I decided to do a bit of work to find out what is happening. First I searched for an RTP capturing software. Then I thought to have a look at the data being transferred over the network. I used a network sniffer to get the stream. This is what I saw.
GET /$sitepreview/hidden.in/movie/medium/MovieName_OmKaram%2Emp3 HTTP/1.1^M
Host: 10.10.10.10^M
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.0.1) Gecko/2008070206 Firefox/3.0.1^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: en-gb,en;q=0.5^M
Accept-Encoding: gzip,deflate^M
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7^M
Keep-Alive: 300^M
Connection: keep-alive^M
Cookie: 1E1AC73C-EC31-4f8f-9A6C-305961899082=Hidden.in^M
Range: bytes=1699944-^M
If-Range: "0bf337a64b4c81:19434"^M
^M
HTTP/1.1 206 Partial Content^M
[402 bytes missing in capture file]^M
This was followed by some binary data. (I need to switch the browser. FF3 does something vague with the fonts. It pumps in Malayalam in the middle!). Too bad, konqueror does not even show me the compose window.
I first extracted the binary data (Just deleted the above shown lines) and played it. I could hear the song almost completely. But there were glitches. That must have been some part of application protocol. The notable point was that it was an HTTP stream and not a RTP stream.
That means, if I can pump in the text lines seen above (Till the blank ^M line just before "HTTP/1.1 206 Partial Content") and capture the raw binary bits that came from the server, that will be my song! Then I remembered about NetCat and it worked out perfectly well.
This is what I did.
1. Opened the webpage in the browser
2. Started the song by clicking it. It was being played by a flash player
3. Captured the initial few bytes of network traffic using my favourite sniffer.
4. Extracted the HTTP request from the message & saved in a file (s1.req)
5. cat s1.req | nc
But then editing the captures were a pain. I found a way for that also. In every request, only the first line was different. So, I saved s1.req and for the rest of the files, just captured and saved first 3 to 5 seconds of data. Then I ran the following script.
#!/bin/bash
[ $# -eq 1 ] || echo "Usage $0
[ $# -eq 1 ] || exit 0
head -n1 $1.req > .req
tail -n10 s1.req >> .req
cat .req | nc 10.10.10.10 80 > $1.mp3
this will take the first line of the captured file, append it with the editied captured data and create a new request file for the current song.
I am currently planning to get the whole of that site on my laptop :)
No comments:
Post a Comment