PC Ekspert Forum - Skype cita tvoj BIOS i serijski broj maticne ploce??!!

PC Ekspert Forum (https://forum.pcekspert.com/index.php)

- Streaming/online servisi, linkovi i ostale zanimljivosti (https://forum.pcekspert.com/forumdisplay.php?f=18)

- - Skype cita tvoj BIOS i serijski broj maticne ploce??!! (https://forum.pcekspert.com/showthread.php?t=60266)

Skype cita tvoj BIOS i serijski broj maticne ploce??!!

Citiraj:

Users of Skype that run 64-bit versions of Windows like me probably have noticed that when starting Skype, the following dialog box appears:

The program or feature “\??\C:\Documents and Settings\Kejt\Local Settings\Temp\12\1.com” cannot start or run due to incompatibility with 64-bit versions of Windows. Please contact the software vendor to ask if a 64-bit Windows compatible version is available.

Well, that’s weird. Skype’s trying to run a .com file, which won’t work on Win64 because there’s no NTVDM. Let’s try opening it in Hex Workshop. Access denied? OK, I’ll terminate Skype to read it. Still can’t?! This thing is really starting to annoy me. I’ll use WinDbg to terminate winlogon.exe to force a kernel panic. I reboot and NOW I can read the damn file.

An unreadable executable file coming from Skype sounds interesting, so I look at it. It’s 46 bytes long. For copyright reasons I can’t post the file or a complete disassembly. However, I can describe the program in terms of 16-bit DOS C:

int main(void)
{
fwrite((const void far*) 0xF0000000, 1, 0xFFFF, stdout);
fwrite((const void far*) 0xF000FFFF, 1, 1, stdout);
return 0;
}

It’s dumping your system BIOS, which usually includes your motherboard’s serial number, and pipes it to the Skype application. I have no idea what they’re using it for, or whether they send anything to their servers, but I bet whatever they’re doing is no good given their track record.

In 32-bit Windows NT, including Vista, the kernel permits NTVDM to make a read-only mapping of the BIOS at address 000F0000. This allows DOS programs running under NTVDM to make use of the BIOS. That’s how this 46-byte program is capable of sending the BIOS to the Skype application, and also explains why they use this mechanism to begin with.

If they hadn’t been ignorant of Win64’s lack of NTVDM, nobody would’ve noticed this happening.

u prevodu znaci da vam remotely flashuju bios i sje*u komp:grrr:

Ne, pročitaj još jednom pažljivije.

Kolko sam ja skužio, samo pročita...

Samo prima (ili odašilje, ovisno kako se gleda) podatke, ne može u oba smjera djelovat...

rofl remotly flashaju bios pa odakle si ti to izvuko. kaj se mene tice nek izvuku i broj mog mobitela ako ga nadju kaj ce im moj bios information, zaboli me, nemoze nastetit, nek si ga znaju :D

ionak nemam floppy-a, pa ako Skajpe slušaš, molim te flešaj mi najnoviji BIOS :p

Već vidim novu foru, hebo win flash i ostale utlitye, flashajte BIOS dok telefonirate...

Citiraj:

Autor tor (Post 645012)

Već vidim novu foru, hebo win flash i ostale utlitye, flashajte BIOS dok telefonirate...

"Please leave your message after the BIOS flash...FLASH!" :D

Citiraj:

Autor Swarm dude (Post 645024)

"Please leave your message after the BIOS flash...FLASH!" :D

LOL, do-bra, do-bra...:D

afaik, biznis verzija (.msi paket) nema tih problema...

ja nerazumijem zasto uopce treba ocitavati bios... tako da je po meni to onako malo debilan potez od skype-a.