I think I found a way to get DRM keys

[PM_ME_YOUR_TATAS]

Hey guys, so as the title states, this is a method in which we can possibly obtain DRM keys from NAND (UFS 2.1). This of course will be pulled off with a locked bootloader.

Here's the method:

1. Extract NAND from Xperia XZ Premium (or any DRM-locked phone) via desoldering.
2. Use a NAND chip reader to dump the contents of the NAND chip.
3. Analyse contents and find DRM keys.

We'll be requiring the following:

1. A donor phone (or a spare NAND)
2. NAND chip reader

But there are some obstacles:

1. FDE is enabled by default, we'll need to find a way to decrypt the data

What are your thoughts guys, is this even possible?

 

[dhonzik]

Hmm, interesting idea, but according my understanding it will not work because each DRM key is slightly different. What you need is to find the location of the DRM key in the NAND so it can be backup some way

 

[thipok17]

Wow good idea! .but if we can make universal drm key? Its possible ?

 

[Mackay53]

Wow good idea! .but if we can make universal drm key? Its possible ?

No

 

[Beetle84]

Hey guys, so as the title states, this is a method in which we can possibly obtain DRM keys from NAND (UFS 2.1). This of course will be pulled off with a locked bootloader.

Here's the method:

1. Extract NAND from Xperia XZ Premium (or any DRM-locked phone) via desoldering.
2. Use a NAND chip reader to dump the contents of the NAND chip.
3. Analyse contents and find DRM keys.

We'll be requiring the following:

1. A donor phone (or a spare NAND)
2. NAND chip reader

But there are some obstacles:

1. FDE is enabled by default, we'll need to find a way to decrypt the data

What are your thoughts guys, is this even possible?

Anythings possible, but this is probably impossible for 99.99% of users. As someone said above, TA keys are device specific. If you flashed my TA backup to your handset, you would have a pretty paperweight.