How to use Skype with Softice?
is a great VoIP program I have been
using for a while now. The only problem is that it cannot be run with Softice
Even if Softice is not running, Skype complains with this error message and
then exits: "Skype is not compatible with system bebuggers like SoftICE" (Skype
about the question.). Very, very annoying. I wonder if they have
done that because they are afraid people reverse engineer their software or
if they have hidden some spyware they don't want people to know about.
To patch Skype, I've used Ollydbg
free debugger. Searching the error message, I find:
Which means changing the JE (74) into a JMP (EB) will pass the error message
all the time. Then use a hex editor
and search the string E8 90 B1 73 FF 84 C0 74 1A 6A, change the 74 into EB
and save the file.
Another way of doing it is to use Softice and put a breakpoint on MessageBoxA
(bpx messageboxa). Softice then breaks on the error message. Press F11 once
and you find the same.
Skype will then work fine with Softice except it will crash for incoming
phone calls "Access violation at address 00000000. Read of address 00000000."
(outgoing calls and chat are fine).
Another way to bypass the protection it is to go to the call at address
0x005B9A68 and see what is going on. Here we find weird ASCII strings that
can be decryped running through the code:
ASCII 10,"B494A6545B414B4D" corresponds to the ASCII string "\\.\SICE"
ASCII 14,"B49AACA6B9A3FD7C636E" corresponds to the ASCII string
ASCII 12,"B49BAB5DB7BD80CA4C" corresponds to the ASCII string "\\.\NTICE"
ASCII 1E,"B49D5D8BCC4638F9666B5C5B4E5D5B" corresponds to the ASCII string
Changing a character in the ASCII string works but I get the same problem
with incoming calls.
Does Skype check its integrity?
What's going on when Skype crashes on incoming calls? I was wondering if
Skype ckecks the presence of Softice on incoming calls and then exits. To
know it, I uninstalled Softice and ran the patched version of Skype (solution
1) - the non patched version works well -. It still crashes on incoming
calls! My conclusion is that Skype checks its integrity (it calculates a
checksum or something) on incoming calls.
Working solution: Skype loader
To bypass the crash on incoming calls, someone has sent me a solution
which consists in loading Skype, suspend the process, change the bytes in
memory according to solution 1 and finally resume the process. Click here to download the source code for the
loader (tested with success up to version 184.108.40.206).
If you find a nicer solution, please send me an e-mail to (gery (dot)
casiez (at) wanadoo (dot) fr).
Interesting links on Softice
More stuffs about Skype
An interesting website
by Salman A. Baset
to know more about Skype.
To know how to tunnel skype from behind a