Exploit the possiblities

SkypeFreak Forensic Tool

SkypeFreak Forensic Tool
Posted Mar 21, 2014
Authored by Osanda Malith

This tool can be used to enumerate Skype users profiles, contacts, messages, and calls from the main.db file. This is automated easy to use application in which to perform forensic spelunking of Skype data.

tags | tool, forensics
MD5 | c2f9ce08e658c838aa56267c0fda951a

SkypeFreak Forensic Tool

Change Mirror Download
'''
Title: SkypeFreak
Description: A cross platform forensic tool for Skype
Author: Osanda Malith (@OsandaMalith)
URL: http://osandamalith.github.io/SkypeFreak/

Disclaimer: This tool is meant for ethical (legal) purposes only.

Notes: Please note this tool may contain errors, and
is provided "as it is". There is no guarantee
that it will work on your target server(s), as
the code may have to be adapted.
This is to avoid script kiddie abuse as well.

License:
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
'''
import os
import sqlite3
import optparse
import sys

def Profile(skypeDB, PathName):
connexion = sqlite3.connect(skypeDB)
c = connexion.cursor()
c.execute("SELECT fullname, skypename, city, country,\
datetime(profile_timestamp,'unixepoch') FROM Accounts")
print '[*] --- Details of %s' % (os.path.basename(PathName)) +' ---'
profile = '[*] --- Details of %s' % (os.path.basename(PathName)) +' ---\n'
for row in c:
print '[+] User: %s ' %(str(row[0]))
profile += '[+] User: %s \n' %(str(row[0]))
print '[+] Skype Username: %s'%(str(row[1]))
profile += '[+] Skype Username: %s\n'%(str(row[1]))
print '[+] Country: %s' % (str(row[2]))
profile += '[+] Country: %s\n' % (str(row[2]))
print '[+] Location: %s'% (str(row[3]))
profile += '[+] Location: %s\n'% (str(row[3]))
print '[+] Profile Date: %s'%(str(row[4]))

while True:

choice = raw_input("\n[~] Generate Output?\n")
choice = choice.lower()

if choice[0] == 'y':
try:
output = profile
output += "\n[*] This file was Generated by Skype Freak\n[~] http://osandamalith.github.io/SkypeFreak/"
filename = str(raw_input("[~] Enter a Filename: "))
file = open(filename+'.txt' , "w")
file.write(output)
file.close()
print '[~] File Saved to ' + os.path.abspath(filename) + '.txt'
mainMenu(skypeDB, PathName)
break
except Exception, e:
print '[!] Access Denied! Directory is not writable. Probably you are in C:\\ drive'
if choice[0] == 'n':
mainMenu(skypeDB, PathName)
break


def Contacts(skypeDB, PathName):
connexion = sqlite3.connect(skypeDB)
c = connexion.cursor()
c.execute("SELECT displayname, skypename, country, city, about, phone_mobile, homepage, \
birthday , datetime(lastonline_timestamp,'unixepoch') FROM Contacts;")
print '\n[*] --- Found Contacts --- '
contacts = '[*] --- Found Contacts of %s' % (os.path.basename(PathName)) +' ---\n'
for row in c:
print '[+] User: %s\n' %(str(row[0]))
contacts += '\n\n[+] User: %s' %(str(row[0]))
print '[+] Skype Username: %s' %(str(row[1]))
contacts += '\n[+] Skype Username: %s\n' %(str(row[1]))
if str(row[2])!= 'None':
contacts += '[+] Country: %s\n' %(str(row[2]))
print '[+] Country: %s' %(str(row[2]))
if str(row[3])!= 'None':
contacts += '[+] City: %s\n' %(str(row[3]))
print '[+] City: %s' %(str(row[3]))
if str(row[4])!= 'None':
contacts += '[+] About Text: %s\n' %(str(row[4]))
print '[+] About Text: %s' %(str(row[4]))
if str(row[5])!= 'None':
contacts += '[+] Mobile Number: %s\n' %(str(row[5]))
print '[+] Mobile Number: %s' %(str(row[5]))
if str(row[6])!= 'None':
contacts += '[+] Homepage URL: %s\n' %(str(row[6]))
print '[+] Homepage URL: %s' %(str(row[6]))
if str(row[7])!= 'None':
contacts += '[+] Birthday: %s\n' %(str(row[7]))
print '[+] Birthday: %s' %(str(row[7]))
if str(row[8])!= 'None':
contacts += '[+] Last Online Date: %s\n' %(str(row[8]))
print '[+] Last Online Date: %s' %(str(row[8]))

while True:
try:
choice = raw_input("\n[~] Generate Output?\n")
choice = choice.lower()
except (NameError, SyntaxError, EOFError):
print '[!] Error Occured'
if choice[0] == 'y':
try:
output = contacts
output += "\n[*] This file was Generated by Skype Freak\n[~] http://osandamalith.github.io/SkypeFreak/"
filename = str(raw_input("[~] Enter a Filename: "))
file = open(filename+'.txt' , "w")
file.write(output)
file.close()
print '[~] File Saved to ' + os.path.abspath(filename) + '.txt'
mainMenu(skypeDB, PathName)
break
except Exception, e:
print '[!] Access Denied! Directory is not writable. Probably you are in C:\\ drive'
if choice[0] == 'n':
mainMenu(skypeDB, PathName)
break


def Calls(skypeDB, PathName):
connexion = sqlite3.connect(skypeDB)
c = connexion.cursor()
c.execute("SELECT datetime(begin_timestamp,'unixepoch'), time(duration,'unixepoch'), \
is_incoming, identity FROM calls, conversations WHERE calls.conv_dbid = conversations.id;")
print '\n[*] --- Found Calls --- '
calls = '[*] --- Found Calls of %s' % (os.path.basename(PathName)) +' ---\n'
for row in c:

print '[+] Date: %s'%(str(row[0])) + ' | Partner: %s' %(str(row[3]))
if (str(row[1])) != 'None':
print '[+] Call Duration: %s' %(str(row[1]))
if ((str(row[2])) == '1'):
print '[~] This was an Incoming Call\n'
else:
print '[~] This was an Outgoing Call\n'
#output

calls += '[+] Date: %s'%(str(row[0])) + ' | Partner: %s\n' %(str(row[3]))
if (str(row[1])) != 'None':
calls += '[+] Call Duration: %s\n' %(str(row[1]))
if ((str(row[2])) == '1'):
calls += '[~] This was an Incoming Call\n\n'
else:
calls += '[~] This was an Outgoing Call\n\n'

while True:
try:
choice = raw_input("\n[~] Generate Output?\n")
choice = choice.lower()
except (NameError, SyntaxError, EOFError):
print '[!] Error Occured'
if choice[0] == 'y':
try:
output = calls
output += "\n[*] This file was Generated by Skype Freak\n[~] http://osandamalith.github.io/SkypeFreak/"
filename = str(raw_input("[~] Enter a Filename: "))
file = open(filename+'.txt' , "w")
file.write(output)
file.close()
print '[~] File Saved to ' + os.path.abspath(filename) + '.txt'
mainMenu(skypeDB, PathName)
break
except Exception, e:
print '[!] Access Denied! Directory is not writable. Probably you are in C:\\ drive'
if choice[0] == 'n':
mainMenu(skypeDB, PathName)
break

def Msgs(skypeDB, PathName):
connexion = sqlite3.connect(skypeDB)
c = connexion.cursor()
c.execute("SELECT datetime(timestamp,'unixepoch'), \
dialog_partner, author, body_xml FROM Messages;")
msgs = '[*] --- Messages Found of %s' % (os.path.basename(PathName)) +' ---\n'
for row in c:
try:
if 'partlist' not in str(row[3]):
if str(row[1]) != str(row[2]):
msgDirection = 'To ' + str(row[1]) + ': '
else:
msgDirection = 'From ' + str(row[2]) + ': '
print 'Time: ' + str(row[0]) + ' ' \
+ msgDirection + str(row[3])

msgs += 'Time: ' + str(row[0]) + ' ' + msgDirection + str(row[3]) + '\n'
except:
pass

while True:
try:
choice = raw_input("[~] Generate Output?\n")
choice = choice.lower()
except (NameError, SyntaxError, EOFError):
print '[!] Error Occured'
if choice[0] == 'y':
try:
output = msgs
output += "\n[*] This file was Generated by Skype Freak\n[~] http://osandamalith.github.io/SkypeFreak/"
filename = str(raw_input("[~] Enter Filename: "))
file = open(filename+'.txt' , "w")
file.write(output)
file.close()
print '[~] File Saved to ' + os.path.abspath(filename) + '.txt'
mainMenu(skypeDB, PathName)
break
except Exception, e:
print '[!] Access Denied! Directory is not writable. Probably you are in C:\\ drive'
if choice[0] == 'n':
mainMenu(skypeDB, PathName)
break

def fullReport(skypeDB, PathName):
connexion = sqlite3.connect(skypeDB)
c = connexion.cursor()
c.execute("SELECT fullname, skypename, city, country,\
datetime(profile_timestamp,'unixepoch') FROM Accounts")
profile = '[*] --- Details of %s' % (os.path.basename(PathName)) +' ---\n\n'
for row in c:
profile += '[+] User: %s \n' %(str(row[0]))
profile += '[+] Skype Username: %s\n'%(str(row[1]))
profile += '[+] Country: %s\n' % (str(row[2]))
profile += '[+] Location: %s\n'% (str(row[3]))

c.execute("SELECT displayname, skypename, country, city, about, phone_mobile, homepage, \
birthday , datetime(lastonline_timestamp,'unixepoch') FROM Contacts;")

contacts = '\n\n[*] --- Found Contacts of %s' % (os.path.basename(PathName)) +' ---\n\n'
for row in c:
contacts += '\n\n[+] User: %s' %(str(row[0]))
contacts += '\n[+] Skype Username: %s\n' %(str(row[1]))
if str(row[2])!= 'None':
contacts += '[+] Country: %s\n' %(str(row[2]))
if str(row[3])!= 'None':
contacts += '[+] City: %s\n' %(str(row[3]))
if str(row[4])!= 'None':
contacts += '[+] About Text: %s\n' %(str(row[4]))
if str(row[5])!= 'None':
contacts += '[+] Mobile Number: %s\n' %(str(row[5]))
if str(row[6])!= 'None':
contacts += '[+] Homepage URL: %s\n' %(str(row[6]))
if str(row[7])!= 'None':
contacts += '[+] Birthday: %s\n' %(str(row[7]))
if str(row[8])!= 'None':
contacts += '[+] Last Online Date: %s\n' %(str(row[8]))

c.execute("SELECT datetime(begin_timestamp,'unixepoch'), time(duration,'unixepoch'), \
is_incoming, identity FROM calls, conversations WHERE calls.conv_dbid = conversations.id;")

calls = '\n\n[*] --- Found Calls of %s' % (os.path.basename(PathName)) +' ---\n\n'
for row in c:

calls += '[+] Date: %s'%(str(row[0])) + ' | Partner: %s\n' %(str(row[3]))
if (str(row[1])) != 'None':
calls += '[+] Call Duration: %s\n' %(str(row[1]))
if ((str(row[2])) == '1'):
calls += '[~] This was an Incoming Call\n\n'
else:
calls += '[~] This was an Outgoing Call\n\n'

connexion = sqlite3.connect(skypeDB)
c.execute("SELECT datetime(timestamp,'unixepoch'), \
dialog_partner, author, body_xml FROM Messages;")
msgs = '\n\n[*] --- Messages Found of %s' % (os.path.basename(PathName)) +' ---\n\n'
for row in c:
try:
if 'partlist' not in str(row[3]):
if str(row[1]) != str(row[2]):
msgDirection = 'To ' + str(row[1]) + ': '
else:
msgDirection = 'From ' + str(row[2]) + ': '
msgs += 'Time: ' + str(row[0]) + ' ' + msgDirection + str(row[3]) + '\n'
except:
pass

output = profile + contacts + calls + msgs
output += "\n[*] This file was Generated by Skype Freak\n[~] http://osandamalith.github.io/SkypeFreak/"
filename = str(raw_input("[~] Enter Filename: "))
file = open(filename+'.txt' , "w")
file.write(output)
file.close()
print '[~] File Saved to ' + os.path.abspath(filename) + '.txt'
mainMenu(skypeDB, PathName)


def mainMenu(skypeDB, PathName):
while True:
try:
choice = raw_input("[~] Go to Main Menu?\n")
choice = choice.lower()
except (NameError, SyntaxError, EOFError):
print '[!] Error Occured'
if choice[0] == 'y':
banner(skypeDB, PathName)
if choice[0] == 'n':
sys.exit(0)

def banner(skypeDB, PathName):

if os.name == "nt":
os.system('cls')
else:
os.system('clear')

print '''
8""""8
8 e e e e eeeee eeee
8eeeee 8 8 8 8 8 8 8
88 8eee8e 8eeee8 8eee8 8eee
e 88 88 8 88 88 88
8eee88 88 8 88 88 88ee

8""""
8 eeeee eeee eeeee e e
8eeee 8 8 8 8 8 8 8
88 8eee8e 8eee 8eee8 8eee8e
88 88 8 88 88 8 88 8
88 88 8 88ee 88 8 88 8

'''
print '%s' %('A creation of Osanda Malith\nURL: http://osandamalith.github.io/SkypeFreak/') + '\n'

while True:
try:
choice = int(raw_input("[~] What Do You Like to Investigate? \
\n1. Profile\n2. Contact\n3. Calls\n4. Messages\n5. Generate Full Report\n6. Exit\n" ))
except ValueError:
print '[!] Enter Only a Number'
continue
if choice == 1:
Profile(skypeDB, PathName)
break
if choice == 2:
Contacts(skypeDB, PathName)
break
if choice == 3:
Calls(skypeDB, PathName)
break
if choice == 4:
Msgs(skypeDB, PathName)
break
if choice == 5:
fullReport(skypeDB, PathName)
break
if choice == 6:
sys.exit(0)
else:
print '[!] Invalid Choice'



def menu(username):

if os.name == "nt":
PathName = os.getenv('appdata') + "\\Skype\\" + username
elif os.name == "posix":
PathName = os.getenv('HOME') + "/.Skype/" + username

if PathName == None :
print '[!] Please Enter a valid Skype username '

elif ((os.name == "posix") and (os.path.isdir(PathName) == False)):
PathName = os.getenv('HOME') + "/Library/Application Support/Skype/" + username
skypeDB = os.path.join(PathName, 'main.db')

if os.path.isfile(skypeDB):
banner(skypeDB,PathName)


elif os.path.isdir(PathName) == False:
print '[!] Username Does Not Exist '

else:
skypeDB = os.path.join(PathName, 'main.db')

if os.path.isfile(skypeDB):
banner(skypeDB,PathName)

def main():
try:
if os.name == "nt":
os.system('cls')
else:
os.system('clear')
while True:
username = str(raw_input("[~] Enter your Skype Username: "))
menu(username)
break

except (KeyboardInterrupt):
print '[!] Ctrl + C detected\n[!] Exiting'
sys.exit(0)
except (EOFError):
print '[!] Ctrl + D detected\n[!] Exiting'
sys.exit(0)



if __name__ == "__main__":
main()

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close