Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Bypassing DRM Protections at Content Delivery Networks

1.948 visualizaciones

Publicado el

Slides of the Rooted 2015 conference

Publicado en: Internet
  • Sé el primero en comentar

Bypassing DRM Protections at Content Delivery Networks

  1. 1. Bypassing DRM Protections at Content Delivery Networks Adrián Villa Bermúdez @AdriVillaB
  2. 2. # whoami • @AdriVillaB • Computer Engineering graduate • Pentester @ Tarlogic
  3. 3. Scope • OTT configuration flaws • Objetive – Distribution of protected content – Own players
  4. 4. Disclaimer SQLi or other injection stuff Privilege scalation Steal user credentials Economic proffit Review implementation and configuration
  5. 5. Disclaimer
  6. 6. OTT infraestructure • Over-the-Top technologies – Video on Demand – Channel live streaming • Content distribution over CDN • Content protection using DRM
  7. 7. How it works
  8. 8. How it works
  9. 9. HTTP Dynamic Streaming • Delivery streaming content over HTTP • F4V – De facto standard
  10. 10. Analysis
  11. 11. Orange TV • Preproduction analysis • Microsoft Smooth Streaming • IP-based DRM – X-Forwarded-For?
  12. 12. Orange TV
  13. 13. Nubeox • Limit number of devices • Crossdomain.xml • Decompile original player – Device ID generation • Extra ball – “Pass the hash”
  14. 14. Nubeox • Limit number of devices • Crossdomain.xml • Decompile original player – Device ID generation • Extra ball – “Pass the hash”
  15. 15. Nubeox
  16. 16. Wuaki.tv • IP-based DRM – X-Forwarded-For – True-Client-IP
  17. 17. Wuaki.tv • IP-based DRM – X-Forwarded-For – True-Client-IP
  18. 18. Wuaki.tv
  19. 19. TotalChannel • Smooth Streaming
  20. 20. TotalChannel • Smooth Streaming
  21. 21. TotalChannel
  22. 22. Netflix • NCCP • RSA & HMAC • Obfuscate Silverlight player • Tamper DLLs
  23. 23. Videoclub: PitM
  24. 24. Videoclub: PitM
  25. 25. Conclusions • Delegate business logic on the server side • Not trust HTTP proxy headers • Implement protections access content • Obfuscate source code
  26. 26. Thank you • Special thanks: – @Tarlogic – @RootedCON @AdriVillaB Adrian.Villa@Tarlogic.com

×