We identify Skype users by intercepted HTTP traffic

Greetings,% username%!

The guys from VEST (the same ones that hacked the Skype obfuscation algorithm) suggest identifying the http traffic of Skype users according to the following scheme:

Skype, when running, climbs a new version and does it like this:

Connects to ui.skype.com
Performs a query of the form GET /ui/0/4.2.0.169./en/getlatestversion?ver=4.2.0.169&uhash=1 c1cda2a959fc2926d25b5a852fc6468c , where c1cda2a959fc2926d25b5a852fc6468c (without the first cda2a959fc2926d25b5a852fc6468c (without first cda2a959fc2926d25b5a852fc6468c (where the first cda2a959fc2926d25b5a852fc6468c (with the first cda2a959fc2926d25b5a852fc6468c

')
Thus, if I break into checking the new version, then I will go to url

http://ui.skype.com/ui/0/4.2.0.169./en/getlatestversion?ver=4.2.0.169&uhash=139913753c2af23ce2a42767cfdc55f79

Of course, we don’t find out the user name from MD5, but it’s not difficult to compile a list of popular nicknames to interested parties. You can also use this hash as a universal user ID. Goodbye anonymity, in general.

Source: https://habr.com/ru/post/103446/

All Articles

We identify Skype users by intercepted HTTP traffic

More articles: