magicJack  and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index

magicJack and magicJack Plus Support, Reviews, FAQs and Hacks


magicJack and magicJack Plus Unofficial Technical Support. Your Magic Jack and Magic Jack Plus phone service information resource
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Running the "Jack" as the UTSCSI service



 
Post new topic   Reply to topic    magicJack and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index -> magicJack Tips, Tricks, and Hacks
View previous topic :: View next topic  
Author Message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Fri Jan 25, 2008 11:14 am    Post subject: Running the "Jack" as the UTSCSI service Reply with quote

This is a spin on running the MJ as a service. Instead of creating a new service to run MJ, we use the already installed UTSCSI, assuming of course that you don't care to have UTSCSI running on your machine.

I will assume you are up to speed on installing MJ as a service.

Open the registry editor, and then open "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UTSCSI"

Create a new key and name it "Parameters". Now open key "Parameters" and add the string value "Application". Sound familiar? The string value is the fully qualified path to the binary you wish to launch. Existing MJ service, if installed should be disabled.

Now, change the log on value for the service from the system account to the user account you wish to run MJ under. Delete "UTSCSI.EXE" from "x:\WINDOWS\System32" and replace it with "srvany.exe" and renamed to "UTSCSI.EXE"

So where I am going with this? You could also use this instead to launch a spoofing script/exe or anything else you desire.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
testing123
Dan Should Pay Me


Joined: 13 Nov 2007
Posts: 703

PostPosted: Sat Jan 26, 2008 12:28 pm    Post subject: Re: Running the "Jack" as the UTSCSI service Reply with quote

mufon wrote:
This is a spin on running the MJ as a service. Instead of creating a new service to run MJ, we use the already installed UTSCSI, assuming of course that you don't care to have UTSCSI running on your machine.

I will assume you are up to speed on installing MJ as a service.

Open the registry editor, and then open "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UTSCSI"

Create a new key and name it "Parameters". Now open key "Parameters" and add the string value "Application". Sound familiar? The string value is the fully qualified path to the binary you wish to launch. Existing MJ service, if installed should be disabled.

Now, change the log on value for the service from the system account to the user account you wish to run MJ under. Delete "UTSCSI.EXE" from "x:\WINDOWS\System32" and replace it with "srvany.exe" and renamed to "UTSCSI.EXE"

So where I am going with this? You could also use this instead to launch a spoofing script/exe or anything else you desire.


Interesting technique -- kills two birds w/ one stone: gets rid of UTSCI & sets up the service.

Not bad ... newbie ... Laughing
Back to top
View user's profile Send private message Visit poster's website
HolmanGT
MagicJack Sensei


Joined: 08 Jan 2008
Posts: 1127
Location: Saint George, UT

PostPosted: Sat Jan 26, 2008 10:23 pm    Post subject: Reply with quote

mufon,

Ya-But !

Anything I change in my MJ setup sooner or later (mostly sooner) gets overwritten by MagicJack. I don't exactly know what goes on with MJ but I think it tends to overwrite everything in an effort to keep the resident code portable and fresh/updated.

By that I mean if you come in behind someone that has already rung MJ on that machine it rebuilds everything from the ground up. I had deleted everything pertaining to UTSCI.EXE including the file itself and per it's name Magically the whole damn thing reappeared.

It is actually a good feature unless you want to do something a little different than MJ wants you to do. Sneaky little sucker!

PS - I just had to add this little tid-bit, your can format you magicJack and magically that will all reappear also, you can't even kill it. It has to be the first toy I have ever owned that I can't even break. And by the way I am a master at breaking stuff.
Back to top
View user's profile Send private message
SpamBox
Dan isn't smart enough to hire me


Joined: 14 Dec 2007
Posts: 417
Location: Rocky Mountains Front Range

PostPosted: Sun Jan 27, 2008 6:28 pm    Post subject: Re: Running the "Jack" as the UTSCSI service Reply with quote

mufon wrote:
We are currently accepting donated aluminum foil to help alleviate the shortage in Stephenville Texas.

At first I was like "What the...?"
But just read about the UFO sighting! That's crazy!
And your sig is funny! Laughing
Back to top
View user's profile Send private message
laserjobs
Dan Should Pay Me


Joined: 12 Nov 2007
Posts: 670

PostPosted: Sun Jan 27, 2008 6:57 pm    Post subject: Reply with quote

Change UTSCSI to read-only
Back to top
View user's profile Send private message
HolmanGT
MagicJack Sensei


Joined: 08 Jan 2008
Posts: 1127
Location: Saint George, UT

PostPosted: Sun Jan 27, 2008 7:10 pm    Post subject: Reply with quote

laserjobs,

I am embarrassed that I didn't think of that. Embarassed Have you tried it, read only? The reason I ask is if there is one think that MJ does very well it is rebuild itself and thwart any attempts I have made to fool it (but I haven't tried read only - YET).


[Edit] Does anyone know what UTSCSI is. I searched it and about the best answer I could find is some flash drive installs it but no one seem to know why or what it does. I assume that some portion of the MJ drive installs it, but I know MJ will run just fine without it or at least until it reinstall it - whatever the hell "IT" is.
Back to top
View user's profile Send private message
kumar
Dan Should Pay Me


Joined: 15 Nov 2007
Posts: 806

PostPosted: Sun Jan 27, 2008 7:22 pm    Post subject: Reply with quote

What does it mean to run it as a UTSCSI. What are the pluses?
Thanks
Kumar
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger
HolmanGT
MagicJack Sensei


Joined: 08 Jan 2008
Posts: 1127
Location: Saint George, UT

PostPosted: Sun Jan 27, 2008 7:35 pm    Post subject: Reply with quote

kumar,

And in addition to your question what happens if you don't run UTSCSI because you have a fake running?

So many questions and so many phone calls to make before someone wises up to the fact that MagicJack is giving away free long distance phone calls and goes after them with a vengeance, someone like AT&T who makes a lot of money SELLING the same service.
Back to top
View user's profile Send private message
kumar
Dan Should Pay Me


Joined: 15 Nov 2007
Posts: 806

PostPosted: Sun Jan 27, 2008 7:41 pm    Post subject: Reply with quote

HolmanGT wrote:
kumar,

And in addition to your question what happens if you don't run UTSCSI because you have a fake running?

So many questions and so many phone calls to make before someone wises up to the fact that MagicJack is giving away free long distance phone calls and goes after them with a vengeance, someone like AT&T who makes a lot of money SELLING the same service.


But what is UTSCSI?
Kumar
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger
HolmanGT
MagicJack Sensei


Joined: 08 Jan 2008
Posts: 1127
Location: Saint George, UT

PostPosted: Sun Jan 27, 2008 7:45 pm    Post subject: Reply with quote

kumar,

I Googled that program until I was numb reading people say "beats the hell out of us". I could not find any article that claimed to know what it is only some claims that it is installed by some flash drives.
Back to top
View user's profile Send private message
laserjobs
Dan Should Pay Me


Joined: 12 Nov 2007
Posts: 670

PostPosted: Sun Jan 27, 2008 7:54 pm    Post subject: Reply with quote

You don't need UTSCSI running but since MJ installs it, mufon pointed out why not use it to run MJ as a service. Thanks mufon!!!
Back to top
View user's profile Send private message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Tue Jan 29, 2008 11:08 pm    Post subject: Reply with quote

UTSCSI is a rootkit. It runs in a highly privileged account. In and of itself, it does nothing. It allows unprivileged accounts to execute procedures through it. Its like an invisible administrator sitting at your console doing what ever you ask it to do. You can tame your MJ by disabling it.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
LikeMagic
Dan Should Pay Me


Joined: 01 Jan 2008
Posts: 613
Location: LikeMagic Pacific NW

PostPosted: Tue Jan 29, 2008 11:16 pm    Post subject: Reply with quote

mufon wrote:
UTSCSI is a rootkit. It runs in a highly privileged account. In and of itself, it does nothing. It allows unprivileged accounts to execute procedures through it. Its like an invisible administrator sitting at your console doing what ever you ask it to do. You can tame your MJ by disabling it.


Where did you find the info for UTSCSI? That's very fascinating. This could open the door to all kinds of hack attack Smile

So why does MagicJack need the UTSCSI service?
Back to top
View user's profile Send private message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Tue Jan 29, 2008 11:38 pm    Post subject: Reply with quote

LikeMagic wrote:
mufon wrote:
UTSCSI is a rootkit. It runs in a highly privileged account. In and of itself, it does nothing. It allows unprivileged accounts to execute procedures through it. Its like an invisible administrator sitting at your console doing what ever you ask it to do. You can tame your MJ by disabling it.


Where did you find the info for UTSCSI? That's very fascinating. This could open the door to all kinds of hack attack Smile

So why does MagicJack need the UTSCSI service?


It does three things for magicJack. It lets them get by with writing crappy insecure code. It minimizes their need to support their product. It let's them do whatever else they want, since they have they ability to use your computer. It is actually a powerful little devil as it appears it can use a scsi channel to run as a device driver thereby "flying under the radar" and bypassing any auditing since a scsi channel is unmonitored as far as data passage, hence the reason no one seems to know what it does. Suffice to say, it is a rootkit, and a very effective one at that.

Sony tried this a couple of years ago, and it made headlines.


Last edited by mufon on Wed Jan 30, 2008 12:00 am; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
LikeMagic
Dan Should Pay Me


Joined: 01 Jan 2008
Posts: 613
Location: LikeMagic Pacific NW

PostPosted: Tue Jan 29, 2008 11:59 pm    Post subject: Reply with quote

But MagicJack can function without UTSCSI service. What are we missing if UTSCSI service is disabled?
Back to top
View user's profile Send private message
testing123
Dan Should Pay Me


Joined: 13 Nov 2007
Posts: 703

PostPosted: Tue Jan 29, 2008 11:59 pm    Post subject: Reply with quote

Now THIS is a thread that needs to be STICKIED ... (twilight zone music playing in the background).
Very interesting mufon

mufon wrote:
LikeMagic wrote:
mufon wrote:
UTSCSI is a rootkit. It runs in a highly privileged account. In and of itself, it does nothing. It allows unprivileged accounts to execute procedures through it. Its like an invisible administrator sitting at your console doing what ever you ask it to do. You can tame your MJ by disabling it.


Where did you find the info for UTSCSI? That's very fascinating. This could open the door to all kinds of hack attack Smile

So why does MagicJack need the UTSCSI service?


It does three things for magicJack. It lets them get by with writing crappy insecure code. It minimizes their need to support their product. It let's them do whatever else they want, since they have they ability to use your computer. It is actually a powerful little devil as it appears it can use a scsi channel to run as a device driver thereby "flying under the radar" and bypassing any auditing, the reason no one seems to know what it does. Suffice to say, it is a rootkit, and a very effective one at that.

Sony tried this a couple of years ago, and it made headlines.
Back to top
View user's profile Send private message Visit poster's website
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Wed Jan 30, 2008 12:01 am    Post subject: Reply with quote

LikeMagic wrote:
But MagicJack can function without UTSCSI service. What are we missing if UTSCSI service is disabled?


I am not missing a thing
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
scook587
magicJack Apprentice


Joined: 03 Jan 2008
Posts: 22
Location: Covington, Ga.

PostPosted: Wed Jan 30, 2008 12:06 am    Post subject: Reply with quote

utscsi is what i have to kill in order to speed up my cd burner on my circa 1999 hardware running xp pro.
Back to top
View user's profile Send private message
LikeMagic
Dan Should Pay Me


Joined: 01 Jan 2008
Posts: 613
Location: LikeMagic Pacific NW

PostPosted: Wed Jan 30, 2008 12:06 am    Post subject: Reply with quote

mufon wrote:
LikeMagic wrote:
But MagicJack can function without UTSCSI service. What are we missing if UTSCSI service is disabled?


I am not missing a thing


Neither am I. I disabled UTSCSI service and my MJ service is still kicking butt Smile
Back to top
View user's profile Send private message
scook587
magicJack Apprentice


Joined: 03 Jan 2008
Posts: 22
Location: Covington, Ga.

PostPosted: Wed Jan 30, 2008 12:09 am    Post subject: Reply with quote

how do you disable vs. kill utscsi.
Back to top
View user's profile Send private message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Wed Jan 30, 2008 12:12 am    Post subject: Reply with quote

scook587 wrote:
utscsi is what i have to kill in order to speed up my cd burner on my circa 1999 hardware running xp pro.


This is not suprising, the UTSCSI service generates a buttload of useless interrupts.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
LikeMagic
Dan Should Pay Me


Joined: 01 Jan 2008
Posts: 613
Location: LikeMagic Pacific NW

PostPosted: Wed Jan 30, 2008 12:16 am    Post subject: Reply with quote

scook587 wrote:
how do you disable vs. kill utscsi.


- Right-Click "My Computer", select "Manage"
- Click on "+" sign of "Service and Application" to see sub list
- Click on "Services", a list of all Windows services will be displayed on the right windows
- Locate service called CLCV0 and double click on it
- Properties of CLCV0 will be opened,
- Click "Stop", wait for service to be stopped
- then in "Startup type", select "Disable" then press OK
Back to top
View user's profile Send private message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Wed Jan 30, 2008 12:22 am    Post subject: Reply with quote

LikeMagic wrote:
scook587 wrote:
how do you disable vs. kill utscsi.


- Right-Click "My Computer", select "Manage"
- Click on "+" sign of "Service and Application" to see sub list
- Click on "Services", a list of all Windows services will be displayed on the right windows
- Locate service called CLCV0 and double click on it
- Properties of CLCV0 will be opened,
- Click "Stop", wait for service to be stopped
- then in "Startup type", select "Disable" then press OK


You will also need to edit the registry and dissallow "change value" and "delete" permissions on the appropriate key, else it will re-enable itself just like a virus or rootkit can.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
scook587
magicJack Apprentice


Joined: 03 Jan 2008
Posts: 22
Location: Covington, Ga.

PostPosted: Wed Jan 30, 2008 12:28 am    Post subject: Reply with quote

so are you saying it would restart after a boot?
are there any possible negative effects with it disabled?
Back to top
View user's profile Send private message
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Wed Jan 30, 2008 12:30 am    Post subject: Reply with quote

scook587 wrote:
so are you saying it would restart after a boot?
are there any possible negative effects with it disabled?


It depends on what you call negative. If you are running in a reduced-privelage account, as we all know we should do, then you may need to tweak some permissions. UTSCSI eliminates the need, because it allows MJ software to run highly privileged regardless of the assigned user account. There are many benefits to running without UTSCSI, I won't elaborate now, but it has to do with running software the way you want to run it. On the other hand, if you think running a rootkit is a good thing and you trust Dan and the boyz...
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
scook587
magicJack Apprentice


Joined: 03 Jan 2008
Posts: 22
Location: Covington, Ga.

PostPosted: Wed Jan 30, 2008 12:39 am    Post subject: Reply with quote

very interesting, i only have one user account (mine). thanks for the info.
Back to top
View user's profile Send private message
msjfb
MagicJack Newbie


Joined: 04 Feb 2008
Posts: 3

PostPosted: Fri Feb 08, 2008 1:12 pm    Post subject: Reply with quote

mufon wrote:
LikeMagic wrote:
scook587 wrote:
how do you disable vs. kill utscsi.


- Right-Click "My Computer", select "Manage"
- Click on "+" sign of "Service and Application" to see sub list
- Click on "Services", a list of all Windows services will be displayed on the right windows
- Locate service called CLCV0 and double click on it
- Properties of CLCV0 will be opened,
- Click "Stop", wait for service to be stopped
- then in "Startup type", select "Disable" then press OK


You will also need to edit the registry and dissallow "change value" and "delete" permissions on the appropriate key, else it will re-enable itself just like a virus or rootkit can.


Could you elaborate on which keys (There aer about 6-7 entries for UTSCSI), and what users should be limited in their permissions?
I have MJ running on a server, and I do not like this rootkit business. I have disabled the Service, but I would like to have it stay like that, even if the Server is rebooted, or if MJ re-installs itself.

Thanks
Back to top
View user's profile Send private message
XD45
magicJack Apprentice


Joined: 07 Feb 2008
Posts: 13

PostPosted: Sat Feb 09, 2008 2:26 am    Post subject: Re: Running the "Jack" as the UTSCSI service Reply with quote

SpamBox wrote:
mufon wrote:
We are currently accepting donated aluminum foil to help alleviate the shortage in Stephenville Texas.

At first I was like "What the...?"
But just read about the UFO sighting! That's crazy!
And your sig is funny! Laughing

hence, mufon's username! Wink
MUFON
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    magicJack and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index -> magicJack Tips, Tricks, and Hacks All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB Turbo Extended Edition © 2010, phpBB Group