How I found hidden commands in Skype
Quite a while ago I compiled a list of Skype chat commands from the ones available in the Skype help as well as from various sources all across the Internet. Later on I got curious and decided to inspect Skype a bit more in depth and I was able to retrieve another list of hidden or mysterious Skype commands from the application.
I have been asked a few times how I did that and I thought maybe it would also be interesting for some who didn't ask and compiled a short step-by-step guide how I extracted the list of commands from Skype which were (at that time) documented or known nowhere else. Maybe it's also interesting and applicable to inspect other applications but I'll concentrate on Skype in this posting. The process is pretty much the same for most other applications.
Tools
For the analysis of Skype there are only two tools needed:
- Process Explorer - the #1 tool for working with all running processes on your Windows machine. Part of the excellent Sysinternals Suite written by Mark Russinovich. No installation required.
- Notepad++ or any other texteditor of your choice which can handle really large textfiles and search efficiently in them.
Analysis Steps
For a short summary that's a rough overview how I inspected Skype: loaded up Skype normally, dumped it's memory image (or better: string extract) with Process Explorer and did a manual search for command-like strings in the dump. The detailled process is as follows:
- start up Skype normally
- start up Process Explorer, confirm first-time dialogs etc. until you see the process overview
From Skype Memory Analysis - locate "Skype.exe" in the process list and double click it
- switch to the "Strings" tab in the occouring process window (could take a few seconds)
- select the "Memory" option on the left bottom of the window (could take again a few seconds to complete)
From Skype Memory Analysis - save the strings dump to a textfile via the "Save" button on the right bottom of the window
- load the resulting textfile in the text editor (Notepad++ in my case)
- search for one of the already well known commands (e.g. "/help")
From Skype Memory Analysis
Now you should be in a region of the file where several commands are visible. Looking for additional commands is merely a try&error of the strings around that location and observing possible effects. The same approach can be used for in-text replacements like smilies, flags or similar. From that on things get pretty inconvenient. Some of the commands or usable strings are clearly identifyable as such (like "/help") but not all of them are prepended with a "/". Examples for such are the flag-identifiers ( eg: (flag:uk) ) or the smilies. Looking for such strings in a file with more than 400k lines becomes pretty tedious after a while. But using some of the known strings as anchor points makes it a bit easier.
So, all in all that's how I approached the Skype app and found out about (up to that point) aparently unknown and undocumented commands, icons and shortcuts. Maybe I'll make a run again sometime and look if something as changed but for that there has to be a chunk of spare time available.