So pals, here we are..
Here is the code (dirty, yes really), of the proof of concept client that interacts with the Skype network (hope you read Skype Reverse Engineering : The (long) journey or at least Skype Reverse Engineering : Genesis and gave a look to Skype Protocol Reverse Engineered (Video)).
- FakeSkype.zip: The clientMicrosoft Visual Studio 2008 Solution Bundle. Don’t forget to set absolute paths of the .\FakeSkype\includes and .\FakeSkye\libs\openssl as additional directories in project settings before compiling.
- SkypeKeyServer.zip : Skype RC4 Seed To Key Server (cf Skype Reverse Engineering : The (long) journey)99,9% of Skype transmissions are RC4 encrypted, with a 128 bits key generated from a seed, seed that is calculated from environmental parameters like Public Ip adress etc.. The mechanism that generate the key from the seed is smartly obfuscated, protected with intentionally provoked exception as code branchements. Then i decided to run trough this by writting a little soft, running in server mode, that read seeds in entry, inject seed in a skype process, and get back the 128 bit key from the skype process, and send it to the key requester.You can run this in a virtual machine or a windows server. All you have to do is to launch the Skype v2.5 client (install version from SkypeSetup.zip) and then launch the SkypeKeyServer.exe. Now that the server is running, you have to set it up in the code, by changing the line 5 of the Cipher.cpp file :#define KEY_SERV_ADDR “192.168…”
Just replace the IP Address by the one of your server and you are ready.
- Available on GitHub
Update I : It seems like the protocol changed a little since the time 🙂 ! Causing the FakeSkype client to fail on SuperNode Scan.. I’m currently trying to figure out what changed. Stay tuned 🙂 !!
Update II : The excellent Efim Bushmanov, worked that out and delivered a fix. https://github.com/skypeopensource/fakeskype
Just. Great! I wanna hear more about this soon, please! 🙂
Any updates on fixing for the SuperNode scan? I’d love to turn your code into a libpurple plugin 🙂
Oh when can we expect and update?
There must be wrong with FakeSkype.zip.Because no function call to functions BuildHeader2Send,BuildBody2Send BuildUIC2Send in ChatManager.cpp. Could you update it? Thx
Hey, i think every thing is alright with the zip. Did u managed to compile ?
yes,but in your video the words ‘oj.med.says:Message Recu : )’ and ‘Sending Body oj.med.says:Message Recu : )’ should print in function of BuildHeader2Send,BuildBody2Send in ChatManager.cpp and the fact is BuildHeader2Send and BuildBody2Send are not called by any function. I don’t know why. can you explain it?
and do you know the data structures for voice,video call or file transfer? Are they all stored in OBJECT like chat?
hey, the exchange rc4 key mechanism between sc and sn seem to have been changed since skype 3.0. Do you know this change now? Look forword to your update!
please give a replay. Thx!
give me a reply!
I don’t think it’s changed @version 3.0 because it was still working with Skype 4.0.
Anyway i didn’t got back to the topic yet, but i’ll be glade if you keep me up to date if you find something.
Did you gave a look with oSpy as described in the long journey post ?
When call RequestHashListDetails() on EventContacts the connection is always reset by Event Server though Event Server Authentification is Successful.Do you know why?I need your help. Thx!
Humm.. You managed to go over the SuperNode scanning ?
Is this still working? (on skype version 7.0.85) or is it completely irrelevant?
If u use the Update II method, it should work
If you use the Update II method, it works
Very good article..
I wonder whether this is still working or not…
Can u give me answer about this?