May 042011
 

I’ve seen this question on several forums around the globe.

Most of the answers were “You can’t”

Strange.

You actually really CAN’T. From Skype :D. But Skype is solely based on P2P connections and you can’t connect to any peer if you don’t have/know his IP address. They simply refuse to disclose their protocol for the public, so we can write our own plugins for Skype.

So, I’ve just had a look at my netstat output (Linux console, sorry – for Windows read below):

bash-4.1# netstat -tupan | grep skype
tcp        0      0 0.0.0.0:20530           0.0.0.0:*               LISTEN      2081/skype         
tcp        0      0 10.3.71.55:38804        212.75.19.204:6521      ESTABLISHED 2081/skype         
tcp        0      0 10.3.71.55:58519        93.152.140.108:23669    ESTABLISHED 2081/skype         
udp        0      0 127.0.0.1:59356         0.0.0.0:*                           2081/skype         
udp        0      0 0.0.0.0:20530           0.0.0.0:*                           2081/skype         
bash-4.1#

And then I’ve talked to one of my colleagues in office via Skype and rechecked for any new connections:

bash-4.1# netstat -tupan | grep skype
tcp        0      0 0.0.0.0:20530           0.0.0.0:*               LISTEN      2081/skype         
tcp        0      0 10.3.71.55:38804        212.75.19.204:6521      ESTABLISHED 2081/skype         
tcp        0      0 10.3.71.55:58519        93.152.140.108:23669    ESTABLISHED 2081/skype         
tcp        0    272 10.3.71.55:55886        10.3.71.97:16592        ESTABLISHED 2081/skype
udp        0      0 127.0.0.1:59356         0.0.0.0:*                           2081/skype         
udp        0      0 0.0.0.0:20530           0.0.0.0:*                           2081/skype         
bash-4.1#

See the red line? It will not be red in your output. And if there are too much lines, you may take the output in 2 files and then use diff.

bash-4.1# netstat -tupan | grep skype > file1.txt
bash-4.1# netstat -tupan | grep skype > file2.txt
bash-4.1# diff file1.txt file2.txt

Than I checked my own IP address:

bash-4.1# ifconfig | grep "addr:"
 inet addr:10.3.71.55  Bcast:10.3.255.255  Mask:255.255.0.0 <--------
 inet6 addr: fe80::201:6cff:fe27:4bba/64 Scope:Link
 inet addr:8.0.0.2  Bcast:8.0.255.255  Mask:255.255.0.0
 inet addr:9.0.0.2  Bcast:9.0.255.255  Mask:255.255.0.0
 inet addr:10.0.0.2  Bcast:10.0.255.255  Mask:255.255.0.0
 inet addr:127.0.0.1  Mask:255.0.0.0
 inet6 addr: ::1/128 Scope:Host
bash-4.1#

Obviously my colleague’s IP address is 10.3.71.97.

It’s as easy as this in Windows actually. You only need to enter the Command prompt (Start -> Run -> cmd) and enter netstat the same way as with Linux (don’t know about the options after the dash and you will not have grep and protocol resolution). The Skype connection port is varying every time, so you may be in a bit of an analyze, but basically it’s the same. Your own IP address can be seen if you enter the command ipconfig /all:

If you are really LOST in CMD mode. Try this  little nifty program from Windows SysInternals. It’s doing it’s job splendidly. Just don’t forget to use the sort and filter functions if you happen to have too much connections with your PC. The principle is the same.

That’s basically all. Remember your IP address (see above) Talk in Skype to the person for which IP address you are interested and watch the new connection Skype opens. Voila. The IP address is there.

All of this will not happen if the person in you are interested is using Proxy or any anonymizer software. Then you will see random Proxy address. And to try to hack a proxy server is not something that you will just find out by reading blogs and forums. Also, there is some chance that Microsoft will change part of the Skype protocol. Good luck. ;)

There are a lot of attempts to crack Skype protocol, all of them in vain. Perhaps some day the protocol will be reverse engineered and Skype security will not be so tight. There are rumors of ONE person who did this and got a nifty $um of money for his silence.

Anyway. Feel free to bridge your Skype connection over a sniffer and try your luck. I cannot teach you how to disassemble the Skype protocol.

 Posted by at 3:12 pm

  13 Responses to “How to find the IP address of Skype user”

  1. sweet man! very nice! but when i am trying this….i get 0.0.0.0 lol as his ip…..do u have any idea?? he is from uk and he is a friend of mine and i was just testing my skills and stuff……His isp is ask4 tho…so i dont know if skype or ask4 is blocking anything..

    Thanks in advance!

    • What operating system do you use?

      I wrote this article few months ago, so maybe Microsoft changed part of the protocol, and I’ll have to find the new way.

      I still use old, not updated version of Skype for Linux (Slackware -current) and the trick works. Obiously Skype still uses peer-to-peer connection for chat and not peer-to-server. The only way to hide your IP is to use proxy or some kind of Anonymizer software (that also uses proxies).

  2. I am using x – ubuntu (Gnome-shell), and i also have backtrack. I am using Skype Beta version tho.

  3. I am using Linux – ubuntu (Gnome-shell), and i also have backtrack. I am using Skype Beta version tho. *

  4. I am gonna try again tonight and i will show you some screenshots :) thank you for your time and help.

    • The trick still works in Slackware. The only line with TCP packets is the new Skype connection opened by sending a message to one of my friends.


      bash-4.1# netstat -tupan | grep skype
      [snip]
      udp 0 0 127.0.0.1:37841 0.0.0.0:* 2278/skype
      udp 0 0 0.0.0.0:20530 0.0.0.0:* 2278/skype
      bash-4.1# netstat -tupan | grep skype
      [snip]
      tcp 0 1067 10.3.71.55:35845 89.79.162.133:32917 ESTABLISHED 2278/skype
      udp 0 0 127.0.0.1:37841 0.0.0.0:* 2278/skype
      udp 0 0 0.0.0.0:20530 0.0.0.0:* 2278/skype
      bash-4.1#

      There is also another possibility: If your friend is using http://imo.im -> you will most probably see the IP address of one of their servers in Poland. And there is nothing you can do about this.

      Please respect the privacy of the others. If someone wants to be anonymous, it his/hers right ;)

      • Thanks for the info bro. Well i am not going to use anything in a bad way or for personal entertainment. Its just, i am studying computer science and i am interested in learning as many things as i can. Cheers

  5. I suppose that if I use a software faking my IP adress it will also for my Skype show the same fake adress for my contacts, or ?

  6. Hey, would someone be able to help me find the IP address of a “professional scammer”? I was scammed and “harrased” for money!! Please help me find the person’s IP address

    • Benjamin, this is a criminal offence and I think you should ask the local law force to investigate.

      I don’t think you should leave such scammer un-prosecuted.

      Regarding tracking online – it shall be done in the moment the scam has been made to you and by a licensed security specialist or it can be illegal (in most countries).

  7. Windows:
    =======

    Start cmd.exe as administrator, type “netstat -nb”

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>