[liberationtech] skype

[Anthony Papillion]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote:
> 
> 
> On 3/21/13 9:36 PM, Michael Carbone wrote:
>> Anyone looked into the reports that Skype leaks your IP address? 
>> Apparently you do not have to interact with the person whose
>> location you are interested in to be able to get their IP
>> address.
> 
> I think this is (still) the vulnerability Kieth Ross and his team
> at NYU-Poly found a few years ago... last I talked to him this
> particular flaw was still exploitable and hadn't been fixed:

That is definitely true. Basically, you can get the IP address the
account last logged in from. Do a search for 'Skype Resolver' and
you'll find a bunch of services that do this.

Here's one:
http://www.anonware.net/index.php?page=resolver

Put in the Skype username. If it fails, try again as it sometimes
messes up the first time. Apparently, Microsoft has not fixed this yet.

Anthony



-----BEGIN PGP SIGNATURE-----
Comment: Need my public key? http://bit.ly/Y91VgY

iQIcBAEBCgAGBQJRTK3yAAoJEAKK33RTsEsVxNQP/RnhumLDw4j8+bfRzdvxvZty
ypaPyhpbaDEqBK5SYugU4P5XBTNN129nFa2hOagsOg9yCOaj/EoBxKQCo5AiWpHY
t6zX0+9MjwBTZnKFuhNnvtC/bHhdDwR2GdQOnkF8hUHYKJVD810QlhKb7SPYN0hd
uz16a0bLPoErVRBnI9yBDwsLCyPNeodPD36Sf7ixq+JifYeGLJUaob0WmLd0U/bi
tUhpYohbwfC/lN+3HWSdrjkPW+6mtoAGYe67qWBY4Jv+scnLGZB7f26FJDcQHPRP
Gh0/IzLyfCYhrXt7stnP3pK6Jbf+5PrWqqmGQQclj8ECkc8nH9hoUqkLHgSXDVIR
+8m3FD9c3btAJXOfuL9dnLOZfO32Pe41ZpvQkIC7Suyde0wq+OjEVjluzEcQTETO
fsnUaEln/BuQ7ojE/ByMZ5K0P+u7PlN8fRz0ajhMbe4LKXtMmnQffFu96dW5Ejig
1i0ohxQfFLW+Wdsa/tjKvgwl9OkVfPEkZjSxV6YWRTYaek6hkheARQayn2MJ/XVs
tguLuGut6OHwHGsMeTTHvsvaPHuy4m4mHqIKWMOBHyaJqfX3WItWJti91SHjOJN4
Zq1TKJFujmNcGIYx4RFtmEFZlXDGl/uJxkfAK5pES7cOoQpnOK3RrpyA/msTvHYw
f2LSx8TXSdkgHuwpwHVU
=zsvv
-----END PGP SIGNATURE-----