Simple script para extraer metadatos del main.db de skype, los metadatos son extraidos ordenados por "Profile_details", "Conversations_details" y "Transfers_details"
# -*- coding: utf-8 *-*
import sqlite3
class Skype_Meta_Extractor():
def __init__(self, DBPath):
self.DBPath = DBPath
def __manager():
try:
self._Profile_Details()
self._Conver_Details()
self._Transfer_Details()
except:
print "An error has ocurred, please, try again"
__manager()
def __main_conn(self):
try:
#triying to connect with the sqlite database
conn = sqlite3.connect(self.DBPath)
self.consult = conn.cursor()
except:
print "Can't connect with the SQLite database'"
def _Profile_Details(self):
self.__main_conn()
try:
#SQL consult
self.consult.execute("SELECT fullname, skypename, emails, country, city, languages,\
datetime(profile_timestamp), datetime(avatar_timestamp),\
datetime(registration_timestamp) FROM accounts;")
except:
print "An error has ocurred doing the SQL consult"
def _another_info():
try:
#SQL consult
self.consult.execute("SELECT phone_mobile, datetime(birthday) FROM contacts;")
except:
print "An error has ocurred doing the SQL consult"
def __Shower():
print "Extra info: "
for data in self.consult:
try:
if data[0] and data[1]:
print "Phone: " + str(data[0])
print "Born Date: " + str(data[1])
else:
continue
except:
print "An error has ocurred showing the extra info"
continue
__Shower()
def __Shower():
#Showing metainfo
print "- Skype Profile Details"
for data in self.consult:
try:
print "---------------------------------------"
print "Full Name: " + str(data[0])
print "Skype Name: " + str(data[1])
print "Email: " + str(data[2])
print "Country: " + str(data[3])
print "City: " + str(data[4])
print "Language: " + str(data[5])
print "Last profile edition: " + str(data[6])
print "Last avatar edition: " + str(data[7])
print "Registration Date: " + str(data[8])
_another_info()
print "---------------------------------------"
except:
continue
print "ERROR : An error has ocurred showing the profile info"
__Shower()
def _Conver_Details(self):
self.__main_conn()
try:
#SQL Consult
self.consult.execute("SELECT datetime(timestamp), \
dialog_partner, author, body_xml FROM Messages;")
except:
print "An error has ocurred doing the SQL consult"
def __Shower():
#Showing metainfo
print "\n- Skype Conversations Details"
for data in self.consult:
try:
print "---------------------------------------"
print "Start of the conversation: " + str(data[0])
print "Author: " + str(data[2])
print "Receiver: " + str(data[1])
if data[3]:
print "Message: " + str(data[3].encode('utf-8'))
else:
print "Message: " + str(data[3])
print "---------------------------------------"
except:
continue
print "ERROR : An error has ocurred showing the Conversations info"
__Shower()
def _Transfer_Details(self):
self.__main_conn()
try:
#SQL Consult
self.consult.execute("SELECT partner_handle, partner_dispname, datetime(starttime),\
filepath, filename, filesize FROM transfers;")
except:
print "An error has ocurred doing the SQL consult"
def __Shower():
#Showing metainfo
print "\n- Skype Transfers Details"
for data in self.consult:
try:
print "---------------------------------------"
print "File receiver container: " + str(data[0]) + "/" + str(data[1])
print "Start time: " + str(data[2])
print "File path: " + str(data[3])
print "File name: " + str(data[4])
print "File size: " + str(data[5])
print "---------------------------------------"
except:
continue
print "ERROR : An error has ocurred showing the transfers info"
__Shower()
Skype_Meta_Extractor('main.db')
Working :
(http://i.imgur.com/ioGuBjz.png)
(http://i.imgur.com/wWEGrrC.png)
(http://i.imgur.com/wWEGrrC.png)
Saludos
sanko excelente !! esto lo podríamos emplear para la parte de forensics.
gran aporte como siempre
excelente aporte bro gracias por traerlo salu2
Buen código man, bien ordenado con su respectiva POO.
Es fantástico el SQLite , aún lo tengo pendiente !
Saludos, Javier.
Como siempre excelente, eres un hacha!
-Saludos-
En la columna hashed_emails de la tabla contacts
Me da strings de este tipo:
8d7182759850e065aeb5161377b8b9a01f4ff0b6
Alguien sabe en que estan, y como desencriptarlos??
no puedo asegurartelo pero o es AES o RSA y creo que skype tenia una key privada y otra pública, busca más info en google, seguro hay
ok, gracias por la respuesta Sanko.