How to save this rtmp flash video stream?

claws picture claws · Jan 26, 2011 · Viewed 18.6k times · Source

My sister wanted me to save http://esewingworkshop.com/video-lesson/overview-zipper-types flash video & couple more for offline viewing purposes and asked me how to save it.

I immediately fired firebug in firefox but surprisingly the video source is not in the requests. http://hwcdn.net/m7n9i8d5/fms/videos/5_Standard_Zipper/B_Overview_of_Zipper_Types.flv.smil is the last request that is being made. response being:

<smil>
<head>
<meta base="rtmp://fms006.lo1.hwcdn.net/m7n9i8d5/_definst_">
</head>
<body>
<video
src="fms/videos/5_Standard_Zipper/B_Overview_of_Zipper_Types?doppl=965d6485db1d06d2&dopsig=867922856d781b57521a1dd3f7c28c5b"></video>
</body>
</smil>

So, I its using rtmp streaming protocol. I tried to figure out the source of this stream. I used "wireshark" and analysed the traffic and followed the TCP stream

POST http://fms006.lo1.hwcdn.net/fcs/ident2 HTTP/1.1
Content-Type: application/x-fcs
User-Agent: Shockwave Flash
Host: fms035.lo1.hwcdn.net
Content-Length: 1
Proxy-Connection: Keep-Alive
Pragma: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 14
Server: FlashCom/3.5.5
Content-Type: text/plain

209.197.11.150POST http://209.197.11.219/open/1 HTTP/1.1
Content-Type: application/x-fcs
User-Agent: Shockwave Flash
Host: 209.197.11.219
Content-Length: 1
Proxy-Connection: Keep-Alive
Pragma: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 17
Server: FlashCom/3.5.5
Content-Type: application/x-fcs

Wubmcmj7Q1T-6Tic
POST http://209.197.11.219/idle/Wubmcmj7Q1T-6Tic/0 HTTP/1.1
Content-Type: application/x-fcs
User-Agent: Shockwave Flash
Host: 209.197.11.219
Content-Length: 1
Proxy-Connection: Keep-Alive
Pragma: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1
Server: FlashCom/3.5.5
Content-Type: application/x-fcs

POST http://209.197.11.219/send/Wubmcmj7Q1T-6Tic/1 HTTP/1.1
Content-Type: application/x-fcs
User-Agent: Shockwave Flash
Host: 209.197.11.219
Content-Length: 1537
Proxy-Connection: Keep-Alive
Pragma: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 3074
Server: FlashCom/3.5.5
Content-Type: application/x-fcs

and these are HTTP POST requests made by shockwave flash player (plugin-containter.exe) in order

http://fms006.lo1.hwcdn.net/fcs/ident2
http://209.197.11.150/open/1
http://209.197.11.150/idle/2BZmcmj6mhTWexFa/0
http://209.197.11.150/send/2BZmcmj6mhTWexFa/1
http://209.197.11.150/send/2BZmcmj6mhTWexFa/2
http://209.197.11.150/idle/2BZmcmj6mhTWexFa/3
http://209.197.11.150/send/2BZmcmj6mhTWexFa/4
http://209.197.11.150/send/2BZmcmj6mhTWexFa/5
http://209.197.11.150/idle/2BZmcmj6mhTWexFa/6
_this continues till /407..._

I don't get it. I'm little confused about how exactly this communication is taking place? I'm unable to find the video source. As far as I understood, from the SMIL request (browser made it) its getting the server address and then shockwaveplayer is taking over the communication and responses to these HTTP POST requests are the video in chunks.

But how & where is it identifying which video it wants? Where is RTMP? what is the url? How can I download it?

Answer

kaliatech picture kaliatech · Jan 26, 2011

I don't see how this a programming related question, but here goes:

  • How/Where?

    In the SMIL file, you see base and the video source. So full URL (probably protected):

    rtmp://fms006.lo1.hwcdn.net/m7n9i8d5/_definst_fms/videos/5_Standard_Zipper/B_Overview_of_Zipper_Types?doppl=965d6485db1d06d2&dopsig=867922856d781b57521a1dd3f7c28c5b

  • Where is RTMP?

    Not sure what you are asking. The SMIL explicitly references the RTMP stream URL.

  • How to Download?

    Best way would probably be to try using any number of 3rd party tools that are able to capture HTTP/RTMP streams via various mechanisms.

Not that you were asking (and not that this really was a programming related question), but many sites will frown upon downloading their content without permission.