April 28, 2021

Decrypting obfuscated Javascript encryption algorithm?


Already know this can be done, but I am curious what the methodology that the contributors of [this GitHub project](https://github.com/ytdl-org/youtube-dl) used to reverse engineer Youtube’s encryption algorithm for the “sig” HTTP GET parameters value, used to request videos from the [googlevideo.com](https://googlevideo.com) domain. The base.js file responsible for decrypting the “signatureCipher” found on many video watch pages is highly obfuscated.

[https://www.youtube.com/s/player/cb5bd7e6/player_ias.vflset/en_US/base.js](https://www.youtube.com/s/player/cb5bd7e6/player_ias.vflset/en_US/base.js)

I feel the Chrome dev-tools debugger is key to stepping through, but there are so many lines of codes, with changing variable names/values, which makes it harder to make use of watch expressions. I setup a breakpoint to be hit when an xhr request is sent to the [googlevideo.com](https://googlevideo.com) domain. At this point the decryption had occurred, and I tried to backtrack through the call stack, that has a limited history of like 10 previous function calls, and didn’t seem like those contained what I was looking for.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.