download videos protected with widevine DRM

widevine-decryption.md

Downloading Widevine content

Specifically from Rakuten TV (live.tv.rakuten.co.jp)

FMI: https://cdm-project.com/How-To/ & https://old.reddit.com/r/Piracy/comments/y30ffr/

Setup

1. Install Tampermonkey: https://www.tampermonkey.net/
2. Install yt-dlp: https://github.com/yt-dlp/yt-dlp#installation
3. Install ffmpeg: https://ffmpeg.org/download.html
4. Download Bento4: https://www.bento4.com/downloads/
5. Have a proxy/VPN if you're not in Japan since stuff is geolocked

Getting your decryption key

Get PSSH

1. Install this userscript: https://greasyfork.org/en/scripts/373903-eme-logger
2. Search browser JS Console for MediaKeySession::generateRequest, then press play on the video and look under "Init Data"
3. Get something like AAAAMnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAXXXXXXXXFtoyTEzFOZDD4T9lmTiI=

Get License URL

1. After doing the above, go to your browser developer tools' Network tab and search for Widevine
2. Right click > Copy > Copy link address
3. Get something like https://azcp001.keydelivery.japaneast.media.azure.net/Widevine/?kid=e0c5b68c-9313-314e-6430-f8XXXXXXXX22

Get headers

1. Left click on the Widevine entry from the above steps, under the "Headers tab" scroll down to "Request Headers"
2. Copy the following lines & do some manual formatting, get something like:

Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,ja-JP;q=0.8,ja;q=0.7
Authorization: blahblah
Cache-Control: no-cache
Content-Length: "blahblah"
Origin: https://live.tv.rakuten.co.jp
Pragma: no-cache
Referer: https://live.tv.rakuten.co.jp/
User-Agent: blahblah

Getting the key

1. Open https://cdrm-project.com/
2. Input the results from the previous steps and press "Send"
3. Hopefully see the "SUCCESS" message along with a key that looks like e0c5b68c93133XXXXXXXX84fd9664e22:499047f36b770957XXXXXXXX9dfc4033

Downloading the encrypted files

2. In the developer console Network tab, search for mpd
3. Find something that starts with Manifest, right click and copy the URL, e.g. https://azclwds01.akamaized.net/9dc3547a-ede5-4aed-841f-5cXXXXXXXX0f/tXyKyP_tab_hd.ism/Manifest(format=mpd-time-csf,encryption=cenc,filter=pc_hd_001)
4. Run the Terminal command: yt-dlp --allow-unplayable [url]
5. Get two files, an .mp4 and an .m4a

Decrypting & merging the files

1. In Bento4's bin/ folder, find the mp4decrypt command line utility
2. Navigate to this folder in your Terminal and run mp4decrypt --key [yourkey] /path/to/corrupted.file /path/to/fixed.file on both files
3. Run ffmpeg -i fixedvideo.mp4 -i fixedaudio.m4a -c:v copy -c:a copy output.mp4
4. The end

When i do it with no headers i got these message

Why did my request fail?
Your request for decryption keys may fail with a NetworkError or an HTTP Error (click on the Pywidevine logs button for details), and check your browser’s Javascript console for further information. The most likely reason for this is that the license server is checking for specific authorization information in the headers of the request (for instance, X-AxDRM-Message headers for servers using the standard Axinom license software). Play the content in your web browser, check the details of the request made to the license server in your browser’s Web Developer tools, and make sure the same information is included in the Headers field above, formatted as a Python dict.

Limitations
Some DRM license servers require specific information as a “payload” (body) of the POST request made to the license server, in addition to or instead of specific HTTP headers. This tool doesn’t currently support sending a POST payload body.

About
How does this tool work? It uses the Pywidevine library which provides a Python implementation of the Widevine Content Decryption Module (CDM). This module (normally implemented in obfuscated software that runs in your web browser, or on specially protected hardware on your CPU or GPU) is responsible for making requests to the server that provides the licenses (the decryption keys) for playing media “protected” by DRM. The pywidevine library is compiled to WASM using the excellent Pyodide tool so that it can run fully inside your web browser (there is no server backend for this software).

Privacy: this software is running fully inside your web browser. All the content is kindly hosted by GitHub pages (please note their privacy policy). We don’t log visits (no web analytics, no cookies), but GitHub pages provides anonymized web traffic graphs.

Hey, I'd love to use this, but this guide is all gibberish to me. I'm trying to find a way to download videos from The Criterion Channel, and this guide is the only clue I have as to how to do so.

Hi, Nice meeting you. I can maybe help, but you have to have an account on this site. I dont have one so…. Van: alexmarom11 ***@***.***> Verzonden: vrijdag 10 april 2026 14:57 Aan: alexmarom11 ***@***.***> CC: Comment ***@***.***> Onderwerp: Re: frozenpandaman/widevine-decryption.md @alexmarom11 commented on this gist.

…

_____ Hey, I'd love to use this, but this guide is all gibberish to me. I'm trying to find a way to download videos from The Criterion Channel, and this guide is the only clue I have as to how to do so. — Reply to this email directly, view it on GitHub <https://gist.github.com/frozenpandaman/a91f4dc7b999499761f798fdd6da6129#gistcomment-6090900> or unsubscribe <https://github.com/notifications/unsubscribe-auth/ARLE56BZDE64IB46N6I34U34VDVTTBFHORZGSZ3HMVZKMY3SMVQXIZNMON2WE2TFMN2F65DZOBS2WR3JON2EG33NNVSW45FGORXXA2LDOOIYFJDUPFYGLJDHNFZXJJLWMFWHKZNJGEZDOMJZGM3DEN5KMF2HI4TJMJ2XIZLTSOBKK5TBNR2WLKJRGA4TSNZWG43TPJDOMFWWLKDBMN2G64S7NFSIFJLWMFWHKZNEORZHKZNENZQW2ZN3ORUHEZLBMRPXAYLSORUWG2LQMFXHIX3BMN2GS5TJOR4YFJLWMFWHKZNEM5UXG5FENZQW2ZNLORUHEZLBMRPXI6LQMU> . You are receiving this email because you commented on the thread. Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub> .

Hi, Nice meeting you. I can maybe help, but you have to have an account on this site. I dont have one so…. Van: alexmarom11 @.> Verzonden: vrijdag 10 april 2026 14:57 Aan: alexmarom11 @.> CC: Comment @.***> Onderwerp: Re: frozenpandaman/widevine-decryption.md @alexmarom11 commented on this gist.
…
_____ Hey, I'd love to use this, but this guide is all gibberish to me. I'm trying to find a way to download videos from The Criterion Channel, and this guide is the only clue I have as to how to do so. — Reply to this email directly, view it on GitHub https://gist.github.com/frozenpandaman/a91f4dc7b999499761f798fdd6da6129#gistcomment-6090900 or unsubscribe https://github.com/notifications/unsubscribe-auth/ARLE56BZDE64IB46N6I34U34VDVTTBFHORZGSZ3HMVZKMY3SMVQXIZNMON2WE2TFMN2F65DZOBS2WR3JON2EG33NNVSW45FGORXXA2LDOOIYFJDUPFYGLJDHNFZXJJLWMFWHKZNJGEZDOMJZGM3DEN5KMF2HI4TJMJ2XIZLTSOBKK5TBNR2WLKJRGA4TSNZWG43TPJDOMFWWLKDBMN2G64S7NFSIFJLWMFWHKZNEORZHKZNENZQW2ZN3ORUHEZLBMRPXAYLSORUWG2LQMFXHIX3BMN2GS5TJOR4YFJLWMFWHKZNEM5UXG5FENZQW2ZNLORUHEZLBMRPXI6LQMU . You are receiving this email because you commented on the thread. Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .

I have an account for The Criterion Channel

@frozenpandaman I was able to do so. Just change the “Headers” and search for “m3u8” (instead of mpd).

...::: PSSH (Init Data Type) :::...

Search (console): MediaKeySession::generateRequest Example: AAAAP3Bzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAAB8SEKfYZ9e5qkL1sIwuzT3T54UaBWV6ZHJtSOPclZsG

...::: License URL :::...

Search (Network tab): Widevine Example: https://widevine-dash.ezdrm.com/proxy?pX=97B7F0&token=b5c4e79ce6e5401386376d0260b2a62d

...::: Headers :::...

Only this (Python formatt): {'x-dt-auth-token': 'token',} Token (from "license url"): b5c4e79ce6e5401386376d0260b2a62d Example: {'x-dt-auth-token': 'b5c4e79ce6e5401386376d0260b2a62d',}

...::: Key :::...

Example: a7d867d7b9aa42f5b08c2ecd3dd3e785:83ddcbfbae399debe2114884b4ac5b08

...::: Encrypted files :::...

Search (Network tab): m3u8 Example: https://d3lz3061imcwu3.cloudfront.net/avod/Rakuten-TV-Japan-ANIM2-rakutenJP-all-avod/as_153831/as_153831.m3u8?ads.device_make=rchweb&ads.url=channel.rakuten.co.jp&ads.uuid=bfeee50f-0eca-52ee-86f8-8e0bd5cfbe2b&ads.uid_rch=bfeee50f-0eca-52ee-86f8-8e0bd5cfbe2b&ads.episode_id=200973&ads.refid=0

bro can new vdocipher protected video can be downloaded?

https://cdrm-project.com/ seems down. Is there an alternative?