Microsoft PlayReady

Back to research

{ Details }

The following technical materials are available with respect to the security analysis conducted for Microsoft Play Ready content protection technology in the environment of CANAL+ SAT TV operator.

Materials

  • "Microsoft PlayReady toolkit" - 394KB source code
    standalone toolkit working independently of the compromised STB device, making it possible to generate fake client device identity, acquire license and content keys for encrypted A/V asset fragments from PlayReady license server, download and decrypt these assets, inspect their content if needed and combine them into single, ready to play or distribute, plaintext MPEG-4 files. The toolkit comes with a brief technical document describing results of the analysis along the reverse engineering approach taken to Microsoft Play Ready compromise, some reverse engineering logs and a code verifying crypto params used by compromised devices.
  • "CANAL+ STB exploit" - 1180KB source code
    improved version of the 2019 code with Microsoft PlayReady support (secrets theft, reverse engineering capabilities and root device key access), Multiroom and CANAL+ VOD bypass.