 |
magicJack and MagicJack Plus Support, Reviews, FAQs and Hacks
magicJack and magicJack Plus Unofficial Technical Support. Your Magic Jack and Magic Jack Plus phone service information resource
|
|
| View previous topic :: View next topic |
| Author |
Message |
stroths
Dan isn't smart enough to hire me
Joined: 02 Apr 2008
Posts: 470
Location: Dallas, TX
|
 Posted: Tue Jan 06, 2009 11:28 pm Post subject: |
 |
|
| synchron wrote: | Excellent job, Stroths!
No bluescreens for me and I'm running 1.41 Only thing that doesn't work for me is running it as a service. I normally use Firedaemon and the service name is called 'FireDaemon Service: MagicJack' but it doesn't seem to take (assuming you use Start Program/Stop program buttons when in service mode. I changed the string name in the config. No biggie....
Synchron  |
The app is just issuing the dos command "net stop yourservicename" or "net start yourservicename". I haven't dealt with firedaemon in quite a while, so I am not sure how it does things. Are you able to issue the commands above from a command prompt to start/stop the firedaemon service?
Also, do the other apps in the suite kill the service when they are running?
_________________
Use a Thin Client w/MJ
My MJ Utilities Suite - SIP Grabber, Upgrader and More
Flash Memory Lifesaving Tips |
|
| Back to top |
|
 |
Google
AdSense
|
| Posted: Tue Jan 06, 2009 11:28 pm Post subject: Magicjack support, tips, tricks, and hacks |
|
|
|
|
| Back to top |
|
|
synchron
Dan isn't smart enough to hire me
Joined: 15 May 2008
Posts: 229
|
| Posted: Wed Jan 07, 2009 12:10 am Post subject: |
|
|
OK, I was using the Display name that you see in the Windows services.msc. With Firedaemon, the service name is still 'MagicJack' so that worked in your suite. Bear in mind there's a good 6 or so second delay. I'm not sure if it's Firedaemon or any windows net service. At any rate, might be worthwhile to pick up the response to the net command (service started successfully, service stopped successfully and msgbox that to show any delays in the servicing process).
Once again, great job!
Synchron |
|
| Back to top |
|
|
Predator04
MagicJack Newbie
Joined: 23 Dec 2008
Posts: 7
|
| Posted: Wed Jan 07, 2009 1:42 am Post subject: Re: v1.5 Updated |
|
|
| Becky wrote: | | stroths wrote: | If you are running any version 1.2 or above, you need to do a full upgrade. Completely remove the MagicJack_Utilities directory and start fresh to ensure no remnants are left over. I would rather be safe than sorry because I would hate for my code to cause any bluescreens. I think it might only be on certain systems under certain conditions since others haven't reported anything, but do a full upgrade just to be safe.
Changelog
1.5
- Added "Optional" section in config for future options
- Added MJUpgradeURL to Optional config section. Allows you to put in a different URL if you want to download a different upgrade.exe file
- Fixed a possible bug causing a bluescreen on one of my test environments. Might have just been my system, but upgrade just to be safe.
The optional upgrade URL does work, but MJ has put some workaround that causes the software to immediately upgrade to the new version upon first run. Previously, you could block the upgrade with a modification to the hosts file. The host we were blocking previously doesn't seem to have an effect now. If someone can figure out the host to block then we will be in business. |
um.I post a picture of the virus
then u delete the file right after.claim there was a problem with blue screen?
u got caught spreading malware.admin should remove this user before he infects more people. |
try using a antivirus that doesnt suck...
you might want to use a real av and check your system... here the info on that file..
http://www.virustotal.com/analisis/de5d3d1fbccd5695e8c149a72595ac9e |
|
| Back to top |
|
|
Adolf
MagicJack Newbie
Joined: 04 Jan 2009
Posts: 7
|
| Posted: Wed Jan 07, 2009 6:38 am Post subject: |
|
|
| Becky wrote: | i get this error trying to run your program.can someone help me make this work?thank you.
|
I smell a rat here from Ymax.
I am running McAfeee and I never got this, the file is clean and it works good.
So Lady or who ever you are tell Dan That is nothing you can do to stop this program.
ISAD
Last edited by Adolf on Wed Jan 07, 2009 8:07 am; edited 1 time in total |
|
| Back to top |
|
|
neo2121
Dan isn't smart enough to hire me
Joined: 09 Jan 2008
Posts: 279
|
| Posted: Wed Jan 07, 2009 7:46 am Post subject: |
|
|
| Well I guess that there always has to be someone that make stupid claims about programs that where written to benefit them. Thanks for your hard work on this, its going to save a lot of people sometime. Some people don't know how to appreciate a good thing or favors, and most likely don't even understand what to do with their info in the first place. its just ignorance its like the people that send me e-mails about cain & able giving then a false positive. |
|
| Back to top |
|
|
stroths
Dan isn't smart enough to hire me
Joined: 02 Apr 2008
Posts: 470
Location: Dallas, TX
|
| Posted: Wed Jan 07, 2009 8:11 am Post subject: |
|
|
Thanks for the support and I appreciate it. There are a lot of great people around here and I do my work for you all.
Regarding the virus accusation, Becky had a legitimate concern and had a right to voice it. I think the comment to ban me was a bit hasty, but keep in mind we've all jumped to conclusions in the past. Let's keep that in mind and welcome constructive posts. There are people out there trying to do nasty things with their code and they give all others a bad name.
_________________
Use a Thin Client w/MJ
My MJ Utilities Suite - SIP Grabber, Upgrader and More
Flash Memory Lifesaving Tips |
|
| Back to top |
|
|
Adolf
MagicJack Newbie
Joined: 04 Jan 2009
Posts: 7
|
| Posted: Wed Jan 07, 2009 8:20 am Post subject: |
|
|
Sorry I was referring to the Gunter guy on that post, I edited the post after that.
I do appreciate the work you do.
You are the greatest.
Thank you |
|
| Back to top |
|
|
MagicHack
Dan isn't smart enough to hire me
Joined: 12 Nov 2007
Posts: 241
|
| Posted: Wed Jan 07, 2009 10:02 am Post subject: |
|
|
| Adolf wrote: | | Becky wrote: | i get this error trying to run your program.can someone help me make this work?thank you.
|
I smell a rat here from Ymax.
I am running McAfeee and I never got this, the file is clean and it works good.
So Lady or who ever you are tell Dan That is nothing you can do to stop this program.
ISAD |
I seem to have missed a bit here...
From the thread, it appears as though at 12:58 am someone posted indicating that there was a virus in this exe.
At 3:42 am, the author removed his code. He stated that it caused blue screens. (Note: Having written software for the last couple of decades, I tend to think this statement is BS, since his program is doing nothing more than dumping a processes memory, then searching the dump file for some strings; though, this is just my opinion.)
With that said, if someone wants to post a mirror of the original zip file, I'd gladly analyze it.
I do tend to question the authors motives though. Is there a reason you posted this information publicly?
Take callerid spoofing for example. When Stewart originally posted about caller id spoofing, I decided to rewrite it to make it easier for people to use.
Caller id spoofing was fun while it lasted, but, eventually (I'm guessing thanks to this forum), magicJack caught on, and blocked us from being able to do that. In fact, I can probably come up with a good dozen things magicJack has done to prevent (or at least make harder) for us to do.
Posting information like this will surely catch magicJack's eye. Your method of searching for plain text passwords in process memory can easily be fixed by magicJack. All they need to do is ensure that the passwords are never stored in plain text in system memory - something that ALL companies should do in the first place. I'm guessing that they'll do that soon.
Also, it is possible for magicJack to determine if you are using the softphone or an ATA. 'Bogus' User-Agent strings is just one way for them to do this. The softphone not only deals with standard SIP. (As long as we're posting all of this information publicly for magicJack to read, here's how I would prevent ATA's if I were magicJack.) During the initialization of the magicJack, a few things happen:- A connection is made to one of the provisioning servers to retrieve your encrypted credentials.
- Standard SIP registration occurs
- Your softphone registers it's 911 location.
(I've actually dumbed this down a bit - there is a lot more that occurs, just showing enough to make my point.)
When you use an ATA, you just do step #2.
So, if magicJack wants to prohibit ATA use, they just need to do a couple of lookups in their database. If step #2 was done without step #1 or #3, ban account.
So, now that we've effectively put the nail in the coffin, what's the next big thing we want to help magicJack with? Perhaps you should publicly post how to add free international minutes to your account. magicJack would love to know that hole exists. |
|
| Back to top |
|
|
VaHam
Dan Should Pay Me
Joined: 13 Feb 2008
Posts: 838
|
| Posted: Wed Jan 07, 2009 10:48 am Post subject: Virus Scans |
|
|
I have scanned the following list of versions using AVG, MalWare and Norton all of which are up to date.
Versions:
1.0
1.1
1.1a
1.2
1.41
1.5
No problems were found in any of these versions. Yes I missed a couple of the update versions in there but I believe the most current version at the time of the posting reporting a virus was v1.41.
I do understand that making these things so easy; will allow many who otherwise would not be savvy enough to violate the MJ TOS to do so and may increase MJ's efforts to block this kind of activity. However I do think it would only be a matter of time before the holes are addressed anyway.
The best all around solution would be for MJ to honor it's word and make BYOD available.
I can say I have enough respect for strohs that even if I had detected virus (WHICH I DID NOT), I would simply felt he may have gotten infected and passed it on accidentally.
_________________
Sad Times Ahead for this Obamanation !!!! Psalms 109:8 |
|
| Back to top |
|
|
az2008
MagicJack Sensei
Joined: 20 Aug 2008
Posts: 1404
Location: Tempe, AZ
|
| Posted: Wed Jan 07, 2009 11:05 am Post subject: Re: Virus Scans |
|
|
| VaHam wrote: | | The best all around solution would be for MJ to honor it's word and make BYOD available. |
It seems like a Catch 22. Maybe if they weren't spending so much time plugging holes due to them being exploited by so many people, they'd have more time to do things like provide caller ID blocking (the absence of which caused so many people to use caller ID spoofing), or an ATA device.
IMO, making the info available (to take advantage of MJ's holes) isn't a big problem. It's always going to be available to some extent, even if it's just a few people PMing info to each other. Eventually it will get out far enough. It's inevitable. Might as well just get all the info out there.
The only downside I see is that it causes MJ to devote more resources to hardening their system. That's not entirely bad. But, it could contribute to delaying a Linux client, ATA device, etc.
Mark |
|
| Back to top |
|
|
elschus
MagicJack Newbie
Joined: 03 Jan 2009
Posts: 1
|
| Posted: Wed Jan 07, 2009 11:36 am Post subject: |
|
|
Thank you, Stroths. This is great stuff. Is there any chance of you posting the source? I don't want to sound unappreciative, and from what I read I am confident you would not do anything unsavory. And I'm not concerned about viruses, as a scan with a quality AV program is enough validation for me.
However, I think there is a bigger issue with software like this (similiarly pm.exe at http://magicjackhacks.com/) because I am allowing it to read my magicjack account information. In general (again, this isn't aimed at you specifically), it would be really easy to have an extra subroutine that sends that account information to a web form or e-mail address. Suddenly, the software author has control of a few hundred accounts. Now, the time is unlimited, so free phone calls aren't really an issue, but the potential for other kinds of abuse is there. I don't know all the possibilities, as I'm new to VOIP, but could a second softphone "pick up the line" as an extension and listen? At the very least, the second softphone could answer calls to that number.
So while I appreciate your contribution, and I understand your desire to protect your IP, I ask you to at least consider releasing the source as a way to protect the magicjack community. |
|
| Back to top |
|
|
stroths
Dan isn't smart enough to hire me
Joined: 02 Apr 2008
Posts: 470
Location: Dallas, TX
|
| Posted: Wed Jan 07, 2009 12:13 pm Post subject: |
|
|
Wanted to give you all an update. The issues I described with my last release were real, but I wasn't sure if they would affect many (if any) people, because it might have been related to my test system. It was an older machine with an early version of XP that had not been updated with any of the service packs or updates. I planned on making the update within a few days with a few other goodies, but an issue came up that prompted me to post the update sooner than I intended and remove my 1.4.1 version. Turns out that I provided the mysipinfo.txt file with my data in the 1.4.1 update by accident.
While I believe that 99.5% of this community wouldn't take advantage of that, I know that there are some that would. I couldn't publicly announce that at the time until I could fix it. Quite honestly, I didn't plan on mentioning it at all except for the whole virus accusation. I do a lot for the community here and didn't want my good name smeared. That SIP information is no longer any good, so I don't have any issue divulging that info now.
On a related note, someone did realize that I included that SIp info and tried to gain access to my.magicjack.com. It saddens me that someone would do that after I try to help the community. Regardless, I will not let the actions of a small minority stop me from continuing to contribute here.
_________________
Use a Thin Client w/MJ
My MJ Utilities Suite - SIP Grabber, Upgrader and More
Flash Memory Lifesaving Tips |
|
| Back to top |
|
|
stroths
Dan isn't smart enough to hire me
Joined: 02 Apr 2008
Posts: 470
Location: Dallas, TX
|
| Posted: Wed Jan 07, 2009 12:17 pm Post subject: |
|
|
| elschus wrote: | Thank you, Stroths. This is great stuff. Is there any chance of you posting the source? I don't want to sound unappreciative, and from what I read I am confident you would not do anything unsavory. And I'm not concerned about viruses, as a scan with a quality AV program is enough validation for me.
However, I think there is a bigger issue with software like this (similiarly pm.exe at http://magicjackhacks.com/) because I am allowing it to read my magicjack account information. In general (again, this isn't aimed at you specifically), it would be really easy to have an extra subroutine that sends that account information to a web form or e-mail address. Suddenly, the software author has control of a few hundred accounts. Now, the time is unlimited, so free phone calls aren't really an issue, but the potential for other kinds of abuse is there. I don't know all the possibilities, as I'm new to VOIP, but could a second softphone "pick up the line" as an extension and listen? At the very least, the second softphone could answer calls to that number.
So while I appreciate your contribution, and I understand your desire to protect your IP, I ask you to at least consider releasing the source as a way to protect the magicjack community. |
You have a good point and while I agree, I don't necessarily want MJ to know exactly what I am doing specifically so they can't make a small change here or there to circumvent it. However, I will agree to a compromise to ease anyone's mind. I am willing to release my code to a select few here that I have worked with in the past to show I am not trying to do anything like that. I would trust this information to people like HolmanGT, VaHam and Trebuin. These are respected members of this community and I think they would be good choices.
Let me know what you all think.
_________________
Use a Thin Client w/MJ
My MJ Utilities Suite - SIP Grabber, Upgrader and More
Flash Memory Lifesaving Tips |
|
| Back to top |
|
|
Predator04
MagicJack Newbie
Joined: 23 Dec 2008
Posts: 7
|
| Posted: Wed Jan 07, 2009 12:28 pm Post subject: |
|
|
| stroths wrote: | Wanted to give you all an update. The issues I described with my last release were real, but I wasn't sure if they would affect many (if any) people, because it might have been related to my test system. It was an older machine with an early version of XP that had not been updated with any of the service packs or updates. I planned on making the update within a few days with a few other goodies, but an issue came up that prompted me to post the update sooner than I intended and remove my 1.4.1 version. Turns out that I provided the mysipinfo.txt file with my data in the 1.4.1 update by accident.
While I believe that 99.5% of this community wouldn't take advantage of that, I know that there are some that would. I couldn't publicly announce that at the time until I could fix it. Quite honestly, I didn't plan on mentioning it at all except for the whole virus accusation. I do a lot for the community here and didn't want my good name smeared. That SIP information is no longer any good, so I don't have any issue divulging that info now.
On a related note, someone did realize that I included that SIp info and tried to gain access to my.magicjack.com. It saddens me that someone would do that after I try to help the community. Regardless, I will not let the actions of a small minority stop me from continuing to contribute here. |
man thats fucked. i am the one who contacted you about this telling you that you have included mysipinfo.txt. so all these ppl thinking there was a virus your wrong. look at this link if you think there is a virus http://www.virustotal.com/analisis/de5d3d1fbccd5695e8c149a72595ac9e
that really pisses me off that someone could take your info like that after you release a program for everyone else. if i were you i would STOP this project asap or not stop it just not release any more updates to the public.
and also what pisses me off is that everyone is accusing you of trying to send them a virus. if you guys are worried please dont download and dont bother commenting. another thing that kinda pisses me off is that i found the info first but im not a total jackass and called him up and told him that he did release his info. |
|
| Back to top |
|
|
Predator04
MagicJack Newbie
Joined: 23 Dec 2008
Posts: 7
|
| Posted: Wed Jan 07, 2009 12:31 pm Post subject: |
|
|
| stroths wrote: | | elschus wrote: | Thank you, Stroths. This is great stuff. Is there any chance of you posting the source? I don't want to sound unappreciative, and from what I read I am confident you would not do anything unsavory. And I'm not concerned about viruses, as a scan with a quality AV program is enough validation for me.
However, I think there is a bigger issue with software like this (similiarly pm.exe at http://magicjackhacks.com/) because I am allowing it to read my magicjack account information. In general (again, this isn't aimed at you specifically), it would be really easy to have an extra subroutine that sends that account information to a web form or e-mail address. Suddenly, the software author has control of a few hundred accounts. Now, the time is unlimited, so free phone calls aren't really an issue, but the potential for other kinds of abuse is there. I don't know all the possibilities, as I'm new to VOIP, but could a second softphone "pick up the line" as an extension and listen? At the very least, the second softphone could answer calls to that number.
So while I appreciate your contribution, and I understand your desire to protect your IP, I ask you to at least consider releasing the source as a way to protect the magicjack community. |
You have a good point and while I agree, I don't necessarily want MJ to know exactly what I am doing specifically so they can't make a small change here or there to circumvent it. However, I will agree to a compromise to ease anyone's mind. I am willing to release my code to a select few here that I have worked with in the past to show I am not trying to do anything like that. I would trust this information to people like HolmanGT, VaHam and Trebuin. These are respected members of this community and I think they would be good choices.
Let me know what you all think. |
Dont release the code. theres no need to. your program works end of story. if they think ur trying to steal their info they dont need to download it. im surprised you would still continue your work after all this. i know you want to help but when the ppl come and take ur info that's when you have to say thats enuf. think about it
edit* since you still have the physical mj you should be able to get your account back. check with mj live chat. if you want do it i can try for you
Last edited by Predator04 on Wed Jan 07, 2009 2:18 pm; edited 1 time in total |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
