Skype Android app analysis

Skype is an app that offers video chat and voice call services. The application's data is stored under the /data/data folder, with the package name com.skype.raider. The following are some important artifacts that can be extracted by analyzing the Skype app:

  • Username and IP address: The shared.xml file present under the following path contains information about the username and the last IP address that connected to Skype:
    • Path: /data/data/com.skype.raider/files/shared.xml
  • Profile picture: The user's profile picture is present in the /thumbnails directory, whose path is as follows:
    • Path: /data/data/com.skype.raider/files/<username>/thumbnails/
  • Call logs: Information about call logs made from Skype is available in the main.db file. Analyzing this file gives us a lot of information:
    • Path: /data/data/com.skype.raider/files/<username>/main.db/.
    • For example, the duration table provides information about call duration, the start_timestamp field gives the start time of a call, and the creation_timestamp field indicates when the call is initiated (this includes unanswered calls). The type column indicates whether the call was incoming (value= 1) or outgoing (value= 2).
  • Chat messages: The messages table present in the main.db file contains all the chat messages. The author and from_dispname columns provide information about who wrote the message. The timestamp column shows the date/time of the message. The body_xml column contains the content of the message:
    • Path: /data/data/com.skype.raider/files/<username>/main.db/
  • Files transferred: The Transfers table contains information about transferred files, such as the filename, the size of the file, and their location on the device:
    • Path: /data/data/com.skype.raider/files/<username>/main.db/.
    • The actual images or files that are received will be stored on an SD card. If a file is downloaded, it will be in the Downloads folder in the root of the SD.
  • Group chats: The ChatMembers table shows a list of users who are present in a particular chat. The adder column shows the user who initiated the conversation:
    • Path: /data/data/com.skype.raider/files/<username>/main.db/

Now, we will perform an analysis on the Gmail application.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
13.59.236.219