We identify Skype users with intercepted HTTP traffic

    Greetings,% username%!

    The guys from VEST (the same ones who cracked the Skype obfuscation algorithm) offer to identify the http traffic of Skype users according to the following scheme:

    Skype starts to check the new version at startup and does it as follows:
    • Connects to ui.skype.com
    • Executes the query type of the GET /ui/0/4.2.0.169./en/getlatestversion?ver=4.2.0.169&uhash=1 c1cda2a959fc2926d25b5a852fc6468c , where c1cda2a959fc2926d25b5a852fc6468c (without the first edinichki, all right) - this is the MD5 ( Skyper + username)


    Thus, if I rush to check the new version, I’ll go to url

    http://ui.skype.com/ui/0/4.2.0.169.en/getlatestversion?ver=4.2.0.169&uhash=139913753c2af23ce2a42767cfdc55f79

    Of course, we are the name of MD5 we don’t recognize the user, but making a list of popular nicknames to interested parties will not be difficult. And you can also use this hash as a universal user ID. Goodbye anonymity, in general.

    Also popular now: