So pals, here we are..
Here is the code (dirty, yes really), of the proof of concept client that interacts with the Skype network (hope you read Skype Reverse Engineering : The (long) journey or at least Skype Reverse Engineering : Genesis and gave a look to Skype Protocol Reverse Engineered (Video)).
- FakeSkype.zip: The client
Microsoft Visual Studio 2008 Solution Bundle. Don’t forget to set absolute paths of the .\FakeSkype\includes and .\FakeSkye\libs\openssl as additional directories in project settings before compiling.
- SkypeKeyServer.zip : Skype RC4 Seed To Key Server (cf Skype Reverse Engineering : The (long) journey)
99,9% of Skype transmissions are RC4 encrypted, with a 128 bits key generated from a seed, seed that is calculated from environmental parameters like Public Ip adress etc.. The mechanism that generate the key from the seed is smartly obfuscated, protected with intentionally provoked exception as code branchements. Then i decided to run trough this by writting a little soft, running in server mode, that read seeds in entry, inject seed in a skype process, and get back the 128 bit key from the skype process, and send it to the key requester.You can run this in a virtual machine or a windows server. All you have to do is to launch the Skype v2.5 client (install version from SkypeSetup.zip) and then launch the SkypeKeyServer.exe. Now that the server is running, you have to set it up in the code, by changing the line 5 of the Cipher.cpp file :
#define KEY_SERV_ADDR “192.168…”
Just replace the IP Address by the one of your server and you are ready.
- Available on GitHub
Update : It seems like the protocol changed a little since the time ! Causing the FakeSkype client to fail on SuperNode Scan.. I’m currently trying to figure out what changed. Stay tuned !!