denvit | 14 points
Hello everyone,
I've noticed the new trend of encrypting Mega Links, which is cool to be honest.
I'm just having some problems with them since I don't have a Windows machine, and apparently the source code is missing part of the encryption password (ENC_XOR array, for whom may be interested).
Has anyone found a way to crack the password / decrpyt the links in order to use them in a Linux / Mac OS environment?
Have a wondeful day you all, and thanks to the uploaders :)
[-] douhaveanygreypoupon | 1 points
Private Shared ENC_XOR As Byte() = New Byte() {-} ' REMOVED FROM SOURCE CODE, SORRY
Is it possible this was left out of the source code intentionally to prevent reverse engineering/decrypting the real link?
I haven't seen anyone besides myself use MD Encrypted links - but make sure to include a "public" folder/key because I'm aware not even can or wants to use MegaDownloader.
Yes indeed, that's why I posted this.
Yeah, I saw that you include a public folder link too, but was looking for a possible solution to this, so we can all switch to encrypted links :P
[-] douhaveanygreypoupon | 1 points
You're probably out of luck in this case, I don't think MD is even actively developed anymore.
I've seen jDownloader mentioned here a few times - it might be worth submitting a feature request to allow jD to make its own mega encrypted links. It's a long shot, the encrypt option for MD is very specific in terms of its audience.
[-] Cartmanishere | 1 points
For anyone wondering: I've created megadecrypter, it should work on any platform (you have to compile it btw)
[-] cheztir | 2 points | Feb 16 2017 22:27:14
I was able to pull the ENC_XOR byte array (unpack it and run through .net reflector).
I'll see if I have some time later and I could whip up a command line utility that just decrypts the URLs.
permalink
[-] denvit | 2 points | Feb 17 2017 16:30:38
Done it: megadecrypter
permalink
[-] cheztir | 1 points | Feb 17 2017 17:07:58
Looks good man. I couldn't get openssl to cooperate to save my life when I was trying to test the concept.
permalink
[-] denvit | 1 points | Feb 16 2017 23:54:14
Thank you! I'll write a Crystal app to decrypt the links <3
permalink
[-] douhaveanygreypoupon | 1 points | Feb 17 2017 00:02:22
So you'll be able to go from mega://enc(blah into mega://#!F22KSJ2!DSSDK?
If this is the case please bear in mind these links are intentionally encrypted because we
permalink
[-] cheztir | 2 points | Feb 17 2017 00:22:34
It doesn't change anything about the public visibility, MegaDownloader isn't some hidden/private tool and it's using the same encryption for every link.
The only difference is now those on other platforms besides Windows (or using a different download client) can use the encrypted links.
permalink
[-] denvit | 1 points | Feb 17 2017 02:38:38
I don't know if its me, but apparently the exe is not decompilable by any software, including .NET Reflector. I'm using Windows 10 with .NET Reflector 9.0.1.374
permalink
[-] cheztir | 2 points | Feb 17 2017 02:54:19
I should've explained a bit more with my first post. The binary release of MegaDownloader is packed, compressed, and sort of obfuscated by a tool called mpress so most tools are very confused by this. .Net Reflector at least sees the mpress routines used for the lzma compression and bootstrapping.
To see the disassembled/reflected .NET code you'll have to unpack the binary first. I used a tool called de4dot to unpack the binary then load it into Reflector. From there it was just a matter of finding the constructor for the class and pulling the value. Hope this helps.
I'm curious to examine the unpacked code and check if there are any other differences between the source and binary versions.
permalink
[-] denvit | 1 points | Feb 17 2017 03:51:46
Makes sense. I thought at first that by "unpack" you meant "Install it, don't analyze the installer" :D
permalink