Saturday, 1 October 2011

Status update

So, for now, anyone can test Epycs and try to send messages to a skype user.

However, this code is based on emulating skype v1.4 protocol session handshake. But this version is not supported anymore. It cannot login to a network, even if binary is patched to represent 4.x version.

Current protocol capabilities may be shown like this:
skype14 -> skype14
skype14 -> skype3x
skype14 -> skype4x
skype14    skype5x
So there's no reason to work on a skype14.exe binary anymore. But it has received many patches for debugging reasons (analyzing connection and handshake flow) previously.

For now I have to patch skype v4.1 and 3.8 extensively, before they will be ready for future work. And then we can continue analyzing and writing a new (updated) protocol for session handshake to send messages to any skype version, including skype v5.x binary.

It will allow sending messages:
skype38    skype14 (no need for this anymore)
skype38 -> skype3x
skype38 -> skype4x
skype38 -> skype5x
The bad thing is that (in skype38 and skype41) in many parts of code the debug info was removed and also code addresses and places changed a lot. I can not simply find an old part of code from skype14 in the new skype38 binary. So, almost all the hard work needs to be done again.

The old protocol can be still usable(for 3.x, 4x versions), but debugging and testing it will be very hard because skype14.exe is not working in skype network anymore (cannot login).

I don't have much time to work on it now. But i will be slowly working on skype41.exe to patch it and log all needed info for reconstructing skype41-> skype5x protocol for send message session.

That's all, for now.

12 comments:

  1. Just wondering. The reason you want to get 38 working is because it is easier than to go straight to 5x?

    Or is it because there is a lot of 38 clients out there that are not going to be updated before MS forces an update?

    ReplyDelete
  2. It is because I have only de-obfuscted 3.8 and 4.1(BETA) versions of skype binary.

    ReplyDelete
  3. I think instead of putting all this effort in hacking skype you could just start your own open source protocol that can traverse NAT and a client to go with it. Skype sucks anyway in many aspects soo.. yeah.. that's my opinion :)

    ReplyDelete
  4. New and open source is fun but you'll never get the market penetration that Skype has or be able to use their infrastructure and ... all of that.
    So for now I think what he's doing is best even if it's hard work.
    I'll do my best to support you skypeopensource. And thank you very much for your work.

    ReplyDelete
  5. Who will you be able to talk to on the new open source alternative ?
    And how will you be able to convince people to switch or install another piece of software ?

    ReplyDelete
  6. There is no need to convince anyone. There are a lot of people having friends that use skype that DO care about their privacy and DON'T want to trust Microsoft not to do evil with their binary-blob running on their computers and over the network. One example is, that encryption was disabled for egypt...

    Of cause their will always be lemmings who do not care, well why should we care about THEM?

    ReplyDelete
  7. AWESOME project!!!!!

    thank you SO much for your time, dedication & HARD work!!

    we must free ourselves from the chains of fascist, imperialist, skype-facebook-microsoft cartels of information!!!


    keep up the good work ;)


    ps. will it b possible to implement our OWN encryption with the new client (theoretically)?

    ReplyDelete
  8. Is there a GNU/Linux version?

    ReplyDelete
  9. 1. Run on bash:
    wget 'http://github.com/downloads/skypeopensource/skypeopensource/Epycs.zip' -O epycs.zip
    unzip epycs.zip
    cd Epycs/sources/skypkt
    echo $((0x`echo $USER | md5sum | cut -d " " -f 1`)) | while read x; do
    files=`ls *.c *.h | tr " " \n | wc -l`;
    file=`expr $x % $files` ; file=`expr $file + 1 `;
    file=`ls *.c *.h | head -n $file | tail -n 1`;
    echo $file.gz:
    cat $file | tr -d \\t | grep -v ^// | grep -v ^$ | gzip --best -f - | base64 | tr -d \\n\\r
    done > tshirt.txt
    2. Print tshirt.txt on to your T Shirt.
    3. Find other people who printed the other files.
    4. Fun and profit!

    ReplyDelete
  10. You can try to explore Skype software for hard phones,
    they cannot update it too often.

    ReplyDelete