Jump to content


Photo

Muslix64 about his BackupHDDVD and v1.00 release


  • Please log in to reply
40 replies to this topic

#1 Xbox-Scene

Xbox-Scene

    Memba Numero Uno

  • Admin
  • 5,201 posts
  • Location:Yurop
  • Xbox Version:unk
  • 360 version:unknown

Posted 03 January 2007 - 02:47 AM

Muslix64 about his BackupHDDVD and v1.00 release
Posted by XanTium | January 2 20:47 EST

 
Muslix64, who released the first hack to decrypt HD-DVD movies, published more details about his hack on the doom9.org forums and released v1.00 of his tool:


I spent the last few days reading a lot of articles on BackupHDDVD, reading a lot of people's post/comments on various websites.
This is the time to set the record straight about this new tool and what the impacts are.

First I need to clarify some points.
Revocation: In the AACS system, there is 4 types of revocation:
* Drive revocation
* Host revocation
* Device revocation (with MKB)
* Content revocation
There is no such thing as "title key revocation" and "volume key revocation"


Now, here is a list of affirmations I have seen lately:

* Affirmation 1: You did not break AACS, just the player
* My comment: I did not break AACS, but I find a way to decrypt movies and I have bypassed all the revocation system.
Not that bad...

* Affirmation 2: The BackupHDDVD circumvention tool won't last long
* My comment: As long as insecure players will exist, it will last...
And insecure players will always exist, in fact you can extract keys from any player! Some players are just easier to extract the key from. Being lazy, I prefer to extract keys from an insecure player than a secure one.
And the AACS spec says "Device keys must be protected!" but they did not said that about volume key, fatal mistake!

* Affirmation 3: The keys can easily be revoked.
* My comment: What keys are you talking about?
As I stated before, there is no such thing as "title key revocation" and "volume key revocation". If someone publishes only volume keys, there is no way to know from which player these keys where extracted from, making the revocation system useless. They can do content revocation, but to revoke what? All movies before 2007? They can do player revocation, so I will just change the player I'm using, big deal...
So what is the AACS revocation system good at?
It is good for that scenario:
Someone post on the net, a tool that do the complete decryption automatically. Off course the program use stolen device keys from an official player. They (AACS and friends) will eventually get their hands on this program, look at the device keys and revoke them. Making that player unable to play new titles. But the author of this program can pre-extract a bunch of devices keys from different players and release them, one at the time, when the previous one have been blacklisted. The AACS spec says "Device keys must be protected!" so I suppose they put more effort in protecting these keys then the volume key in memory.

* Affirmation 4: BackupHDDVD is nothing, only one person out of a million have the technical skills to extract keys.
* My comment: BackupHDDVD is a proof of concept.
Picture this:
Few skilled persons can do massive volume key extraction, and send the keys to a central server on the internet. Then, they create an easy to use decryption program, with a nice GUI that do online key recovery. That way, my father and your father can backup movies.
Or they can send the keydb.cfg file on P2P networks (BitTorrent, E-Mule, etc..)
See the problem now?

* Affirmation 5: You can extract keys from software player on personal computer but not on hardware player.
* My comment: It's easier to extract keys from software player, but it also possible to extract keys from hardware player (the set-top box in your living room!)

Conclusion:
The attack I describe in "Affirmation 4", is not here yet, but it's coming. So I give MPAA and AACSLA a head start. Start to think what you can do about that.
To totally block this attack, they need to put different keys on every disk! Now, they only have different keys for different movies. I don't know about the manufacturing process of the disk. This solution may not be possible.
The best they can do, is doing shorter manufacturing run of a particular movie, so it would be difficult to get your hand on every "pressing" of a movie.
When they design AACS, they assume people will look for the device keys. I don't care about device keys. I do care about volume key. Having the device keys mean that you have to re-implements all the complex crypto and do the full AACS process.
I leave all this dirty job to the player and recover only the volume key.
There is 3 important things in cryptography:
* 1-Private key protection
* 2-Private key protection
* 3-Private key protection
Did I break AACS? I don't know. What do you think?
I'm not going to work on this anymore, I'm taking a vacation!


Muslix64 also release v1.00 if his BackupHDDVD tool/proof-of-concept:


What's new in this version?
* Volume key support
* Partial resume of an interrupted decryption session
* New file format and file name for key database file.

The key database file is now KEYDB.cfg


Thanks to spiff & pike for news/links.
Full Story: forum.doom9.org
Download: n/a (might be illegal under DMCA/EUCD)




#2 juan_2006

juan_2006

    X-S X-perience

  • Members
  • PipPip
  • 447 posts
  • Xbox Version:v1.6
  • 360 version:v5.0 (360S - trinity)

Posted 03 January 2007 - 02:31 AM

Great thing..Now we have more info....good job Muslix64 smile.gif

Edited by juan_2006, 03 January 2007 - 02:31 AM.


#3 dom0012

dom0012

    X-S X-perience

  • Members
  • PipPip
  • 387 posts

Posted 03 January 2007 - 03:11 AM

so what does this mean? uhh.gif

#4 master4best

master4best

    X-S Enthusiast

  • Members
  • 8 posts
  • Xbox Version:v1.0
  • 360 version:v3.0 (falcon)

Posted 03 January 2007 - 03:51 AM

QUOTE(dom0012 @ Jan 3 2007, 07:18 AM) View Post

so what does this mean? uhh.gif


It means that we are a step closer to cracking AACS, the HDDVD DRM protection. The only thing left is a better decryptor with a GUI and a way to find the keys needed for the program to work, as the most people don't know how to get them...

By the way nice work Muslix64!

Edited by master4best, 03 January 2007 - 03:52 AM.


#5 DMAddict

DMAddict

    X-S Expert

  • Members
  • PipPipPip
  • 678 posts
  • Location:Tetraspace
  • Xbox Version:v1.0
  • 360 version:v4.0 (jasper)

Posted 03 January 2007 - 03:57 AM

I see HD-DVD Shrink coming soon.

#6 Heet

Heet

    X-S Knowledgebase

  • Moderator
  • PipPipPipPipPipPipPipPip
  • 4,965 posts
  • Location:Gainesville, FL
  • Interests:Pina coladas and getting caught in the rain. Disk space.
  • Xbox Version:v1.3
  • 360 version:v2 (zephyr)

Posted 03 January 2007 - 04:03 AM

^ biggrin.gif And AGK for HD-DVD



Dont let em hate on ya Muslix64. They are scared of your intelligence. smile.gif



Thanks for all the HARD work!!!!!

#7 throwingks

throwingks

    X-S Freak

  • Head Moderator
  • PipPipPipPipPip
  • 1,957 posts
  • Xbox Version:v1.4
  • 360 version:v4.0 (jasper)

Posted 03 January 2007 - 04:09 AM

QUOTE(DMAddict @ Jan 2 2007, 10:04 PM) View Post
I see HD-DVD Shrink coming soon.
From videohelp.com

A DVD5 holds:
~30min @ 1080p
~60min @ 720p

A DVD9 holds:
~55min @ 1080p
~120min @ 720p

#8 vingasoline

vingasoline

    X-S X-perience

  • Members
  • PipPip
  • 407 posts
  • Xbox Version:v1.6b
  • 360 version:v1 (xenon)

Posted 03 January 2007 - 04:15 AM

QUOTE(DMAddict @ Jan 2 2007, 09:04 PM) View Post

I see HD-DVD Shrink coming soon.



how are you going to shrink a 30gb movie.. you would have to compress it 75% just to fit on a dvd9.. There goes the video quality.

#9 DMAddict

DMAddict

    X-S Expert

  • Members
  • PipPipPip
  • 678 posts
  • Location:Tetraspace
  • Xbox Version:v1.0
  • 360 version:v4.0 (jasper)

Posted 03 January 2007 - 04:23 AM

QUOTE(vingasoline @ Jan 2 2007, 07:22 PM) View Post

how are you going to shrink a 30gb movie.. you would have to compress it 75% just to fit on a dvd9.. There goes the video quality.

. . . was kinda joking. The thought being that there's going to be a boat load of apps to extract/burn HD-DVD's.

Edit: DVD Shrink is a ripper, not a converter. Allows you to deselect additional content from DVD.

Edited by DMAddict, 03 January 2007 - 04:35 AM.


#10 dynt

dynt

    X-S Senior Member

  • Members
  • PipPip
  • 242 posts
  • Xbox Version:v1.6b
  • 360 version:v1 (xenon)

Posted 03 January 2007 - 04:35 AM

i think the next move forward will be the ability to back up hd-dvd to xvid 720p which you can get 3 hours easily on a single layer disc, i am sure with the growth 1080p tvs then the next development will be 1080p xvid files.

Most stand alone dvd players today have mpeg4 compatabilty so it will not be hard in the near future to backup to mpeg4 in high deff with no need for exspensive media or burners and keep the same quality.

#11 manu_xl

manu_xl

    X-S Genius

  • Members
  • PipPipPipPip
  • 830 posts
  • Location:Europe
  • Interests:Hacking The Box!
  • Xbox Version:v1.1
  • 360 version:v2 (zephyr)

Posted 03 January 2007 - 05:45 AM

sometimes the opportunity cost of backups is higher than the actual benefit. as long as we are not able to write on those new media discs, it remains silly to think about backup'ing those hd movies. makes more sense to stay with the non HD versions of these movies.

#12 kevhonda

kevhonda

    X-S Senior Member

  • XS-BANNED
  • PipPip
  • 185 posts
  • Xbox Version:unk
  • 360 version:unknown

Posted 03 January 2007 - 07:16 AM

What Muslix64 did was set this scene on the right path, if you realise this or not. Halo3 is scheduled to be the first 360 game released on HD-DVD but it will not be the last. If this new exploit is for real and homebrew for the 360 becomes a reality then everyone would have been bitching and complaining about not being able to backup 360 games in HD. Thanks to Muslix64 the xbox-scene is now 1 step closer to being able to backup a HD game if/when we have the ability. Now hopefully this new "exploit" or whatever it is will be true so we can begin what most of us have been waiting for HOMEBREW. Thanks Muslix for your contribution!!!

#13 whytellyou

whytellyou

    X-S Young Member

  • Members
  • Pip
  • 42 posts
  • Xbox Version:v1.0
  • 360 version:v1 (xenon)

Posted 03 January 2007 - 07:45 AM

QUOTE(kevhonda @ Jan 3 2007, 01:23 AM) View Post

What Muslix64 did was set this scene on the right path, if you realise this or not. Halo3 is scheduled to be the first 360 game released on HD-DVD but it will not be the last. If this new exploit is for real and homebrew for the 360 becomes a reality then everyone would have been bitching and complaining about not being able to backup 360 games in HD. Thanks to Muslix64 the xbox-scene is now 1 step closer to being able to backup a HD game if/when we have the ability. Now hopefully this new "exploit" or whatever it is will be true so we can begin what most of us have been waiting for HOMEBREW. Thanks Muslix for your contribution!!!


There will be no HD-DVD games.

#14 generalnewbie

generalnewbie

    X-S Senior Member

  • Members
  • PipPip
  • 227 posts

Posted 03 January 2007 - 08:20 AM

From what ive gathered this info might be helpful to more info and ill share it here

Memory.dmp--you can generate the Memory.dmp file by holding CTRL on the right side of the spacebar while you press SCROLL LOCK two times. Not verified to work but someone said it may......

Windows XP Service Pack 2 Support Tools has a command called dumpchk that will verify the dump and display information about it. This command can be found in the Windows XP Support Tools. The easiest way to run it is to copy the dumpchk.exe into the same folder as the memory.dmp file.

IE c:\windows\memory.dmp

At a command prompt in this folder run the command “dumpchk memory.dmp”.


To really dig into the memory.dmp file you will need to use the Microsoft Debug Tools. You also need the correct symbols for the os that the memory dump came from. These can be downloaded here.
http://www.microsoft...installx86.mspx
http://www.microsoft.../symbolpkg.mspx

After all that is installed, open up the Debug program windbg. It can be found in the start menu. First set the symbol path, by clicking File, symbol path; and add the path that you installed the symbols to. Default is c:\windows\symbols.

To open up the memory.dmp file, select File, Open Crash dump. It will first show the same info that dumpchk displayed. To get more detailed info, enter this command: !analyze -v. This will display a much more detailed analysis of the problem. Some other useful things you can look at are the call stack (View, Call Stack) to see what system calls were being run when the crash occured, registers (view, registers) to see what registers were being used, and the actually memory (view, memory) to view the contents of the memory when the crash occured. You could also view the dissassembly to see what code was running.



#15 trey85stang

trey85stang

    X-S Expert

  • Members
  • PipPipPip
  • 576 posts
  • Xbox Version:v1.0
  • 360 version:unknown

Posted 03 January 2007 - 09:17 AM

QUOTE(kevhonda @ Jan 3 2007, 07:23 AM) View Post

What Muslix64 did was set this scene on the right path, if you realise this or not. Halo3 is scheduled to be the first 360 game released on HD-DVD but it will not be the last. If this new exploit is for real and homebrew for the 360 becomes a reality then everyone would have been bitching and complaining about not being able to backup 360 games in HD. Thanks to Muslix64 the xbox-scene is now 1 step closer to being able to backup a HD game if/when we have the ability. Now hopefully this new "exploit" or whatever it is will be true so we can begin what most of us have been waiting for HOMEBREW. Thanks Muslix for your contribution!!!

It's obvious you have no idea what you are talking about.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users