[skypeopensource]

Hello guys,

this is some thougts and result of my investigation into skype protocol and how it is worked.

First of all, what we need to reconstruct network protocol?

We need plain text data which transfered from host A to host B, right? Right. So, there it is. There is a text files with plain text data which sended from one skype client to another skype client. Yes, it have much crypto on lower levels. For now, just dont think about it. It was researched one time and after we just encapsulate it in function or class and dont care about it. Text files of skype send message sequence:

http://dev.epycslib.ru/dumps/parse_proto.zip

Okay, we got plain text data transfered. What we need next? We need understand, that all this data means. Where is destination username, where is time and where is message. And how protocol care it all for working good. How to do this? Best way, its rewrite it on paper in your own blocks and visual representation to understand internal structure of protocol. Make visual blocks and etc. Like in UML. So, there it is. My scans of hand written paper with skype protocol send message sequences:

http://dev.epycslib.ru/dumps/skypeproto.zip

More info at:

http://skype-open-source2.blogspot.ru/2016/06/skype-protocol...

[skypeopensource]

Working version of first Skype Network compatible client (Epycs) which creation was based on this protocol dumps will be released 1 september 2016.

[soylentcola]

Speaking as a layman here, but would it be trivial for actual-Skype to be tweaked in such a way as to break a compatible client that only currently works? Reminds me of all the third party clients or plugins for (insert service here) that work great...until something changes and it stops working.

[niftich]

Yes, it'd be trivial. In fact, this has pretty much happened with every single IM protocol at some point that was subject to reverse-engineering efforts. Here's some history from the early 2000s [1]. Libpurple changelogs are also enlightening.

[1] https://en.wikipedia.org/wiki/Trillian_(software)#History

[ultramancool]

Trivial to break, yes, but also trivial to fix usually. Once the initial RE effort is done, minor obfuscations to the protocol are typically not major harms.

[skypeopensource]

And break all the mess of 10 mln users online at once, and around 500 mln at month. With big zoo of various versions. Even if they do so, reversing new tweaks not take too long.

Also, you have good working proto. Do changes to it daily... For that reason? Just because someone write compatible client (very buggy, by the way, and less of features)? I dont think so.

[jpalomaki]

On the other hand, that kind of changes might generate negative PR. Something Microsoft might want to avoid.

Also given Skype's large deployment base, pushing radical changes to the protocol may not be a trivial task.

At some point there was also some hardware devices with Skype support, but I'm not sure if those work/exist anymore.