CDM-Project/wvg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Chrome/Firefox extension for pen-testing to retrieve encryption keys of Widevine protected content !DON'T DECRYPT CONTENT UNLESS YOU HAVE THE RIGHT TO DO IT!
38 Commits 2 Branches 0 Tags 7.4 MiB
JavaScript 98.4%
Python 0.9%
HTML 0.4%
CSS 0.3%
f7db81a03b
Go to file
FoxRefire f7db81a03b Records requestBody from POST requests
2024-04-26 10:53:24 +09:00
pyodide NextGen🎉 2024-04-19 05:48:32 +09:00
python Shows only keys 2024-04-25 01:37:29 +09:00
wheels NextGen🎉 2024-04-19 05:48:32 +09:00
.gitattributes Initial commit 2024-04-09 08:46:15 +09:00
.gitignore Create .gitignore 2024-04-19 06:42:19 +09:00
background.js Records requestBody from POST requests 2024-04-26 10:53:24 +09:00
content.js Record the history of key acquisition 2024-04-25 03:37:31 +09:00
CONTRIBUTION.md Typos 2024-04-22 22:12:01 +09:00
icon.png Initial commit 2024-04-09 08:46:15 +09:00
inject.js Initial commit 2024-04-09 08:46:15 +09:00
jsonview.js Record the history of key acquisition 2024-04-25 03:37:31 +09:00
LICENSE Initial commit 2024-04-09 08:46:15 +09:00
manifest.json Record the history of key acquisition 2024-04-25 03:37:31 +09:00
popup_drawList.js [Refactor] Move some snippets 2024-04-25 03:41:58 +09:00
popup_showHistory.js meta 2024-04-25 04:11:11 +09:00
popup.html Record the history of key acquisition 2024-04-25 03:37:31 +09:00
popup.js Records requestBody from POST requests 2024-04-26 10:53:24 +09:00
README.md meta 2024-04-25 04:11:11 +09:00

README.md

WVGuesserExtension-NextGen

Extension works standalone.

Not anymore need WVCore.Server API setup!

Looking for legacy version?: https://github.com/FoxRefire/wvg/tree/legacy

Instalation

  1. Download or clone this code

  2. At the same directory of manifest.json(root directory of this extension), put the one of the following Android L3 CDM file(s).

    • Supported CDM Types

      1. device.wvd

      2. device_client_id_blob + device_private_key

      3. client_id.bin + private_key.pem

  3. Install extension

    • Firefox

      1. Navigate to about:debugging#/runtime/this-firefox

      2. Load temporary addon

    • Chrome

      1. Navigate to chrome://extensions/

      2. Load unpacked

    • Kiwi Browser(Android)

      1. Navigate to ︙ --> Extensions

      2. +(from .zip/.crx/.user.js)

Demo

demo.webm

Todo

  • Improve UI
  • Localization
  • JSON rules for License URL and scheme selection

For contributors, see here: https://github.com/FoxRefire/wvg/blob/next/CONTRIBUTION.md

Disclaimer

This extension is for educational and researchment purpose.

Only use it for content for which you own the rights and do not use it for piracy purposes.

How it works?

image

  1. inject.js injected by content.js gets Widevine PSSH by hooking EME.
  2. background.js fetches POST URLs/Headers
  3. PSSHs will passed by this route inject.js-->content.js-->background.js-->popup.js
  4. PSSHs+URLs+Headers will passed by this route background.js-->popup.js
  5. popup.js will contols UI(popup.html)
  6. User input into UI
  7. popup.js calls pywidevine script using pyodide in browser

Third-party libraries

Big Thanks and inspired by

https://github.com/emarsden/pssh-box-wasm/