Thursday, May 12, 2011

Skype Vulnerability.

Skype has been acquired by Microsoft few days ago and suddenly it inherited Microsoft's weakness :D .... I 'm just kidding, of course. As many of you already know, a pretty big problem has been identified on all Skype versions running on Mac OS X pltaforms.

A remote attacker could execute arbitrary code on the target machine by injecting any payload through a vulnerable xss website. According to authors, I am not sure the described vulnerability is the same of the news . But anyway, in order to trigger this vulnerability, you need to find a vulnerable website that can be used as an agent to send our payload. For example: attacker can use third party vulnerable website to trigger scripting injection in Skype (MAC OS). Generally, certain truth prevails as follows (please substitute square parenthesis with angular one)

1. If an attacker sends a remote script payload as
skype filters this injection on chat engine which is quite normal.

2. Here the points ! First: Skype(MAC OS) fails to filter the injection in which payload is sent as a part of third part vulnerable website hyperlink as follows[script]alert(document.location);[script]

And Second:
assuming A =
and B = [script]alert(document.location);[script]

Skype fails to treat it as one hyperlink (A+B). As a result, B part executes in the context of Skype(MAC OS) thereby resulting in remote scripting in the skype.

3. Attacker can use DOM injections to write arbitrary content in the chat window. There can be advanced variations of it.

4. We know MAC runs applications with extensions .app, it is possible to download malicious applications through skype. One can also trigger Safari automatically using DOM calls such as "".

5. This vulnerability does not require any user interaction and runs payload directly.

For knowing more about this vulnerability: here.


muebles camobel said...

This cannot have effect as a matter of fact, that is what I suppose. said...

Resources like the one you mentioned here will be very useful to me ! I will post a
link to this page on my blog. I am sure my visitors will find that very useful