页面

2012年7月17日星期二

skype 更改网络结构 黑客怀疑其可能增加窃听功能

Duan Lian ‏@chemhack
大家千万别用skype约炮 RT @after1990s: 快讯:skype源码泄漏,被确认内含后门。 http://www.freebuf.com/news/5002.html
12年 7月17日, 15:56

报道说的是微软购买 Skype 改变了网络结构,将用户自治的超级节点作为中继节点的方式取消,改为采用微软自己控制的服务器,如果没有充分的技术理由,技术专家认为很可能是为了便于窃 听通信。这是潜在风险,而不是已经证明的窃听行为。

但如果按照这一标准,采用集中服务器的 GTalk, MSN Messenger 等是比目前的 Skype 更便于窃听的。要防范窃听还是需要端到端的外挂加密软件,如 www.secway.fr 的 Simp LIte,开源的即时通软件 Pidgin 加上 OTR 扩展。

参考这 条报道中的一条评论,

Vince D Lopez says:
May 1, 2012 at 7:47 am
Problem-reaction-solution, the Hegelian dialect.

Microsoft tells us there is an inherent privacy problem with all Peer-to-peer software, the reaction is outrage or fear, the solution they will propose is to transit all the conversations via their servers, thus making the CISPA infinitely more effective.

看起来也许微软修改Skype超节点结构,变成经过自己的服务器传递,可能是为了解决任何人都可以查询任何用户的IP地址这个隐私漏洞。如果是这 样,就是那些黑客误解了微软动机。


http://www.freebuf.com/news/5002.html
skype源代码泄露(附下载地址) 匿名用户 @ 资讯 2012-07-17 共 613 人围观 国外媒体7月17日最新消息,skype源代码网上被公布,黑客声明:
AFTER MICROSOFT ACQUIRING SKYPE FOR 8.5 BILLION DOLLARS AND PROCEEDING TO ADD BACK DOORS FOR GOVERNMENT TO THE PROGRAM, THE SOFTWARE HAS BEEN HACKED AND IT'S SOURCE CODE RELEASED下载地址:Skype1.4_binaries
http://thepiratebay.se/torrent/6442887 SkypeKit_sdk+runtimes_370_412.zip
skypekit binaries for Windows and x86_Linux + SDK
http://thepiratebay.se/torrent/7190651/ skype55_59_deobfuscated_binaries (Windows)
http://thepiratebay.se/torrent/7238404/ 更多细节: http://skype-open-source.blogspot.ch/ 相关阅读: Skype 是一家全球性互联网电话公司™,它通过在全世界范围内向客户提供免费的高质量通话服务,正在逐渐改变电信业。Skype是网络即时语音沟通工具。具备IM 所需的其他功能,比如视频聊天、多人语音会议、多人聊天、传送文件、文字聊天等功能。它可以免费高清晰与其他用户语音对话,也可以拨打国内国际电 话,无论固定电话、手机、小灵通均可直接拨打,并且可以实现呼叫转移、短信发送等功能。2011年5月11日,微软宣布以85亿美元收购 Skype。


http://skype-open-source.blogspot.ch/

Friday, 4 May 2012

Microsoft changes skype supernodes architecture to support wiretapping

Two months ago, Skype replaces user-hosted P2P supernodes with Linux grsec boxes hosted by Microsoft, but for what? 

I found some brilliant and valuable comment about this:
I think wiretapping is one of the big reasons for the rearchitecture. Skype officially claimed they could not comply with wiretapping requests because of the P2P network as late as 2008 (http://news.cnet.com/8301-13578_3-9963028-38.html), and Microsoft was already working on wiretapping VoIP in 2009 (http://blog.tmcnet.com/blog/tom-keating/microsoft-patents-voip-and-skype-wiretapping.asp).
via Hacker News

Answer is: WIRETAPPING

So, think twice.

P.S. M$ talking, that "supernodes don't transit voice traffic" - this is bullshit. They do. In case, where you both behind NAT or in case of authority curiosity.

P.S2. Especially, for Kostya Kortchinsky at post. 
Relay nodes take care of those if you can't communicate directly with the other end. There is a mutual exclusivity in that a node can't be a relay and a supernode at the same time.
Can he prove it? No. But, I can. This code, which I wrote in past, will allow for your traffic to flow via supernode(and also relay node): skyrel.c skypush.c

How to deal with AES keys? Not big problem, if you have Skype RSA CA(certificate of authority) private key, which skype/microsoft obviously have.

So, forget about security and anonymity in microsoft-skype.

Thursday, 26 April 2012

Skype User IP-address Disclosure

Hello,

Some anonymous user made a comment with a link to an interesting text. I tested this stuff and it really works.


Skype user IP-address disclosure

1. Download this patched version of Skype 5.5:
http://skype-open-source.blogspot.com/2012/03/skype55-deobfuscated-version-released.html

2. Turn on debug-log file creation via adding a few registry keys. 
https://github.com/skypeopensource/skypeopensource/wiki/skype-3.x-4.x-5.x-enable-logging

3. Make "add a Skype contact" action, but do not send add request, just click on the user to view his vcard.

4. Have a look at the log file to find the desired skypename.
The record will be like this for real user ip: -r195.100.213.25:31101 
And like this for user internal network card ip: -l172.10.5.17 

21:16:45.818 | T#3668 PresenceManager: | noticing skypetestuser1 0x3e54a539a91a19fc-s-s65.55.223.23:40013-r195.100.213.25:31101-l172 .10.5.17:22960 23d23109 82f328ff

5. Catch that skype user via whois service.
http://nic.ru/whois/?query=195.100.213.25 

The mentioned steps will help you to get the following information about a skype user: City, Country, Internet provider and internal user ip-address. 
Now, you can troll him about CIA and Mossad, he-he.


Orginal link:
Skype user IP-address disclosure
http://pastebin.com/rBu4jDm8

Sunday, 25 March 2012

skype55 deobfuscated version released

Hello, everyone!

We got deobfuscated skype v5.5!!!

I can't belive in this. But its fucking true. Great thanks and congratulations going to Vilko.

Some words from Vilko about his skype5 research:

Skype version 5.5 is a hybrid of GUI on delphi and embedded dll with skype "kernel". This kernel is fully independent structure in binary code - code block, data block, imports. And it was built with use of VC compiler(exists VC lib signatures).

This kernel has not contain any reference to external code/data in delphi part. And only entry point block xrefs on kernel from delphi GUI. It can be saved as independent binary code with dll-header, and that kernel will work, i tested this.


You can download it here:
(DMCA takedown arrived, so check download link in comments)

Skype-open-source project still alive!

P.S. We open jabber conference for all who interested in skype reversing. Feel free to join on: skypeopensource@conference.jabber.ru


没有评论: