kinemaster more like idk... kinefarter
im so chopped dude ty ryanb for the edit
This commit is contained in:
parent
a08dd860f4
commit
0bf150f645
2 changed files with 74 additions and 0 deletions
74
src/posts/kinemaster-drm.md
Normal file
74
src/posts/kinemaster-drm.md
Normal file
|
|
@ -0,0 +1,74 @@
|
|||
---
|
||||
title: How To Add DRM To Your Backend (easy) [2026 WORKING]
|
||||
date: 2026-02-14
|
||||
description: How KineMaster stopped some modded clients from accessing their asset market
|
||||
feature_image: /img/posts/kinemaster-drm/cover.jpg
|
||||
feature_alt: A glitchy edited KineMaster logo over top some of their source code and a word cloud of DRM-related terms
|
||||
tags:
|
||||
- research
|
||||
- analysis
|
||||
- leak
|
||||
- php
|
||||
---
|
||||
|
||||
Now replaced by CapCut for most, KineMaster used to be the kinda shitty video editing app of choice on mobile devices. And just like CapCut used to be, KineMaster was full of in-app purchases and put a watermark over your video unless you paid up. This, of course, means the app was (and probably still is) very popular to mod and crack. With KineMaster having some online features, such as an asset store, the company needed some way to detect those cracked clients.
|
||||
|
||||
One way to do this on Android is to use an [attestation](https://en.wikipedia.org/wiki/Trusted_Computing#Remote_attestation) API like [Play Integrity](https://en.wikipedia.org/wiki/Play_Integrity_API) (aka SafetyNet), preventing most mods entirely. Even some heavy obfuscation frameworks could work to stop many inexperienced crackers. But what would you do if you didn't wanna bother doing all that security bullshit?
|
||||
|
||||
## What Would KineMaster Do?
|
||||
|
||||
A while ago now, I, uuh, *stumbled* upon much of source code for the KineMaster authentication and asset backends, plus some of their Git history. The source code is quite fragmented due to how I found it, but it still paints quite a good picture of how the asset store works.
|
||||
|
||||
Most of it really isn't all that interesting. It's a basic PHP backend doing about what you'd expect: authenticating users, allowing for the purchase and download of assets, managing subscriptions and collecting some analytics data. Since the asset store is used by multiple different KineMaster apps and not every user will be updated to the latest version, each client sends its version, name and some other information along with the authentication request.
|
||||
|
||||
One thing crackers definitely aren't known for is being humble, so it is no surprise that a lot of the KineMaster mods have the modders' name either in the app name or the version string. Most crackers seemingly also don't realize this information gets sent to the server, so no effort is made to prevent sending it. This makes it incredibly easy for KineMaster to detect modded versions trying to connect to the asset store.
|
||||
|
||||
```php
|
||||
protected function vaildCheckToken($auth){
|
||||
$oauth = new Oauth($auth, $this->_request);
|
||||
if(!empty($tokenInfo = $oauth->getAccessToken())){
|
||||
if ($tokenInfo["expire"] < time()){
|
||||
new CustomView(TOKEN_EXPIRE);
|
||||
}else if (
|
||||
($tokenInfo["app_version"] == "4.11.13.14060.DF") ||
|
||||
($tokenInfo["app_version"] == "4.0.0.9176.FREE") ||
|
||||
($tokenInfo["app_version"] == "Mod V5") ||
|
||||
($tokenInfo["app_version"] == "Modded By Agoez Clemod") ||
|
||||
($tokenInfo["app_version"] == "4.0.0.9176.FREE") && ($tokenInfo["app_name"] == "com.nextreaming.nexeditorui.KineMasterApplication") ||
|
||||
($tokenInfo["app_version"] == "4.12.1.14940.GP.FONT") && ($tokenInfo["app_name"] == "com.nextreaming.nexeditorui.KineMasterApplication") ||
|
||||
($tokenInfo["app_version"] == "4.12.3.15162.GP") && ($tokenInfo["app_name"] == "com.nextreaming.nexeditorui.KineMasterApplication") ||
|
||||
($tokenInfo["app_version"] == "4.12.3.15162.GP") && ($tokenInfo["app_name"] == "巧影") ||
|
||||
($tokenInfo["app_version"] == "4.12.1.14940.GP") && ($tokenInfo["app_name"] == "com.nextreaming.nexeditorui.KineMasterApplication") ||
|
||||
($tokenInfo["app_version"] == "4.12.1.14940.GP") && ($tokenInfo["app_name"] == "巧影") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.GP") && ($tokenInfo["app_name"] == "KineMaster Pro Mod [AmanZz]") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.GP") && ($tokenInfo["app_name"] == "KineMaster Indonesia") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.GP") && ($tokenInfo["app_name"] == "KineMaster Geeky Boy") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.GP") && ($tokenInfo["app_name"] == "KineMaster Font Mod") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.GP") && ($tokenInfo["app_name"] == "KineMaster Mathavan pro") ||
|
||||
($tokenInfo["app_version"] == "4.11.16.14368.GP") && ($tokenInfo["app_name"] == "KM Premiere Pro CS6") ||
|
||||
($tokenInfo["app_version"] == "4.11.16.14368.GP") && ($tokenInfo["app_name"] == "KM Master Diamond") ||
|
||||
($tokenInfo["app_version"] == "4.11.16.14370.XP") && ($tokenInfo["app_name"] == "KM X-Pro") ||
|
||||
($tokenInfo["app_version"] == "4.11.16.14370.XP") && ($tokenInfo["app_name"] == "TAMIL SARAN BGM") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.CZ") && ($tokenInfo["app_name"] == "KineMaster Pro") ||
|
||||
($tokenInfo["app_version"] == "4.11.15.14242.CZ") && ($tokenInfo["app_name"] == "KineMaster LOGO")
|
||||
){
|
||||
new CustomView(FORBIDDEN);
|
||||
}else{
|
||||
$this->application_id = $tokenInfo["application"];
|
||||
$this->edition_id = $tokenInfo["edition"];
|
||||
$this->access_token = $this->_request->parameters["access_token"];
|
||||
$this->client_idx = $tokenInfo["client_idx"];
|
||||
$this->scope = $tokenInfo["scope"];
|
||||
$this->env = $this->_request->parameters["env"];
|
||||
}
|
||||
}else{
|
||||
new CustomView(INVALID_LICENSE);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
The API function in the code above doesn't return any specific error message to modded clients, just returning a `403 Forbidden` status code instead, which might make it a bit less obvious to clients that they've been detected.
|
||||
|
||||
There's definitely more elegant ways to go about implementing a check like this than a list of 20 hardcoded mods. A more ideal implementation of this logic would probably check against a list of apps maintained in a database or another easily updated location. Why both version and name has to match for the clearly modded app names is also a mystery to me, but hey, if it works, it works.
|
||||
|
||||
The source code dump I have doesn't provide full context for the rest of the market authentication logic, but it seems fairly trivial to reverse engineer, with a lot of the authentication logic being based on known values, so I'm not surprised some mods seemingly found a way to fake a license to attempt to authenticate to the market.
|
||||
BIN
src/static/img/posts/kinemaster-drm/cover.jpg
Normal file
BIN
src/static/img/posts/kinemaster-drm/cover.jpg
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 246 KiB |
Loading…
Reference in a new issue