VidBox, a popular video streaming platform, has recently implemented a stream key system to combat content piracy and bandwidth theft. This system generates a short-lived, key that's required to access video streams, making it seemingly impossible to keep the video link alive for more than a minute.
You are a security researcher who has been tasked with finding a way to bypass this security feature by creating a stream key thats valid for a longer period of time, allowing you to share this link with your friends for weeks to come, are you up for the task?
Spoilers regarding the challenge details/solution
The browser loads a PNG file which contains the logic to generate the stream key. The current unix time is used as the base string for the stream key. The logic inside of the PNG should be plainly visible, obfuscated JavaScript (this would usually be WASM, but we simplify) so that the attacker can feasibly reverse engineer the key generation process within the allocated challenge time.
The stream key is generated using the AES-ECB algorithm with three keys being split up into three parts of the PNG, this essentially boils down to the following:
const keys = [getKey1(), getKey2(), getKey3()];
let streamKey = unixTime;
for (i = 0; i < keys.length; i++) {
key = keys[i];
streamKey = AES().encrypt(streamKey, key);
}
return streamKey;The stream key can now be used to access the video stream using the ?k=STREAMKEY query parameter. The server will decrypt the key to get the original unix time and check if that time has been passed, if not, the server will return the video stream.
- Encryption algorithm being used
- Algorithm keys hidden in the client-side logic
- A stream key that's atleast a day in the future
- Use the key to access the video stream, the server will return the flag.
Once you get access to the JavaScript logic, you can easily just paste the functions into the console and get the keys, we should prevent this by using global variables, overwriting functions (window.atob) and setting them in each key function so that the order of the keys being called is important. (or something similar)