Again, the disclosure of the IP-address of the interlocutor in Skype
Prepared a video demonstration of the possibility of disclosing the IP-address of the interlocutor via Skype.
UPD: a lot of questions on the topic of how this article differs from this one or this one .
I answer:
1. There it was only a call. I showed that in a certain situation, you can open it without a call, via chat.
2. There was only a theory. And here is a video demonstration.
')
It all started with reading this article here .
Quote from the article:
But no evidence of this was given. I was very interested. And I conducted the first preliminary tests .
After that, it was found that many people do not have enough knowledge about this situation, but with rush, are ready to brag about their dubious knowledge. Further comments on this topic to confirm. Someone thought that it was necessary to watch UDP sockets (although in the article the author used the cports program to view TCP connections). There were other opinions that it is possible to find out the IP address of the interlocutor only if he has a dedicated IP, and in the case of NAT, this is impossible . Still others said that only the supernod address could be identified , so the attacker’s author didn’t figure it out , etc.
Therefore, I decided to clarify the situation.
Spending more time testing, it turned out the following:
1. In some cases, the disclosure of the address of the interlocutor is possible when chatting with the interlocutor (data is transmitted to him directly via the TCP protocol). But not always. What is connected with is unclear. However, in all tests, when the interlocutor was in the same city, it was possible to detect its IP address in this way.
2. Disclosure of the address of the interlocutor is possible when communicating with him by voice (data is transmitted to him directly via the UDP protocol). The call can be made so that the other party does not have a call and he doesn’t recognize anything.
3. Using NAT scheme does not change. Those. You can detect the address directly of the router, which produces the subscription of the subscriber.
4. No Skype settings currently protect against this.
PS In the preliminary tests, I suffered a failure due to 2 factors:
1. TCP was monitored just when the address was not disclosed (the subscriber was geographically in another city).
2. netstat does not show the established connections for the UDP protocol, since in the case of using this protocol it is generally incorrect to speak about establishing a connection (since this is a protocol without logical connection establishment).
Related Links:
1. I Know Where You Are Sharing: Exploiting P2P Communications to Invade Users' Privacy
UPD: a lot of questions on the topic of how this article differs from this one or this one .
I answer:
1. There it was only a call. I showed that in a certain situation, you can open it without a call, via chat.
2. There was only a theory. And here is a video demonstration.
')
Prehistory
It all started with reading this article here .
Quote from the article:
“Skype, it turns out, is in most cases directly connected to the other party.”
But no evidence of this was given. I was very interested. And I conducted the first preliminary tests .
After that, it was found that many people do not have enough knowledge about this situation, but with rush, are ready to brag about their dubious knowledge. Further comments on this topic to confirm. Someone thought that it was necessary to watch UDP sockets (although in the article the author used the cports program to view TCP connections). There were other opinions that it is possible to find out the IP address of the interlocutor only if he has a dedicated IP, and in the case of NAT, this is impossible . Still others said that only the supernod address could be identified , so the attacker’s author didn’t figure it out , etc.
Therefore, I decided to clarify the situation.
Test results
Spending more time testing, it turned out the following:
1. In some cases, the disclosure of the address of the interlocutor is possible when chatting with the interlocutor (data is transmitted to him directly via the TCP protocol). But not always. What is connected with is unclear. However, in all tests, when the interlocutor was in the same city, it was possible to detect its IP address in this way.
2. Disclosure of the address of the interlocutor is possible when communicating with him by voice (data is transmitted to him directly via the UDP protocol). The call can be made so that the other party does not have a call and he doesn’t recognize anything.
3. Using NAT scheme does not change. Those. You can detect the address directly of the router, which produces the subscription of the subscriber.
4. No Skype settings currently protect against this.
PS In the preliminary tests, I suffered a failure due to 2 factors:
1. TCP was monitored just when the address was not disclosed (the subscriber was geographically in another city).
2. netstat does not show the established connections for the UDP protocol, since in the case of using this protocol it is generally incorrect to speak about establishing a connection (since this is a protocol without logical connection establishment).
Related Links:
1. I Know Where You Are Sharing: Exploiting P2P Communications to Invade Users' Privacy
Source: https://habr.com/ru/post/135273/
All Articles