Is there any prospect of decrypting twenty year old DRM protected WMV HD files?

[lp0_on_fire]

In 2006 we hired a videographer to film an event, he provided the content in both 720x480 Quicktime files and HD versions that are in DRM protected WMVHD DVD format, Microsoft's dystopian proposition for the high-definition optical disk format. People who were here at the time assure me they were able to play these files without difficulty, however on Windows 10 and Windows 11 we just get error messages about unsupported DRM. We need a minute and forty seconds of this thing and would much rather it be in HD.

We tried to get a hold of the guy only to learn he died in 2018, his son tried to find the original files but could only locate the same DRM protected files we have. The original unedited tape might still exist but the son guarantees "it has not been stored in an archival setting".

So before I drive two and a half hours to get my 2004 vintage Windows XP PC back from my brother, is there any prospect these files will be playable or will they be phoning home to a server that has been offline for a decade or more?

I have been reading through the metadata and licensing files on the disc but can't make heads or tales of what the runtime is authenticating against.

There is an executable on the disc called licgen.exe but it doesn't appear to be calling home if it is doing anything at all.

 

[Ligushka]

What format is the original unedited tape? Even if not stored in optimal conditions it may be able to be preserved.

 

[lp0_on_fire]

Not sure, either HDV or HDCAM (SR presumably).

 

[richleader]

All the software back then was able to crack HD DVDs, same as bluray, so I'm guessing you just need an older version of slysoft or whatever if it was phased out after it was no longer relevant.

I suspect the good version isn't that much better than what you have now though?

 

[MadMac_5]

Based on what I remember from DRM-protected WMA files that I bought from the Puretracks store (the iTunes Music Store wasn't available in Canada yet), as long as the computer's CPUID remains the same as when the DRM key was generated it shouldn't need to phone home to a long-inactive server. As Richleader said, if one can find old cracking tools I am sure that someone managed to strip it off, but I personally haven't looked too deeply into it since I only bought about 15 or so songs that way.

 

[mpat]

Wikipedia states that MS' DRM was cracked many times, but that MS constantly switched which DRM version they used to stay one step ahead. Thus you need to find the crack for the exact version that was used. WMV was never my poison, so I don't know where to find one, but Wikipedia lists the names:

https://en.wikipedia.org/wiki/Windows_Media_DRM

 

[Baenwort]

All the software back then was able to crack HD DVDs, same as bluray, so I'm guessing you just need an older version of slysoft or whatever if it was phased out after it was no longer relevant.

I suspect the good version isn't that much better than what you have now though?

My question is if this is HD-DVD (in which case decryption is easy and even MakeMKV can do it) or some WMV abomination on disc that not even God can help you with?

I've never run across WMV that wasn't used as a file or IP stream and so if this is some disc based version then I can't help. If it is a standard HD-DVD make using Windows Media then there is easy hope.

 

[KD5MDK]

So before I drive two and a half hours to get my 2004 vintage Windows XP PC back from my brother, is there any prospect these files will be playable or will they be phoning home to a server that has been offline for a decade or more?

All other things aside, is your brother likely to be able to download the files from somewhere you put them and copy them over, or is driving the fastest method to test that PC?

I also wonder if setting the clock to 2008 or something might make a difference? Unlikely but lower effort.

 

[lp0_on_fire]

My question is if this is HD-DVD (in which case decryption is easy and even MakeMKV can do it) or some WMV abomination on disc that not even God can help you with?

I've never run across WMV that wasn't used as a file or IP stream and so if this is some disc based version then I can't help. If it is a standard HD-DVD make using Windows Media then there is easy hope.

My apologies, I got a little side tracked. One of my colleauges had a family medical emergency and now I am in Florida covering for job interviews he had booked.

I tried MakeMKV for the hell of it, I actually ripped all my HD-DVDs when I learned about the disc rot plague but it just identified the disc as a data DVD.

These are not HD-DVDs. HD-DVD and Blu-ray were delayed to market because of patent litigation - in the meantime there were proposals to put HD content on conventional DVDs, WMVHD DVDs was one of these, but it was a dumb idea because the hardware to play these things required near workstation PC performance in the early 2000s.

 

[lp0_on_fire]

All other things aside, is your brother likely to be able to download the files from somewhere you put them and copy them over, or is driving the fastest method to test that PC?

I also wonder if setting the clock to 2008 or something might make a difference? Unlikely but lower effort.

The PC isn’t setup, he just borrowed it for a retro LAN party a few years ago.

My basic understanding of the technique being employed twenty years ago was if the certificates were loaded locally there were tricks to transcode the video, so that is what I am going to chase down. I found a Japanese utility with a nude woman as a menu background that will sniff out loaded Windows Media certificates that can then be used to crack the files. The other approach appears to have been to utilize the ‘analog hole’ during playback from an Xbox 360.

This all might seem a little dumb, but the person who wants this is the same person who raptured me out of an IT reorganization that was going to dramatically change my role and relocate my ass - so I am happy to ride this into the ground.

 

[KD5MDK]

This all might seem a little dumb

Not at all. You have old media that's important, and you need to recover it. The fact that it's difficult doesn't mean you shouldn't do it if you need the content.

 

[Chanur64]

Maybe I'm missing something, but why not create a VM with Vista? It launched a year after the files were created, it's WMP should play it right?

 

[Paladin]

Maybe I'm missing something, but why not create a VM with Vista? It launched a year after the files were created, it's WMP should play it right?

I think the assumption is that the encryption was tied to some key pair that related to the hardware it was built on or required some external decryption function provided by microsoft. I would say it is worth a shot to spin up a VM in virtualbox or whatever and see if it does anything. If nothing else it might provide some errors to google.

 

[w00key]

is there any prospect these files will be playable or will they be phoning home to a server that has been offline for a decade or more?

View: https://www.reddit.com/r/Piracy/comments/s6jq25/cracking_ancient_drm/
has a description of the DRM. Maybe use the method to extract the license server url and see if it is still alive; but even that would only work on machines that have played back this kind of DRM files before:

Before Windows Media Player (WMP) can talk to your self-hosted license server, it has to undergo a process called Individualization.

What is Individualization? > To ensure the DRM hasn't been cracked locally, WMP must connect back to a master Microsoft server. This server verifies the player's integrity and sends back a unique, digitally signed cryptographic file (indivbox.key) bound to that specific VM.

The Catch: Microsoft officially retired and shut down the legacy WMDRM individualization servers years ago.

Then you also need to hope the content key server is still alive too.


RC4 is weak but brute forcing 128 bits of it is still impossible.

 

[mpat]

These are not HD-DVDs. HD-DVD and Blu-ray were delayed to market because of patent litigation - in the meantime there were proposals to put HD content on conventional DVDs, WMVHD DVDs was one of these, but it was a dumb idea because the hardware to play these things required near workstation PC performance in the early 2000s.

It is possible - just - to fit an HD movie on a DVD using H.264, but the bitrate of a 1X player isn’t high enough to support continuous playback. The original proposal for what became HD-DVD was to keep the DVD as it was and update the player with a 3X reader and hardware to decode H.264. This didn’t actually happen, but it was a serious proposal. MS would at the time make products out of ideas like this to be first out if it became the standard. They notably did this with the early drafts of MPEG-4 ASP, which is what eventually lead to DivX.

In any case, the DRM in this case is not standard at all.

 

[lp0_on_fire]

Maybe I'm missing something, but why not create a VM with Vista? It launched a year after the files were created, it's WMP should play it right?

I thought the probability of DRM protected video being playable with a virtualization video driver was near zero.

In any event... while I was away one of my colleagues tried to tackle this with an old HP PC she bought on Facebook Marketplace for $10,

She was able to get video playback on Windows XP SP3 with Windows Media Player 11 after DNS blocking the server that Windows Media Player was trying to call home to that just brought up a 404 error in a pop-up window while another domain had expired years ago.

None of the hacking suggestions found on Reddit or decades old forum posts appeared applicable to these files - no license files were located even thought CDocuments and Settings\All Users\DRM was full of license keys in a hidden folder. She stripped the hidden file attributes from the command line but the hacking tools still couldn't find the license keys and Windows reapplied the attributes to the DRM folder in less than a minute.

The metadata for the video files is more or less blank leaving no clues to precisely how they were protected.

Since we have good playback of the 1080P version on this $10 HP we're just going to find an AGP video card with HDMI out and capture the video.

Her kids have already called dibs on the machine for retrogaming as it appears unaffected by the capacitor plague.

 

[JohnCarter17]

I thought the probability of DRM protected video being playable with a virtualization video driver was near zero.

In any event... while I was away one of my colleagues tried to tackle this with an old HP PC she bought on Facebook Marketplace for $10,

She was able to get video playback on Windows XP SP3 with Windows Media Player 11 after DNS blocking the server that Windows Media Player was trying to call home to that just brought up a 404 error in a pop-up window while another domain had expired years ago.

None of the hacking suggestions found on Reddit or decades old forum posts appeared applicable to these files - no license files were located even thought CDocuments and Settings\All Users\DRM was full of license keys in a hidden folder. She stripped the hidden file attributes from the command line but the hacking tools still couldn't find the license keys and Windows reapplied the attributes to the DRM folder in less than a minute.

The metadata for the video files is more or less blank leaving no clues to precisely how they were protected.

Since we have good playback of the 1080P version on this $10 HP we're just going to find an AGP video card with HDMI out and capture the video.

Her kids have already called dibs on the machine for retrogaming as it appears unaffected by the capacitor plague.

Are you buying the colleague lunch?

 

[Andrewcw]

I thought the probability of DRM protected video being playable with a virtualization video driver was near zero.

In any event... while I was away one of my colleagues tried to tackle this with an old HP PC she bought on Facebook Marketplace for $10,

She was able to get video playback on Windows XP SP3 with Windows Media Player 11 after DNS blocking the server that Windows Media Player was trying to call home to that just brought up a 404 error in a pop-up window while another domain had expired years ago.

None of the hacking suggestions found on Reddit or decades old forum posts appeared applicable to these files - no license files were located even thought CDocuments and Settings\All Users\DRM was full of license keys in a hidden folder. She stripped the hidden file attributes from the command line but the hacking tools still couldn't find the license keys and Windows reapplied the attributes to the DRM folder in less than a minute.

The metadata for the video files is more or less blank leaving no clues to precisely how they were protected.

Since we have good playback of the 1080P version on this $10 HP we're just going to find an AGP video card with HDMI out and capture the video.

Her kids have already called dibs on the machine for retrogaming as it appears unaffected by the capacitor plague.

Era relevant program. You might be able to record it using FRAPS.

 

[lp0_on_fire]

Are you buying the colleague lunch?

Oh we go out for lunch all the time. She is my direct PC counterpart.

I'm giving her kids original copies of GTA III, Vice City and San Andreas to play and mod on the $10 PC after it's upgraded with the HDMI GeForce 7600 we found. I'm also giving them an IDE SSD and DVD-RW as the machine only has a CD-RW/DVD-ROM.

 

[whoisit]

I'm also giving them an IDE SSD

Please tell me IDE SSD is a typo and not an exercise in futility.

 

[lp0_on_fire]

Pleasr tell me IDE SSD is a typo and not an exercise in futility.

Not a typo. It came in an old used appliance I bought years ago. It's a really solid Sandisk Industrial drive, better than the Maxtor whatever that is in there now.

 

[whoisit]

Never heard of an SSD on the IDE interface before. Thought it was so bandwidth limited that a SSD would be pointless.

 

[lp0_on_fire]

They have always been around, they were just too small or too expensive to be practical - they were sometimes referred to as a DOM or Disk on Module.

The SSD in the first MacBook Air was a 64GB Samsung IDE ATA-5 drive.

Edit:
View: https://youtu.be/3DoePt1B1Xg?si=RyEHKgTOUxcvr3FJ&t=217
You can see PATA on the label here.

 

[evan_s]

Never heard of an SSD on the IDE interface before. Thought it was so bandwidth limited that a SSD would be pointless.

I'd expect it would still be a meaningful improvement. Back in the day I had an old SSD in a system with only SATA 1 at 150 MBs and it was still a major improvement. An SSD is a lot better experience not only because of bandwidth but also because of latency. Even on an old slow interface the small block random I/O stuff is still going to be a lot better than a hard drive and that ends up helping out with responsiveness a lot. That's part of the reason why a SATA SSD is often not much slower than a gen 5 NVME drive in practical tests like app launch or level loading time in games.

 

[Andrewcw]

Never heard of an SSD on the IDE interface before. Thought it was so bandwidth limited that a SSD would be pointless.

They made IDE to CF adapters. So in the grey area where SSD just means a non-spinning drive. It's Solid State but not SSD in how modern terms use it. Like how eMCC and SATA SSD could both use the same exact nand where the difference is the controller. And where most times we refer it to NVME just because saying SSD could mean a SATA controller m.2.

 

[whoisit]

Didn't mean to hijack the thread. I consider myself duly educated. Now back to our regularly scheduled topic.