SurfTheChannel
30 posts, 8 voices
kallamigpopen
Scriptwright
|
I am not good at writing scripts so I dont know if this is possible but it would be nice if someone could write a script to download the movies on www.surfthechannel.com I sure hope that someone will do this. Sorry for my english, it isnt so good |
no0n
Scriptwright
|
There are extensions / programs to extract embedded flash videos. orbit downloader
magic's downloader
haven't tested these, use at your own will |
|
kallamigpopen
Scriptwright
|
thx i will take a look at them |
|
kallamigpopen
Scriptwright
|
the where good on other sites but unfortunately the didnt work on surfthechannel.com |
Descriptor
Scriptwright
|
Though I really hate low quality video, that site isn't too bad, nice that way they have everything organized. I was able to find Dexter with no trouble. Using LiveHTTPHeaders I was able to get the URL of the video and download it with my download manager, however I had to enter a file name to save the file as. And the video was 16/9 and the only flv player that would let me change the aspect ratio was Video Lan. With the above info a scriptwright should be able to figure out how to create a link, or there may already be one that works. Not really interested myself, more interested in HD. |
Aquilax
Scriptwright
|
If someone is interested to create a script here some other informations: First, using wireshark I found the url used from the flash player to download the video, here an example: http://www5.surfthechannel.com/flv/ODk4NDY1NDY1... Second in the flashvars of the embed tag you will find a base64 encoded parameter named input_str, here an example input_str=NjQ1Nzc2MzI0MTU3ODkwMjM0NTc4MDkyMzQ3MDgxMjM1NzA4OTIzMTQ3ODA5 decoding it with a base64 decoder you get the following string: 645776324157890234578092347081235708923147809123789afds789035278903217 Now if you split it as follow: 645776324157890234578092347081235708923147809123789afds789035278903217 aHR0cDovL3d3dzUuc3VyZnRoZWNoYW5uZWwuY29tL2Zsdi9PRGs0TkRZMU5EWTFOREV6TV 54675644536345789043789053467089523478901234789454678342324flv38741239 TnprMk5EWTFOREUyTlRReE5qVTBPVGczWVVoU01HTkViM1pNTWpGc1dqSkdNbUZYVW14aW 645776324157890234578092347081235708923147809123789afds789035278903217 eE1UWTFORGs0TkRjNU9EUXpNakV6WWpJd2RsQXpXVGxWYkd0M1RsVktXRko2V2xSU1ZrSn 4657362132475677354412348970as78979fdas7890789014327890a7890sdfa7089as WTFNVFl4TkRZME9EZ3dPVGd3T1Rnd09USXpPR1JJVW5kUGFUaDJZbGRXYmxsWVduQmFSMV and join the parts with almost only chars into the following string: aHR0cDovL3d3dzUuc3VyZnRoZWNoYW5uZWwuY29tL2Zsdi9PRGs0TkRZMU5EWTFOREV6TV and you decode it once again with a base64 decoder you get the following url: http://www5.surfthechannel.com/flv/ODk4NDY1NDY1... Wow is done, oh but you can continue too, decode once again with base 64 the filename: ODk4NDY1NDY1NDEzMTc5ODQ2NTQxNjU0NjU0OTg3OTg0NjU0MTY4NDk4NzQ5ODc5Nzk2ND and you will get the following string: 898465465413179846541654654987984654168498749879796465416541654987aHR0 split it as follow: 898465465413179846541654654987984654168498749879796465416541654987 aHR0cDovL21lZ2F2aWRlby5j 265646541516546544651651687484651165498479843213 b20vP3Y9UlkwNUJXRzZTRVBo 8412390646546545649879864141874984651614648809809809238 dHRwOi8vbWVnYXZpZGVvLmNvbS8/dj1SWTA1QldHNlNFUA== join again only the parts with almost only chars in the following string: aHR0cDovL21lZ2F2aWRlby5jb20vP3Y9UlkwNUJXRzZTRVBodHRwOi8vbWVnYXZpZGVvLm and decode it for the last time with the base64 decoder, and you get this: http://megavideo.com/?v=RY05BWG6SEPhttp://megav... but this last link doesn't work, but is not very important the first link is used from the flash player to download the video and it works very good also in the location bar. The rule to split the string? I don't know it, if someone want to write a script must find it out. |
Mikado
Scriptwright
|
OMFG!!! You, sir, are teh winnar! |
Tim McCormack
Scriptwright
|
Aquilax, I think they're using some kind of proprietary (probably crappy) encryption. Something homebrewed. I notice that there are three important variables in the flash_vars: input_str, uidpass, and uidpass2. All three are generated per-request. I think that uidpass and uidpass2 are used to decode input_str, and the result is passed to getlink.surfthechannel.com for a final decoding and redirect to the terminal resource. That resource link looks something like this: http://player0002.tudou.com/flv/003/453/129/345... Some parts of the base64-decoded string are invariant across requests, meaning the cipher they are using is quite weak. Most likely they are generated a string using the uidpass(2) strings and XORing it against the input_str, probably in binary form. As it stands, however, it's easier for me to use Firebug's Net tab to catch the FLV link than to bother breaking their crappy decryption. |
|
Aquilax
Scriptwright
|
Hi McCormak, saying that a base64 encoding is an encryption it's exaggerating, surely who has wrote that system has no idea of cryptography and has tought that a base64 encoding was a sure way to hide informations, I was only a little bit surprise that that genius has had the idea of cutting the base 64 encoded string in pieces and add some "noisy" between. |
Bob Joshophie
User
|
Try this java function out. It works great! enjoy.
/*
* PLASE REFENCE http://www.source-code.biz/snippets/java/Base64Coder.java.txt FOR Base64Coder
*/
public static String decodeSurfTheChannel(String input_str)
{
String s = "";
String output_str = "";
boolean validLine = false;
input_str = Base64Coder.decodeString(input_str);
for (int i=0; i<=(input_str.length()-152); i++)
{
s = input_str.substring(i, (i+152));
s = Base64Coder.decodeString(s);
validLine = true;
for (int x=0; x<s.length(); x++)
{
int y = s.charAt(x);
if ((y<45)||(y>122))
{
validLine = false;
}
}
if (validLine)
{
output_str += s;
}
}
return output_str;
}
|
|
Aquilax
Scriptwright
|
Hi Bob, nice job, I haven't test your function, but to convert to and from base64 you have two native function on the window object: window.atob, window.btoa
|
|
Tim McCormack
Scriptwright
|
Aquilax: I downloaded and decompiled their SWF. There are three "pass" keys. Here's the algorithm: d = input_str;
d = atob(d);
d = d.split(pass1).join('');
d = d.split(pass2).join('');
d = d.split(pass3).join('');
d = atob(d);
and then Edit 1: I've created a script, and it works... but only on that video. I think they might be generating the .swf files per-request? Edit 2: It's the playerXX.swf. My script only works for player10, not player14. They have different keys, and I think that the uidpass variables are used to choose between them. Edit 3: I can't find where uidpass and uidpass2 are being read. Edit 4: Nope, the player number is determined in flashvars, specifically, the value of xmlnum in the config key. Edit 5: My script knows the keys for 10, 14, and 15. Here's the current version: http://lab.brainonfire.net/drop/surfthechannel-... Edit 6: I've filled out the key database to include players 1-15. Uploaded here: http://userscripts.org/scripts/show/28065 |
|
Aquilax
Scriptwright
|
Great job Tim, I have only two suggestions: first I would not remove the player, normally one decide after viewing the video if download it or not, second I would not use an alert message if it doesn't find the keys but just add an warning message instead of the download link. |
|
Tim McCormack
Scriptwright
|
Aquilax: Yeah, that's why it's only at version 0.5. :-P I'll work up something with a decent user interface. By the way, got any ideas on how to make the script more generalized? I suppose I could set up a server that automatically decompiles and caches player keys upon request... :-) Edit: New version is up. Haven't tested it on unknown player IDs yet, but it should put a link in the sidebar that points to the userscript page, along with an error message. Edit 2: If anyone else wants to use the Flare swf decompiler to grab the keys for IDs greater than 16, be my guest. :-) |
PegasusX
User
|
@Tim, where is it in the actionscript that shows this? I used Flare and Sothink SWF Decompiler and wasn't able to find it. Specifically this:
I'd like to help, but can you point me to which line in the .flr file you saw that. Edit:
|
|
Tim McCormack
Scriptwright
|
Sorry about that, PegasusX -- that was just some semi-pseudocode I wrote. (It's almost functional Javascript.) Actually, what you need to decompile are the playerX.swf files. (I've done player1 through player15 -- I don't know how far up it goes.) Inside, you'll find that split and join stuff. I don't have a decompiled file on hand, though. |
|
PegasusX
User
|
Sorry to sound like a newbie again, but I did a Live HTTP Headers on a video on Surfthechannel and it didn't show any other swf file besides flvplayer_elite.swf.
|
|
Tim McCormack
Scriptwright
|
It's probably already cached. For it to show up in LiveHTTPHeaders you'd need to clear the cache. I *highly* recommend using FireBug instead, and clicking on its Net tab, then the Flash filter. |
|
PegasusX
User
|
Unfortunately Firebug is FF3 compatible, but I found HttpFox and its better, it detected it without clearing the cache. Firebug looks like exactly what I need though, it would replace like 5 of my other plugins, I'll definitely be installing that in the near future.
|
|
Aquilax
Scriptwright
|
Yes a keys-serve can be a solution but if you do it for all the keys you generate only a big useless traffic.
|
|
Tim McCormack
Scriptwright
|
I like the way you think, Aquilax. :-) However, I don't know how to programmatically post a script to userscripts.org -- is there an API I don't know about? The rest I know how to do, and I have the resources to do it. |
|
no0n
Scriptwright
|
cURL is one option. |
|
Aquilax
Scriptwright
|
Is not very difficult to programmatically post a new script, first you need a function to do some networking, an http post request, than use it to do two post, the first to login into us.org and the second to post the new script, the urls are fixed and hopefully the form input names won't change for a while. In which language do you want to code the server? |
|
Tim McCormack
Scriptwright
|
The hard way, huh? *sigh* I suppose I could do that, too. (I was hoping for an API.) I'm most comfortable with PHP, but I need to learn Python. That could be fun! |
|
Aquilax
Scriptwright
|
Hey Tim was you expecting an API for us.org? It isn't google ;)
|
