Radio TV Stage Test Wowza Backdoor

Background info, not necessary for testing:
We discovered an unfortunate backdoor in the wowza plugin. The problem goes as follows When summa requests to play a file, they send two parameters

  1. rmtp://iapetus/doms?skldfhskdfhdskjhfgskd
  2. flv:filename.flv

Now, the doms plugins decode the right filename from 1, but if the doms plugin is not on the classpath, the execution just contiues onto the flvplayer. The flv player just reads the value of 2, and attempts to play it. If it is configured to request files from the correct folder, it will play. The simple workaround is to have the wowza config point to a wrong folder (so that flvplayer cannot play on it's own) but to have the domsplugins be able to decode the correct location of the video file. Thus, the video should not be played unless the domsplugin is actually run.

Test no backdoor for doms plugin

  1. Find a shard pid of a recording that has already been trancoded.
  2. Open a simple-flash-player (that came with Wowza).

  3. POST http://alhena:7980/authchecker/issueTicket?username=172.18.243.211&url=http://www.statsbiblioteket.dk/doms/shard/uuid:f39fa734-f78b-412a-aa81-23e08e18e1af 

  4. Enter in the simple-flash-player (first field) : rmtp://iapetus:<PORTNUMBER>/doms?shard=http://www.statsbiblioteket.dk/doms/shard/<INSERT_UUID_HERE>&ticket=<INSERT_TICKET_HERE>

  5. Enter in the simple-flash-player (second field) : flv:<INSERT_UUID_HERE>.flv

  6. Verify that the video is played.

  7. Go into the services/doms_wowza_vhost folder of iapetus

  8. mv applications/lib .

  9. Restart wowza

Now

  1. Open a simple-flash-player (that came with Wowza).

  2. POST http://alhena:7980/authchecker/issueTicket?username=172.18.243.211&url=http://www.statsbiblioteket.dk/doms/shard/uuid:f39fa734-f78b-412a-aa81-23e08e18e1af 

  3. Enter in the simple-flash-player (first field) : rmtp://iapetus:<PORTNUMBER>/doms?shard=http://www.statsbiblioteket.dk/doms/shard/<INSERT_UUID_HERE>&ticket=<INSERT_TICKET_HERE>

  4. Enter in the simple-flash-player (second field) : flv:<INSERT_UUID_HERE>.flv

  5. You should get "unable to find stream" error or something similar.

Clean up

  1. Go into the services/doms_wowza_vhost folder of iapetus

  2. mv lib applications/

  3. Restart wowza

Test no backdoor for domslive plugin

  1. Find a shard pid of a recording that has already been trancoded.
  2. Open a simple-flash-player (that came with Wowza).

  3. POST http://alhena:7980/authchecker/issueTicket?username=172.18.243.211&url=http://www.statsbiblioteket.dk/doms/shard/uuid:f39fa734-f78b-412a-aa81-23e08e18e1af 

  4. Enter in the simple-flash-player (first field) : rmtp://iapetus:<PORTNUMBER>/domslive?shard=http://www.statsbiblioteket.dk/doms/shard/<INSERT_UUID_HERE>&ticket=<INSERT_TICKET_HERE>

  5. Enter in the simple-flash-player (second field) : <INSERT_HERE_THE_MD5_SUM_OF_THE_TICKET>.stream (generate md5 sum from some page found thru google)

  6. Verify that the video is played.

  7. Go into the services/doms_wowza_vhost folder of iapetus

  8. mv applications/lib .

  9. Restart wowza

Now

  1. Open a simple-flash-player (that came with Wowza).

  2. POST http://alhena:7980/authchecker/issueTicket?username=172.18.243.211&url=http://www.statsbiblioteket.dk/doms/shard/uuid:f39fa734-f78b-412a-aa81-23e08e18e1af 

  3. Enter in the simple-flash-player (first field) : rmtp://iapetus:<PORTNUMBER>/domslive?shard=http://www.statsbiblioteket.dk/doms/shard/<INSERT_UUID_HERE>&ticket=<INSERT_TICKET_HERE>

  4. Enter in the simple-flash-player (second field) : <INSERT_HERE_THE_MD5_SUM_OF_THE_TICKET>.stream (generate md5 sum from some page found thru google)

  5. You should get "unable to find stream" error or something similar.

Clean up

  1. Go into the services/doms_wowza_vhost folder of iapetus

  2. mv lib applications/

  3. Restart wowza

RadioTVStageTestWowzaBackdoor (last edited 2011-02-04 12:29:22 by jrg)