Export message history from Skype 4. *
After reading the news about the vulnerability in Skype, which allows to hijack any account , in the process of reading comments and posts on the topic came across a new information for themselves: it turns out, starting with version 4. * Skype stores information about the user in the sqlite database. This brought me to the idea that information from the database can be easily and naturally obtained.
The database itself was discovered - as one would expect, in the c: \ Users \ <Username> \ Application Data \ Skype \ <Skype Login> \ folder, and judging by the size of the files available there, it was named main.db
The second step was the search for a convenient tool for working with sqlite databases, because previously you did not have to work with them. The first found tool: SQLite Database Browser , without problems, opened and showed the contents of the database.
However, this tool also showed its shortcomings - the inability to work with BLOB fields and the inability to upload the results of a manually written query to external sources. Therefore, having made a second search attempt, I found an Add-on for Firefox under the name SQLite Manager , and later I used it.
')
The database contains not too many tables, and their names are intuitive, so finding the necessary information is not difficult, therefore, I will give only the most obvious and useful queries to the database. They can be executed from the “Execute SQL” tab in the SQLite Database Browser, or from the “Run Query” tab in the SQLite Manager.
The Contacts table contains all contacts, even those that have been deleted and are no longer shown in the client.
The Calls and CallMembers tables contain, respectively, the history of calls and their participants.
And finally, the tables Conversations and Messages contain the data of the correspondence and the messages themselves.
At the end of the article I can not help but notice that to access the entire contents of the database, it is enough to have access to the file itself - the contents of the database are not encrypted or protected in any way, so that anyone who can access your Windows profile can find a contact list view call history and read the entire correspondence.
The database itself was discovered - as one would expect, in the c: \ Users \ <Username> \ Application Data \ Skype \ <Skype Login> \ folder, and judging by the size of the files available there, it was named main.db
The second step was the search for a convenient tool for working with sqlite databases, because previously you did not have to work with them. The first found tool: SQLite Database Browser , without problems, opened and showed the contents of the database.
However, this tool also showed its shortcomings - the inability to work with BLOB fields and the inability to upload the results of a manually written query to external sources. Therefore, having made a second search attempt, I found an Add-on for Firefox under the name SQLite Manager , and later I used it.
')
The database contains not too many tables, and their names are intuitive, so finding the necessary information is not difficult, therefore, I will give only the most obvious and useful queries to the database. They can be executed from the “Execute SQL” tab in the SQLite Database Browser, or from the “Run Query” tab in the SQLite Manager.
The Contacts table contains all contacts, even those that have been deleted and are no longer shown in the client.
select skypename, fullname, given_displayname, birthday, case gender when 1 then '' when 2 then '' else ' ' end as "", case availability when 0 then '' when 8 then ' ' else '' end as "", strftime('%d.%m.%Y %H:%M:%S',lastonline_timestamp, 'unixepoch', 'localtime') as " " from contacts The Calls and CallMembers tables contain, respectively, the history of calls and their participants.
select calls.id as "ID ", coalesce(contacts.displayname, accounts.fullname) as "", strftime('%d.%m.%Y %H:%M:%S',calls.begin_timestamp, 'unixepoch', 'localtime') as " ", time(calls.duration, 'unixepoch') as "", callmembers.dispname as " ", strftime('%d.%m.%Y %H:%M:%S',callmembers.start_timestamp, 'unixepoch', 'localtime') as " ", time(callmembers.call_duration, 'unixepoch') as " " from calls inner join callmembers on calls.id = callmembers.call_db_id left join contacts on calls.host_identity = contacts.skypename left join accounts on calls.host_identity = accounts.skypename And finally, the tables Conversations and Messages contain the data of the correspondence and the messages themselves.
select conversations.id as "ID ", conversations.displayname as " ", messages.from_dispname as " ", strftime('%d.%m.%Y %H:%M:%S',messages.timestamp, 'unixepoch', 'localtime') as " ", messages.body_xml as " " from conversations inner join messages on conversations.id = messages.convo_id order by messages.timestamp At the end of the article I can not help but notice that to access the entire contents of the database, it is enough to have access to the file itself - the contents of the database are not encrypted or protected in any way, so that anyone who can access your Windows profile can find a contact list view call history and read the entire correspondence.
Source: https://habr.com/ru/post/160315/
All Articles