Youtube is using cipher signature for some of the videos when the use_cipher_signature = true
in the dictionary returned through
http://www.youtube.com/get_video_info?&video_id=Video_Id
Example id: _JQH3G0cCtY
Ciphered signature is actually the scrambled signature which anybody can debug with few sets of working signatures. But Youtube keeps on changing the scrambling algo. I have seen few Youtube video downloader which are working smoothly without being affected through this changing game. I think they are checking the player and extracting the decode script from the player file and hence it keeps them going.
I need some help about the actual technique to use in this case. I am aware of 'youtube-dl' - a python program to download the videos. As I am not good in python, I think that they are using the same approach.
Also there is a user-script JS file available here: http://userscripts.org/scripts/show/25105 , which is doing the same thing.
Any help about the sane approach to decode the cipher code in PHP or JS will be appreciated.
Url structure and cipher code keeps on changing by Youtube. Presently, the best approach to decode the cipher signature is explained below:
Ciphered signature in Youtube are just 'scrambled' signature that you have to rearrange them according to the Algorithm present in the player file (HTML5 player or Flash player).
For example http://www.youtube.com/watch?v=UxxajLWwzqY
is presently using the following HTML5 player file : //s.ytimg.com/yts/jsbin/html5player-vfltdb6U3.js
in this file you can easily search for signature decipher code by searching for 'sig'. Here in this case the Algo is:
function bz(a) {
a = a.split("");
a = cz(a, 61);
a = cz(a, 5);
a = a.reverse();
a = a.slice(2);
a = cz(a, 69);
a = a.slice(2);
a = a.reverse();
return a.join("")
}
function cz(a, b) {
var c = a[0];
a[0] = a[b % a.length];
a[b] = c;
return a
};
Above is the deciphering code.
But be aware, it keeps on changing when they change the player file, so you have to keep a tap on the player file being used.
Also to download videos with cipher signature you have to take care of the sending the same cookies, using the same user-agent header, sending the request from the same IP address, and sending the request shortly after extraction. All these are or were required at some point
If interested in cipher decryption algo, please visit CipherAPI
Another cool API: TYstream API
Ye old s.ytimg.com/yts/jsbin/html5player-vfltdb6U3.js
is now 404 and the new URL i think looks a bit more like hxxps://s.ytimg.com/yts/jsbin/player-en_US-vfl_cdzrt/base.js
if you search the JavaScript you will find a bit of code that looks like this
function(a,b,c)
{
a=new Mr(a);
a.set("alr","yes");a.set("keepalive","yes");a.set("ratebypass","yes");a.set("mime",(0,window.encodeURIComponent)(b.mimeType.split(";")[0]));c&&a.set("signature",xr(c));return a},Jt=function(a,b){var c=Yr(b,"id"),c=c.replace(":",";");..............
}
The xr
function that the above code calls looks like this
xr=function(a)
{
a=a.split("");
wr.rF(a,54);
wr.fs(a,75);
wr.N0(a,1);
wr.rF(a,52);
wr.N0(a,3);
wr.fs(a,31);
wr.rF(a,16);
wr.fs(a,38);
return a.join("")
}
After that i start to get a bit lost with the javascript and could do with a bit of help myself but talking about this on the code project gets you in troube.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With