lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 01 Apr 2012 05:49:47 +0200
From: Research <>
Subject: HITB2011KUL - Skype Vulnerabilities 0Day
	Exploitation PART 1

HITB2011KUL - Skype Vulnerabilities 0Day Exploitation PART 1




Presentation Title Skype Vulnerabilities: Zero Day Exploitation 2011
Presentation Abstract

The popular VOIP client Skype has been beaten?! As everyone knows Skype takes security very seriously according 
to their own words: “The security of your information is of the utmost concern to us here at Skype and something 
we take very seriously” So we rose up to the challenge and tried to see if we could beat the system filters and/or 
software out of the box.

This presentation will offer the first in depth view & analysis of the bugs that where found in Skype by the research team in 2011. The presentation will also provide exclusive attack schemes from 
an attackers point of view which were also used for verification of our findings.


– Skype 5.3.x 2.2.x 5.2.x – Persistent Cross Site Scripting Vulnerability
– Skype 5.3.x 2.2.x 5.2.x – Persistent Software Vulnerability
– Skype v5.3.x – Transfer Standby Buffer Overflow Vulnerability
– Skype v5.2.x and v5.3.x – Critical Pointer Vulnerability
– Skype v5.3.x v2.2.x v5.2.x – Denial of Service Vulnerability

Attack schemes:

– Client Side Skype Exploitation (Local & Remote)
– Server Side Exploitation #1 (Local & Remote)
– Server Side Exploitation #2 (Local & Remote)
– Denial of Service Exploitation (Local to Remote)
– Buffer Overflow Exploitation (Remote)
– Pointer Bug Exploitation (Local)




Benjamin Kunz M.(28) is active as a penetration tester and security analyst for private and public 
security firms, hosting entities, banks, isp(telecom) and ips. His specialties are security 
checks(penetrationtests) on services, software, applications, malware analysis, underground economy, 
government protection or cyberwar analysis, reverse engineering, lectures or presentations and 
workshops about IT Security. During his work as a penetration tester and vulnerability researcher, 
many open- or closed source applications, software and services were formed more secure. In 1997, 
Benjamin K.M. founded a non-commercial and independent security research group called,  Global Evolution 
- Security Research Group  which is still active today.

From 2010 to 2011, Benjamin M. and Pim C. (Research Team) identified over 300 zero day vulnerabilities 
in well known products from companies such as DELL, Barracuda, Mozilla, Kaspersky, McAfee, Google, 
Fortigate, Opera, Cyberoam, Safari, Endian, Skype, Asterisk, Astaro, PBX & SonicWall. In 2010 he founded 
the company  Evolution Security . After the firm s establishment arose the Vulnerability Lab as the legal 
european initiative for vulnerability researchers, analysts, penetration testers, and serious hacker 
groups. Ben is also the leader of the Contest + VLab Research Team. He have a lot of stable references 
by solved events, interviews or contests/wargames like ePost SecCup, SCS2, 27c3, EH2008, Har2009, Da-op3n 
& he provids exclusive zero-day exploitation sessions/releases.

The information provided in this video is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, 
either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-
Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business 
profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some 
states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation 
may not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability-
Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of 
other media, are reserved by Vulnerability-Lab or its suppliers.

    						Copyright © 2012|Vulnerability-Lab


Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists