SkypeWebExploit - Web skype is vuln to other users editing and deleting your messages.

SkypeWebExploit – Web skype is vuln to other users editing and deleting your messages.

Badly written exploit for skype, it abuses web skype’s poor decision to leave message ids in the open, just inspect element and get them.
list of tools:
+ Conv.py can edit and remove messages in group chats
+ Skype.py can edit and remove messages in individual chats
+ kick.py is was able to kick users out of groups
Example usage:

To find the message id68747

Conv.py
Instead of username of the user you need the conversation ID which can easily be found via the web client. Simply send a message, look at http requests after “messages” and you will see a request to an URL looking like “307d64c7ccdaaaaaaaaaaaaaaeb6c9ca@thread.skype”

conv.py Script:

kick.py Script:

skype.py Script:

Source: https://github.com/wahpomf