Hacking Approach to VoIP & Skype

Skype certainly provides a very nice way for voice communication and chat, but questions remains: Is the system is secure and reliable? Can outsiders capture the conversation or intercept data?

To answer these questions, we will be searching different previous ways demonstrated by security researchers to hack Skype.

Intercepting data on VoIP systems is no different than traditional packet sniffing, the method is the same. The media is transmitted over UDP using the RTP (Real Time Protocol).

Now to analyze the data, we should use an advanced sniffer such as Wireshark, which can decode the session automatically and also provides graphs for results about different communication.

Recording VoIP is possible by using tools such as UCSniff (http://ucsniff.sourceforge.net/) this allows to:

• Targeting of VoIP Users based on Corporate Directory and/or extensions
• Support for automatically recording private IP video conversations
• Automatically re-creates and saves entire voice conversation to a single file that can be played back by media players
• Support for G.729, G.723, G.726, G.722, G.711 u-law, and G.711 a-law compression codecs
• Support for H.264 Video codec
• Automated VLAN Hop and VLAN Discovery support
• A UC Sniffer (VoIP and Video) combined with a MitM re-direction tool
• Monitor Mode
• Sniffs entire conversation if only one phone is in source VLAN
• Gratuitous ARP Disablment Bypass support
• TFTP MitM Modification of IP Phone features
• Realtime VoIP and Video Monitor

Intercepting video conferencing over the network is also possible unless the transition is encrypted. As security measures for signals TLS (Transport Layer Security) is used to protect SIP signals and RTP (Secure Real Time Protocol), but in most cases the voice is transmitted in just clear signal.

Skype mandates encryption of all transmitted traffic, but catching Skype calls is still possible.

Ruben Unteregger, a 33-year-old software developer from Switzerland, has made public the source code of a Trojan that taps into Skype conversations, The Trojan receives commands from a dedicated server, and then sends hackers the desired Audio files.

When the user opens up the Skype Client and starts a conversation, the Trojan performs a DLL injection that will allow it to attach itself to the Skype process and record all audio/video conversations.

The recorded audio files are then transformed from a PCM audio format to MP3, encrypted and sent to a server on the web.

As demonstrated, the method not only catches the keystroke, but all data transmitted by Skype audio and video. You can find more about it here: http://www.megapanzer.com.

Finally it is important to note that listening and recording conversation of other people is illegal and it is classified as a crime while these tools can be used to make a backup of your own conversations and as a Proof of Concept demonstration tool and a method of creating awareness around VoIP/UC threats.

make sure you subscribe to my RSS feed!

Share
  • Pingback: SecureArabia

  • Pingback: Lee

  • Pingback: Tweets that mention Hacking Approach to VoIP & Skype | SecTechno -- Topsy.com

  • Pingback: Avertive

  • Pingback: Win Security

  • Pingback: Ganesh babu

  • Pingback: Justin Elze

  • Pingback: Juan Carlos Carrillo

  • Pingback: svoip

  • Pingback: PrivateWave Italia

  • VoIP software

    Does it really work? I'd like to try it myself.

  • http://sectechno.com Mourad

    Hello,

    Thanks for the comment, yes you can try if you have any issue please feel free to contact me.

  • Pingback: Mourad Ben Lakhoua

  • E-devlet

    This is one of the best posts that I’ve ever seen; you may include some more ideas in the same theme. I’m still waiting for some interesting thoughts from your side in your next post.