I would like to have your experience/encounter in analysing skype data.
post mortem analysis
————————-
where do you look for evidential data regarding chats, voice, file transfer.
live analysis
————–
if you want to investigate a like case of skype where you have access to the suspect computer how do you tap into his contacts converstations (chats) without them knowing that you are online. the main point here is no to draw the attention of the contacts who are already authorised to have your status.
I have briefly looked at this and found that the chat histories seem to be stored in
%system disk%\Documents and Settings\%loginname%\Application Data\Skype\%skype-login%\chatsync
with a directory for each chat that has been established. Viewing the .dat file shows the parties in the chat
Contacts, call and chat histories are also in the .dbb files in the Skype\%skype-login% folder
hope that's of some use
paul
paul, thanks for the feed.
it seems that that are scarce resources on the subject which warrant a full research into it.
the capability of skype in traversing firewalls and NAT applications is starting to show its teeth in the corporate world and will pose a challenge for forensic analysts.
youcef
paul, thanks for the feed.
it seems that that are scarce resources on the subject which warrant a full research into it.
the capability of skype in traversing firewalls and NAT applications is starting to show its teeth in the corporate world and will pose a challenge for forensic analysts.
youcef
Belkasoft has a tool which can recover Skype chat history from .dbb, .db and chatsync .dat files.
You could also look at SkypeAlyzer
newer versions of skype use .db files, wich are sqlite3
http//
http//
You could try looking at a tool called SkypeLogView made by NirSoft, it gathers all the information you could need from the DB file and can export it in many formats.