab02b95fcfe0170077908d667222143c43f575d59105f3dcc29e2d8617c9eeba6408ac039f83fce2bf87bb2d541df8fccb3e7ecce0166097a69c8b2b9d1cd0aed5c7a03acd89e3fcb69b34aeec2a62043aff5237b833533f470997af23fa55612c366a680c6f432e4239ab6e21b85e3ce0135bb55a82926f4e1e2a6dd934d484b0a28ed66c5e453af9996b61152a0926524aa622268faf8ba5978d80fbfe31d5efbd950ef39f9805bb958520ef1ba7e1b5a0cf5ae2c64e3aedb506772b6c5ad0c305939fedb7c74ee880a9e84b0b0169c4c93404c85cd4e69acf49c9cdc1de4cab1744532187d4040b00121b15d8cbe42727d804261ff686c58c28be08571a62ef221380b60790d54f2bbc1cc756b8934c467153e592afe8d2576e932cccf230f3a82f81e1e346000254e3ef6f54c6456f24293b5df0c2ab4ab1460d6522cd14aa2dd0d3a7b0a06fa858608e2e89762715f1ded12282ccda72d9a0b9bbc5c9a2491b0f56279bb3e85c0b25fa2110b2391f1478835a0a748e7d880a950b87b0d9b3b5ade9964eda4b23efc3ce2ef0231ffb15701904fbcdd382a67447effffe4282a62ba99f66608599b219b0e45357accb8b213990a856eb4529208b0f4ec7b742d5e01910f6b58e6ea4d74bb448dd35c64648fb29c48d35f642b3c08180d792bf99159cca6024d0ce3d3efa59b715b811e05ca1fbaa2e144689e2b6f20557d180ca910b340c15a683f50ad68be811c38c9be287f4e15f77aefb9b34d2c356830415029ffdf6c3eab9bff33d7969fc07e8c69e23db8ffcce9f7027bdb94843ff0a01232481b06b0f8df4f0ee9ae37972fbac04beb0108b4b2af99ebfa5d50f99ee2ded0b71a3647c6db6f157efe2b21713a2aa32426bd4bfd3268c1632261c36e71351ff23402ac2483ecec182a6c96"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "Replacing PrivacyMode"
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetProvisioningMethod",
"payload": {
"Method": "OEMCrypto_Keybox"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_GetKeyData",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Size": 72,
"Device_Token": "000000020000115d4c181b9504cac2ba265fec716cf26ffb9a7c60b77d71f3a7999550227e58bde11a337f3e60b026c499f674bdd00d63baa1228f50296eb1ae2a5392a5f484e363"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 63 - DEBUG - processing device token
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCryptoVersion",
"payload": {
"Version": 13
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_GetOEMPublicCertificate",
"payload": {
"Status": "OEMCrypto_ERROR_NOT_IMPLEMENTED"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_GetOEMPublicCertificate",
"payload": {
"Status": "OEMCrypto_ERROR_NOT_IMPLEMENTED"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_LoadDeviceRSAKey",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Session": 0,
"Length": 1312,
"Context": "fc56d41426dbf7c137583dce410d0a0e4eb176bf7f1b5895614d4a4df85a728b0ddd31f0d4d95c1cb3d6d75a13d5ba5dbfeea186c38b224c0f0d447ae77f50bb16a75e353b31bc8ef82057cdb3ef62dfee68b64c20a7ea2e35243e8fdd77e1770be5c51d147810c4257504de366d4979f58ad12c2ac84e8567b82ce12d782a7c346298e4bff6e7ef74eafd550d814d9a05b3a837e5a6b796f3b7daf04e96589574c477801f26a7faae6962c6ed4d54950486292c08fd0e4e35d799bd93061c84afacf045f8f13bc17c7c196c5662b0e179390c6c7bc70b0134da35e28e26d2bcd8bcdf65e5f690bc2a7ee5317da380a09c1dad9f139121e227575542b7f34f79a0ee66fadd8f92d6d1656f22191755ef243a561af758cd5311a69d166a80949f98961ca18624b5543aa195663c38807fb20a1f7d7cd49ebf01667702409ddf5b7df3dae93afe79bf80ee9dbf4ef23284cab5fad05fd81351619a51e1c30acad43f3fd5a7e6132a62fe58241cd63de72b76f421b0df37bb28aa8b351710c5ad4f7590460d40193f0b1cd1f2b04086eb926b2c0fa4076604e953b6e9e3eb0b67e08f5e6d0211134b21323bcbd72a8d88c69aa582c7ccdc0d917eec451ba2d0a9e7b42a052acfc0c752edb0a6f176be96803e23358d8a6e0b56cdf91aa5934ab4e576775e2d2ab488f7d313b7f290c7ab3e5ddd4e5971ca4983f3660c8cdd3998d7a7a31e99cb6299159e63f2c5410883e54e26f05bfe1081c94a45a62c2ed458d886ca7447dae462d5d27cb9266a6a2122a0b663fb374bb7e9eb137e94d4a0f9323aa12322345457e48f3feb277c9a2d3b071aa59320d7e211fb2142d1ab98f24789214b95fc1c4d84d203f73c3f00112ac1f048954d8e6b029f9eaa5403eefa22cffd4425b49d1c250dfbea5f15566c1f9ab02b95fcfe0170077908d667222143c43f575d59105f3dcc29e2d8617c9eeba6408ac039f83fce2bf87bb2d541df8fccb3e7ecce0166097a69c8b2b9d1cd0aed5c7a03acd89e3fcb69b34aeec2a62043aff5237b833533f470997af23fa55612c366a680c6f432e4239ab6e21b85e3ce0135bb55a82926f4e1e2a6dd934d484b0a28ed66c5e453af9996b61152a0926524aa622268faf8ba5978d80fbfe31d5efbd950ef39f9805bb958520ef1ba7e1b5a0cf5ae2c64e3aedb506772b6c5ad0c305939fedb7c74ee880a9e84b0b0169c4c93404c85cd4e69acf49c9cdc1de4cab1744532187d4040b00121b15d8cbe42727d804261ff686c58c28be08571a62ef221380b60790d54f2bbc1cc756b8934c467153e592afe8d2576e932cccf230f3a82f81e1e346000254e3ef6f54c6456f24293b5df0c2ab4ab1460d6522cd14aa2dd0d3a7b0a06fa858608e2e89762715f1ded12282ccda72d9a0b9bbc5c9a2491b0f56279bb3e85c0b25fa2110b2391f1478835a0a748e7d880a950b87b0d9b3b5ade9964eda4b23efc3ce2ef0231ffb15701904fbcdd382a67447effffe4282a62ba99f66608599b219b0e45357accb8b213990a856eb4529208b0f4ec7b742d5e01910f6b58e6ea4d74bb448dd35c64648fb29c48d35f642b3c08180d792bf99159cca6024d0ce3d3efa59b715b811e05ca1fbaa2e144689e2b6f20557d180ca910b340c15a683f50ad68be811c38c9be287f4e15f77aefb9b34d2c356830415029ffdf6c3eab9bff33d7969fc07e8c69e23db8ffcce9f7027bdb94843ff0a01232481b06b0f8df4f0ee9ae37972fbac04beb0108b4b2af99ebfa5d50f99ee2ded0b71a3647c6db6f157efe2b21713a2aa32426bd4bfd3268c1632261c36e71351ff23402ac2483ecec182a6c96"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "GetLevel3_LoadDeviceRSAKey",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Session": 25600,
"Length": 1312,
"Context": "fc56d41426dbf7c137583dce410d0a0e4eb176bf7f1b5895614d4a4df85a728b0ddd31f0d4d95c1cb3d6d75a13d5ba5dbfeea186c38b224c0f0d447ae77f50bb16a75e353b31bc8ef82057cdb3ef62dfee68b64c20a7ea2e35243e8fdd77e1770be5c51d147810c4257504de366d4979f58ad12c2ac84e8567b82ce12d782a7c346298e4bff6e7ef74eafd550d814d9a05b3a837e5a6b796f3b7daf04e96589574c477801f26a7faae6962c6ed4d54950486292c08fd0e4e35d799bd93061c84afacf045f8f13bc17c7c196c5662b0e179390c6c7bc70b0134da35e28e26d2bcd8bcdf65e5f690bc2a7ee5317da380a09c1dad9f139121e227575542b7f34f79a0ee66fadd8f92d6d1656f22191755ef243a561af758cd5311a69d166a80949f98961ca18624b5543aa195663c38807fb20a1f7d7cd49ebf01667702409ddf5b7df3dae93afe79bf80ee9dbf4ef23284cab5fad05fd81351619a51e1c30acad43f3fd5a7e6132a62fe58241cd63de72b76f421b0df37bb28aa8b351710c5ad4f7590460d40193f0b1cd1f2b04086eb926b2c0fa4076604e953b6e9e3eb0b67e08f5e6d0211134b21323bcbd72a8d88c69aa582c7ccdc0d917eec451ba2d0a9e7b42a052acfc0c752edb0a6f176be96803e23358d8a6e0b56cdf91aa5934ab4e576775e2d2ab488f7d313b7f290c7ab3e5ddd4e5971ca4983f3660c8cdd3998d7a7a31e99cb6299159e63f2c5410883e54e26f05bfe1081c94a45a62c2ed458d886ca7447dae462d5d27cb9266a6a2122a0b663fb374bb7e9eb137e94d4a0f9323aa12322345457e48f3feb277c9a2d3b071aa59320d7e211fb2142d1ab98f24789214b95fc1c4d84d203f73c3f00112ac1f048954d8e6b029f9eaa5403eefa22cffd4425b49d1c250dfbea5f15566c1f9ab02b95fcfe0170077908d667222143c43f575d59105f3dcc29e2d8617c9eeba6408ac039f83fce2bf87bb2d541df8fccb3e7ecce0166097a69c8b2b9d1cd0aed5c7a03acd89e3fcb69b34aeec2a62043aff5237b833533f470997af23fa55612c366a680c6f432e4239ab6e21b85e3ce0135bb55a82926f4e1e2a6dd934d484b0a28ed66c5e453af9996b61152a0926524aa622268faf8ba5978d80fbfe31d5efbd950ef39f9805bb958520ef1ba7e1b5a0cf5ae2c64e3aedb506772b6c5ad0c305939fedb7c74ee880a9e84b0b0169c4c93404c85cd4e69acf49c9cdc1de4cab1744532187d4040b00121b15d8cbe42727d804261ff686c58c28be08571a62ef221380b60790d54f2bbc1cc756b8934c467153e592afe8d2576e932cccf230f3a82f81e1e346000254e3ef6f54c6456f24293b5df0c2ab4ab1460d6522cd14aa2dd0d3a7b0a06fa858608e2e89762715f1ded12282ccda72d9a0b9bbc5c9a2491b0f56279bb3e85c0b25fa2110b2391f1478835a0a748e7d880a950b87b0d9b3b5ade9964eda4b23efc3ce2ef0231ffb15701904fbcdd382a67447effffe4282a62ba99f66608599b219b0e45357accb8b213990a856eb4529208b0f4ec7b742d5e01910f6b58e6ea4d74bb448dd35c64648fb29c48d35f642b3c08180d792bf99159cca6024d0ce3d3efa59b715b811e05ca1fbaa2e144689e2b6f20557d180ca910b340c15a683f50ad68be811c38c9be287f4e15f77aefb9b34d2c356830415029ffdf6c3eab9bff33d7969fc07e8c69e23db8ffcce9f7027bdb94843ff0a01232481b06b0f8df4f0ee9ae37972fbac04beb0108b4b2af99ebfa5d50f99ee2ded0b71a3647c6db6f157efe2b21713a2aa32426bd4bfd3268c1632261c36e71351ff23402ac2483ecec182a6c96"
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_IsInApp",
"payload": {
"in_app": true
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "Replacing PrivacyMode"
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityPatchLevel",
"payload": {
"Patch_Level": 0
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCryptoVersion",
"payload": {
"Version": 13
}
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSupportedCertificates: OEMCrypto_Supports_RSA_2048bit"
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "Replacing PrivacyMode"
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "PrepareKeyRequest, Captured License Request"
}
2022-09-13 07:51:01 AM - Helpers.Scanner - 57 - DEBUG - processing id
2022-09-13 07:51:01 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
2022-09-13 07:51:02 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMCrypto_LoadKeys",
"payload": {
"Status": "OEMCrypto_SUCCESS",
"Type": "OEMCrypto_ContentLicense",
"Message": "0a540a203735353734443137323641303034463731393030303030303030303030303030122037353537344431373236413030344637313930303030303030303030303030301a00200128003800400048addd819906120208011a6612108c258e9da0e5a93ff6d9a150112b41c71a502110af9addc6c883e0e1b70d7aabbc153c4e5feee715ad5aea26c9e327acd418a46e2051a9f3516893d4a8fe9afb45b60752604ce079078221f5f8393723c4567825cdf57817b86ff456f67cc2d07f6120011a86010a10ccbf5fb4c2965be7aa130ffb3ba9fd731210c389d7f534dece1230026256343a7a681a209404a0fa8450bda5e666d6ece97ef9f9848a84169af175d3e6c5bc247e4d8c032002280142340a20beb007ad8dea97507a952914aec7a14c733be4d1cc34bc124cea8123e39de5c8121037885ac9aaf57cdfdafea1bed8fba7896204554844321a86010a109bf0e9cf0d7b55aeb4b289a63bab86101210d3c1ede9f4d8720104f4400d185f16ba1a2021c7a4ae5fb2bb2226764ae4a2455360fcde89edfd11cd6b80c15abc4b63983f2002280142340a20b0e2c87d5e53b9ea805dbe06e07c3b787f65f8bba70fc95360e55d4ed41827081210092a65469d6b847fa1e9b2a7f975c2656204554844311a84010a10eb676abbcb345e96bbcf616630f1a3da12105e6adce0839c7d80515444c4fb59a3751a20c200ccbf059c8ff2471ab9f9d7a8d215254323967ab67e7b57eb8112313337d02002280142340a20d5fc4ad97520d0b6f37220201f6bf769dc98018583737b52b183fc25ec8130261210fedbfbbd88c1bd11b53f00620257c643620248441a84010a100294b9599d755de2bbf0fdca3fa5eab71210a14ac83700247927d050cb015b463f901a200bb57362e91e0d247c92e6ae508b56eb4eeb69423ee06702210e0c7623462e732002280142340a20b911cac105b57d132a7d72bc0a18487cebda7629ffc449652f2f0d5409eef9491210ed3dc6e57cf17d5facc9c8a0733482cb620253441a87010a10639da80cf23b55f3b8cab3f64cfa5df612100468addacc7ed07c6c15ee9872c99d941a2013d3177577501d501346fdcb407558307d2b92a8be71fdaa0973369378aee4d02002280142340a2015e64230cccdf74308f7bdf162328a0493afc9e45bb490d407292e6cb7cef005121097f2229d8eea1f8670e903494a938b9e6205415544494f20addd8199063800",
"Signature": "8e716c7ca1ed31e4b590c165ed718195703fea1edd1be324db64fbbe568365ae"
}
}
2022-09-13 07:51:02 AM - Helpers.Scanner - 75 - DEBUG - {
"from": "[email protected]",
"message": "OEMSecurityLevel",
"payload": {
"Level": "L3"
}
}
Scripts Runs says hooks Completed but no files dumped?
When I run dump_keys.py I get this error
C:\Users\userVM\Desktop\dumper-main>dump_keys.py
Traceback (most recent call last):
File "C:\Users\userVM\Desktop\dumper-main\dump_keys.py", line 14, in
device = frida.get_usb_device(0)
File "C:\Users\userVM\AppData\Local\Programs\Python\Python39\lib\site-packages\frida__init.py", line 89, in get_usb_device
return get_device_matching(lambda d: d.type == 'usb', timeout, **kwargs)
File "C:\Users\userVM\AppData\Local\Programs\Python\Python39\lib\site-packages\frida__init.py", line 97, in get_device_matching
return get_device_manager().get_device_matching(predicate, timeout, kwargs)
File "C:\Users\userVM\AppData\Local\Programs\Python\Python39\lib\site-packages\frida\core.py", line 26, in wrapper
return f(*args, kwargs)
File "C:\Users\userVM\AppData\Local\Programs\Python\Python39\lib\site-packages\frida\core.py", line 58, in get_device_matching
return Device(self._impl.get_device_matching(lambda d: predicate(Device(d)), raw_timeout))
frida.InvalidArgumentError: device not found
Frida server is running on phone, tried latest server, tried older server, no go.
Also tried adding timeout
device = frida.get_usb_device(1)
but doesn't work
hello @wvdumper ,
i have successfully run this script but i am not getting any keys after running the demo content
but i got some infos & key json file but there is no key
Android version:- 10
...
Tried rooting my device for frita server but it looks like there’s no way to do it for my device (it’s a TC51) anyways, is there anyway to just do it from an emulator or any other method
Rooted device Nexus 7
Installed the latest frida-server from google play & ofcourse the script according to the instructions.
Here it is the output
2021-12-28 11:36:39 PM - root - 16 - INFO - Connected to Nexus 7
2021-12-28 11:36:39 PM - root - 17 - INFO - scanning all processes for the following libraries
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=1, name="init", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=116, name="ueventd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=134, name="logd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=135, name="debuggerd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=136, name="vold", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=143, name="debuggerd:signaller", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=197, name="daemonsu:mount:master", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=206, name="daemonsu:master", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=219, name="healthd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=220, name="lmkd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=221, name="servicemanager", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=223, name="surfaceflinger", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=236, name="adbd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=239, name="gpsd", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=242, name="zygote", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=243, name="audioserver", parameters={})
2021-12-28 11:36:44 PM - root - 19 - DEBUG - Process(pid=244, name="drmserver", parameters={})
2021-12-28 11:36:48 PM - Helpers.Scanner - 82 - INFO - Running libdrmwvmplugin.so at 0x40143000
2021-12-28 11:36:48 PM - root - 19 - DEBUG - Process(pid=245, name="installd", parameters={})
2021-12-28 11:36:48 PM - root - 19 - DEBUG - Process(pid=246, name="keystore", parameters={})
2021-12-28 11:36:48 PM - root - 19 - DEBUG - Process(pid=247, name="media.codec", parameters={})
2021-12-28 11:36:48 PM - root - 19 - DEBUG - Process(pid=248, name="mediadrmserver", parameters={})
2021-12-28 11:36:50 PM - Helpers.Scanner - 82 - INFO - Running libwvdrmengine.so at 0x42d6c000
Error: Error: unable to intercept function at 0x42e47ab9; please file a bug at F: _lcc46
2021-12-28 11:36:51 PM - Helpers.Scanner - 75 - DEBUG - {
"from": "Dynamic Function",
"message": "L3 RSA Key export function found: ulns"
}
2021-12-28 11:36:51 PM - Helpers.Scanner - 82 - INFO - Running libmediadrm.so at 0x40a3a000
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=249, name="media.extractor", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=250, name="mediaserver", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=251, name="netd", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=253, name="gatekeeperd", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=254, name="perfprofd", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=565, name="system_server", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=660, name="com.android.inputmethod.latin", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=665, name="sdcard", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=692, name="com.android.systemui", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=829, name="com.google.android.gms.persistent", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=989, name="android.ext.services", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1063, name="wpa_supplicant", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1071, name="Google", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1091, name="com.android.nfc", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1486, name="daemonsu:10043", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1653, name="Bluetooth GNSS", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=1861, name="Google Play Store", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=3676, name="Free Adblocker Browser", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=3759, name="com.hsv.freeadblockerbrowser:sandbox_process0", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=3800, name="com.hsv.freeadblockerbrowser:privileged_process0", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=3993, name="daemonsu:10105", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4021, name="com.android.defcontainer", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4096, name="frida-server-15.1.14-android-arm", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4097, name="dex2oat", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4118, name="daemonsu:0", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4145, name="logcat", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4299, name="com.google.android.googlequicksearchbox:search", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4347, name="com.hsv.freeadblockerbrowser:privileged_process0", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=4948, name="Official TWRP App", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=5176, name="com.google.android.gms", parameters={})
2021-12-28 11:36:51 PM - root - 19 - DEBUG - Process(pid=5224, name="com.google.process.gapps", parameters={})
2021-12-28 11:36:51 PM - root - 25 - INFO - Hooks completed
//hangs here
Hi,
I want to get Udemy Courses l3 decrypt keys for decrypt encrypted udemy course videos. can i use this project for this purpose and its still working?
My output doesn't have any "Key" or "KeyID", while the player throws a "MediaDrmBridge creation failed" and doesn't play the content.
Content playback is fine when the script isn't running.
Output:
https://gist.github.com/pras92/cdb15f91e5f2c900163d3d55a8ae6688
Is the script still working? I see Android 11+ would be facing issues, but mine's Android10 (MIUI 12).
Could anyone point me in the right direction? Any help/ suggestion is appreciated.
Hello guys, I just want to know if possible dump L1 with this script, if so how?
what tools i need to use to get the KID:KEY from private_key.pem and client_id.bin?
.
Android 9 ,OEM Crypto is 13,only get license_request.bin and key_boxes ,key_boxes only have 7283.bin and 7283.json I dont know what shall i do , anyone can help me?I tested 4 phones , cant get privite key
so i have my T95 S1 Android TV BOX device, connected to home wifi not pc wifi, pc connected to wifi and downloaded frida server and installed and its running on the T95 And its rooted, im getting
Traceback (most recent call last):
File "C:\Users\Username\Desktop\Use for rooting & grabbing l3 cdm from android tv box\Dumper\dump_keys.py", line 21, in
libraries = scanner.find_widevine_process(device, process.name)
File "C:\Users\Username\Desktop\Use for rooting & grabbing l3 cdm from android tv box\Dumper\Helpers\Scanner.py", line 149, in find_widevine_process
process = dev.attach(process_name)
File "C:\Users\Username\AppData\Roaming\Python\Pyth on39 \site-packages\frida\core.py", line 26, in wrapper
return f(*args, **kwargs)
File "C:\Users\Username\AppData\Roaming\Python\Pyth on39 \site-packages\frida\core.py", line 165, in attach
return Session(self._impl.attach(self._pid_of(target), *args, **kwargs))
frida.ProcessNotRespondingError: process with pid 12228 either refused to load frida-agent, or terminated during injection
C:\Users\Username\Desktop\Use for rooting & grabbing l3 cdm from android tv box\Dumper>pause
Press any key to continue . . .
UPDATE...
IM GETTING:
2021-12-28 09:54:43 PM - root - 25 - INFO - Hooks completed
UPDATE 2:
only thing is the android tv box wont load any apps, websites or anything now
UPDATE 3:
playing netflix movie in chrome and only getting:
2021-12-28 09:54:43 PM - root - 25 - INFO - Hooks completed
please help thanks
Hey, when i tried to capture my private key using app(original from course).apk then only key_boxes dumpted (with security level L1) and when i tried to same website using Chrome.apk then i have nothing found there (shows security level L3) and no key dumpted.
Android version = 11
Redmi Note 10
rooted = yes with magisk manager
Have any solution ?
Hi can someone help me with this im getting the error
C:\Users\user\Desktop\dumper-main>python dump_keys.py
2021-12-20 03:57:54 PM - root - 16 - INFO - Connected to SM N9005
2021-12-20 03:57:54 PM - root - 17 - INFO - scanning all processes for the following libraries
Traceback (most recent call last):
File "C:\Users\user\Desktop\dumper-main\dump_keys.py", line 18, in
for process in device.enumerate_processes():
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\frida\core.py", line 26, in wrapper
return f(*args, **kwargs)
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\frida\core.py", line 110, in enumerate_processes
return self._impl.enumerate_processes(*args, **kwargs)
frida.ServerNotRunningError: unable to connect to remote frida-server: closed
So I dumped an S7 Edge (SystemID: 4445) using the My5 app for playback. https://www.channel5.com/
I tried to use the provided blob/key to create a license request to Amazon Music.
{"__type":"com.amazon.digitalmusiclocator#DrmLicenseDeniedException","DrmType":"WIDEVINE_ENTITLEMENT","denialReason":"UNTRUSTED_SYSTEM_ID","message":"WIDEVINE_ENTITLEMENT license denied. The system id 4445 is not allow listed by Amazon Music for group license requests. (DrmLicenseDeniedException UNTRUSTED_SYSTEM_ID) request-id: ff7489f8-10b5-4106-bf95-cbffbc713cf9 music-agent: Harley/3.10.0.64 Harley/22.2.3","requestId":"ff7489f8-10b5-4106-bf95-cbffbc713cf9"}
The response is self-explanatory, the SysID is untrusted.
HOWEVER, playback is possible on the device and monitoring the traffic using HTTPCanary I am able to see successful license requests made from the device itself.
Back to the issue title, is the provided private_key.pem
and client_id.bin
dependant on the application used for playback?
For example if I dumped by using Prime Video for playback would I receive a different result than dumping from My5, Netflix, Hulu, Bitmovin or another application?
I ask this question because I do believe the the device i'm using should be able to make a license request to the aforementioned service and can only think of the dumped files being the issue.
.
If you follow the steps properly and your device does not have OEM Crypto API then it won't be able to dump the keys. (Stays at Hooks completed)
We need an update for it to work with devices without OEM Crypto API
does this work with nox emulator?
frida-server runs fine and when the script runs and says Hooks completed, I play widevine DRM content and it doesn't give me anything else. I used bitmovin.com/demos/drm to play DRM content
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.