this is some thougts and result of my investigation into skype protocol and how it is worked.
First of all, what we need to reconstruct network protocol?
We need plain text data which transfered from host A to host B, right? Right. So, there it is. There is a text files with plain text data which sended from one skype client to another skype client. Yes, it have much crypto on lower levels. For now, just dont think about it. It was researched one time and after we just encapsulate it in function or class and dont care about it. Text files of skype send message sequence:
Okay, we got plain text data transfered. What we need next? We need understand, that all this data means. Where is destination username, where is time and where is message. And how protocol care it all for working good. How to do this? Best way, its rewrite it on paper in your own blocks and visual representation to understand internal structure of protocol. Make visual blocks and etc. Like in UML. So, there it is. My scans of hand written paper with skype protocol send message sequences:
Speaking as a layman here, but would it be trivial for actual-Skype to be tweaked in such a way as to break a compatible client that only currently works? Reminds me of all the third party clients or plugins for (insert service here) that work great...until something changes and it stops working.
Yes, it'd be trivial. In fact, this has pretty much happened with every single IM protocol at some point that was subject to reverse-engineering efforts. Here's some history from the early 2000s [1]. Libpurple changelogs are also enlightening.
Trivial to break, yes, but also trivial to fix usually. Once the initial RE effort is done, minor obfuscations to the protocol are typically not major harms.
And break all the mess of 10 mln users online at once, and around 500 mln at month. With big zoo of various versions. Even if they do so, reversing new tweaks not take too long.
Also, you have good working proto. Do changes to it daily... For that reason? Just because someone write compatible client (very buggy, by the way, and less of features)? I dont think so.
The protocol of which version of skype client are you reversing? I guess it is NOT the same protocol web.skype.com uses?
BTW, ladies and gentlemen, I'd like to mention that I daily chat with skype contacts by means of XMPP clients and gateway software "spectrum" http://spectrum.im/ (which works by web protocol of skype). All 1-to-1 chats work, recent groupchats work. File transfers from skype contacts don't work, and also calls. But day-to-day it is enough for me. I gain a lot of flexibility by this.
this is some thougts and result of my investigation into skype protocol and how it is worked.
First of all, what we need to reconstruct network protocol?
We need plain text data which transfered from host A to host B, right? Right. So, there it is. There is a text files with plain text data which sended from one skype client to another skype client. Yes, it have much crypto on lower levels. For now, just dont think about it. It was researched one time and after we just encapsulate it in function or class and dont care about it. Text files of skype send message sequence:
http://dev.epycslib.ru/dumps/parse_proto.zip
Okay, we got plain text data transfered. What we need next? We need understand, that all this data means. Where is destination username, where is time and where is message. And how protocol care it all for working good. How to do this? Best way, its rewrite it on paper in your own blocks and visual representation to understand internal structure of protocol. Make visual blocks and etc. Like in UML. So, there it is. My scans of hand written paper with skype protocol send message sequences:
http://dev.epycslib.ru/dumps/skypeproto.zip
More info at:
http://skype-open-source2.blogspot.ru/2016/06/skype-protocol...