5

I have the m3u8 file and the key.bin, inside the m3u8 file is:

#EXTM3U
#EXT-X-VERSION:4
#EXT-X-PLAYLIST-TYPE:VOD
#EXT-X-INDEPENDENT-SEGMENTS
#EXT-X-TARGETDURATION:6
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-KEY:METHOD=AES-128,URI="key.bin"
#EXTINF:6.000000,
segment-0.ts
...
#EXTINF:4.416667,
segment-159.ts
#EXT-X-ENDLIST

and inside the key.bin file is

Ú{±€rl”ÜJÌy«‡mó

How do I download this as an mp4 using ffmpeg or youtube-dl?.

Kamil Maciorowski
  • 81,893
weakplayrxw
  • 51

3 Answers3

6

You can use ffmpeg like so:

ffmpeg -i video.m3u8 -c copy -bsf:a aac_adtstoasc video.mp4

Also if the urls are https you can add https to allowed protocols like so:

ffmpeg -protocol_whitelist file,http,https,tcp,tls,crypto -i video.m3u8 -c copy -bsf:a aac_adtstoasc video.mp4

Original article: Download encrypted HLS content with ffmpeg - davd.io

mehrdad
  • 69
1

If you're using youtube-dl -o file.mp4 "m3u8-URL", you might need to might need to pass proper headers for youtube-dl/ffmpeg to be allowed to download the key. use the --user-agent "USERAGENT" and --referer "REFERRER_URL" argument. You need to use same user-agent as your browser-you can find yours easily at ifconfig.me/ua, and referer is the main URL in the browser from where you sniffed out the m3u8 URL)

E.g:

ua='User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0'
ref='Referer: https://play.example.com/'
m3u8='https://audio.api.streaming.example.com/hls/bu627ad3-b805-4n6d-9dc9-495fd113d47f/playlist.m3u8'

youtube-dl -o file.mp4 --user-agent "$ua" --referer "$ref" "$m3u8"

Credit goes to the guy from reddit who gave the solution.

Ole Tange
  • 5,099
guestnbxd1
  • 31
0

If you encounter a field such as EXT-X-KEY, the URI value first needs to be resolved, relative to the playlist URI. So if you have this:

http://example.com/hello/playlist.m3u8

then the resultant URI will be:

http://example.com/hello/key.bin

once thats done, you can get the data from the URI, typically 16 bytes or more. You can then resolve a segment URI:

http://example.com/hello/segment-0.ts

and download as normal. Next you can decrypt the segment using AES-CBC, using the data from key.bin, as both the AES key, and the CBC IV. After decrypting, you'll need to remove any padding, if it exists. Repeat this process for all the segments.

RFC 8216 - EXT-X-KEY

Zombo
  • 1