from __future__ import * 29.2.2004

2004-02-29

DAAP Authentication Reverse Engineered

This is only related to Python in that I have an unreleased DAAP client/server that I put on hold because Apple had created an authentication protocol. It's currently Twisted based, and I may or may not be releasing it in the near future.

The client authentication protocol has finally been reverse engineered by David Hammerton. Apparently, it's MD5 based, and uses the URL, "Copyright 2003 Apple Computer, Inc." (does this remind anyone else of IBM, or what?), as well as the hex digest of a hash generated from various strings that would be in iTunes for other reasons (HTTP headers, DAAP content codes, etc).

The reverse engineered algorithm stores a 256 entry table of precalculated digests, but only uses one of them in particular, so it sure looks like he's taken a debugger to iTunes. This is interesting to note because it isn't even normally possible, as gdb crashes if you try and attach to it. It's highly likely that this was a deliberate measure by Apple to protect their FairPlay DRM and iTunes Music Store, but obviously isn't enough to stop a determined college student with plenty of reverse engineering experience under his belt.

Update: I shouldn't wake and post. Of course he doesn't have the iTunes-debugging problem, because HE DOESN'T USE A MAC. Duh. Hell, he probably runs iTunes for Windows under some flavor of Wine (he works on the commerical fork).

posted at 10:34:24    #    comment []    trackback []
February
MoTuWeThFrSaSu
       1
2 3 4 5 6 7 8
9101112131415
16171819202122
23242526272829
Jan Mar

Bob's Rants

XML-Image Letterimage

© 2004, Bob Ippolito