Unofficial magicJack Forum

Unofficial magicJack Forum

Your Unofficial magicJack and magicJack Plus phone service information resource
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
MJ SIP Password Changed
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Unofficial magicJack Forum -> magicJack Tips, Tricks, and Hacks
View previous topic :: View next topic  
Author Message
manachinu
magicJack Apprentice


Joined: 17 Oct 2008
Posts: 29

PostPosted: Mon Dec 29, 2008 9:59 am    Post subject: MJ SIP Password Changed

Today i noticed my MJ wasnt able to connect using Softphone or ATA . Decided to take a new dump and noticed MJ Password was changes.

Anyone with similar issue ?
Back to top
View user's profile Send private message
mrjlturner
MagicJack Newbie


Joined: 10 Jun 2008
Posts: 7

PostPosted: Mon Dec 29, 2008 10:32 am    Post subject: Re: MJ SIP Password Changed

Same issue..but I can't even find the password in my dump file...this stinks! What was the field name that you found yours under?

manachinu wrote:
Today i noticed my MJ wasnt able to connect using Softphone or ATA . Decided to take a new dump and noticed MJ Password was changes.

Anyone with similar issue ?
Back to top
View user's profile Send private message
mrjlturner
MagicJack Newbie


Joined: 10 Jun 2008
Posts: 7

PostPosted: Mon Dec 29, 2008 10:48 am    Post subject: Re: MJ SIP Password Changed

Found another post with the same issues...The latest update blocks the SIP credentials from being seen in the dump file...unless you are sneaky...

mrjlturner wrote:
Same issue..but I can't even find the password in my dump file...this stinks! What was the field name that you found yours under?

manachinu wrote:
Today i noticed my MJ wasnt able to connect using Softphone or ATA . Decided to take a new dump and noticed MJ Password was changes.

Anyone with similar issue ?
Back to top
View user's profile Send private message
kumar
Dan Should Pay Me


Joined: 15 Nov 2007
Posts: 806

PostPosted: Mon Dec 29, 2008 11:06 am    Post subject:

Im gonna try to revert and dump it...


Kumar
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger
kumeil
MagicJack Newbie


Joined: 29 Dec 2008
Posts: 2

PostPosted: Mon Dec 29, 2008 1:24 pm    Post subject: Re: MJ SIP Password Changed

What did you use to capture that dump? I tried Windows Vista and got the Dump, but it doesn't have any information anymore. Any help would be appreciated.
Back to top
View user's profile Send private message
Sherwin Williams
magicJack Apprentice


Joined: 23 Dec 2008
Posts: 24

PostPosted: Mon Dec 29, 2008 2:22 pm    Post subject: Re: MJ SIP Password Changed

mrjlturner wrote:
Found another post with the same issues...The latest update blocks the SIP credentials from being seen in the dump file...unless you are sneaky...


The SIP password is still in the dump file. No need to be sneaky.

Start your softphone, when you see "ready to call", do your pmdump.

Password is in there. 20 ASCII characters long.
Back to top
View user's profile Send private message
pagemen
Dan isn't smart enough to hire me


Joined: 15 Dec 2008
Posts: 128

PostPosted: Mon Dec 29, 2008 3:07 pm    Post subject:

so this might be a coincident...

my PAP2 can't register yesterday night, wasn't aware of the credential issue so I do a factory reset and set everything up again--MJ started working after that, with old password...
Back to top
View user's profile Send private message
propizza
MagicJack User


Joined: 28 Jan 2008
Posts: 46

PostPosted: Mon Dec 29, 2008 3:33 pm    Post subject:

I had a new pass on one mj and the same on my other
Back to top
View user's profile Send private message
pagemen
Dan isn't smart enough to hire me


Joined: 15 Dec 2008
Posts: 128

PostPosted: Mon Dec 29, 2008 3:39 pm    Post subject:

just run pmdump again, same password...anyway, i guess all users will get a new password, just a matter of time.
Back to top
View user's profile Send private message
konnan
MagicJack Newbie


Joined: 04 Dec 2008
Posts: 6

PostPosted: Mon Dec 29, 2008 6:05 pm    Post subject:

Same issue , but i redump it again, and suprise New password, same proxyuri... so MJ it now working in my ata...
Back to top
View user's profile Send private message
synchron
Dan isn't smart enough to hire me


Joined: 15 May 2008
Posts: 230

PostPosted: Mon Dec 29, 2008 6:28 pm    Post subject:

Ditto for me - got a new password - Oddly enough lot's of O's and 0's so it took a few tries to authenticate. Wondering if besides it being 20 characters they're making it harder although any ASCII chart will tell you the difference between O vs 0.

Synchron Cool
Back to top
View user's profile Send private message
konnan
MagicJack Newbie


Joined: 04 Dec 2008
Posts: 6

PostPosted: Mon Dec 29, 2008 6:48 pm    Post subject:

Sychron: I resolved that issue by open the dump with notepad and just make a copy paste...
Back to top
View user's profile Send private message
synchron
Dan isn't smart enough to hire me


Joined: 15 May 2008
Posts: 230

PostPosted: Mon Dec 29, 2008 7:06 pm    Post subject:

Cut/paste does not work for me. The process allows me to enter 20 characters but wants me to manually type it twice (like many webforms when wanting to authenticate someone).

Synchron Cool
Back to top
View user's profile Send private message
gooney
Dan isn't smart enough to hire me


Joined: 09 Feb 2008
Posts: 382
Location: Salt Lake City, Utah

PostPosted: Mon Dec 29, 2008 7:14 pm    Post subject:

Download this hex editor to view your dump... loads faster than wordpad and notepad... its fast and its free.

Hex Edit Free 2.5F

http://www.download.com/Hex-Edit-Free/3000-2352_4-10046060.html?tag=mncol
Back to top
View user's profile Send private message
jamoke
MagicJack Newbie


Joined: 29 Dec 2008
Posts: 9

PostPosted: Mon Dec 29, 2008 7:57 pm    Post subject: Pmdump Issue?

I've been able to retrieve my credentials in the past using pmdump. However, when I run the app, it seems to exit the dump quickly, leaving a file size of about 79MB. Am I doing something wrong? I can't find the proper string that contained my password as I have in the past. Is there a relationship of when I start the dump and placing a call?
Back to top
View user's profile Send private message
angel-78
magicJack Apprentice


Joined: 02 Jul 2008
Posts: 28
Location: SAN DIEGO

PostPosted: Mon Dec 29, 2008 8:02 pm    Post subject:

I use textpad and it worked fine. I also got a new password. I don't know if anyone noticed but they also changed the User-Agent.
Back to top
View user's profile Send private message MSN Messenger
Taken83oveR
Dan isn't smart enough to hire me


Joined: 11 Jun 2008
Posts: 119

PostPosted: Mon Dec 29, 2008 8:27 pm    Post subject:

Yea, my password must of changed. I have been running fine on a Linksys PAP2-NA, for many months now. But I am having trouble getting the new password, using pmdump or vista's dump feature.
Back to top
View user's profile Send private message
manachinu
magicJack Apprentice


Joined: 17 Oct 2008
Posts: 29

PostPosted: Mon Dec 29, 2008 8:31 pm    Post subject:

Its just timing issue...you have to run pmdump as soon as you see magicjack in process list.
Back to top
View user's profile Send private message
Taken83oveR
Dan isn't smart enough to hire me


Joined: 11 Jun 2008
Posts: 119

PostPosted: Mon Dec 29, 2008 8:36 pm    Post subject:

Yea, I am doing it before magicjack even finishes loading up (using my own shortcut), as soon as I see it in the taskmanager. I am right clicking and dumping. Not giving it time to do much of anything.

Edit: Ok I got it. The trick is not to do it to fast or to slow. As soon as magicjack opens up, and you see the gui. Very soon, magicjack will try to sign in. You want to start the dump, right before this process.


Last edited by Taken83oveR on Mon Dec 29, 2008 9:02 pm; edited 1 time in total
Back to top
View user's profile Send private message
Günter Höhn
magicJack Apprentice


Joined: 28 Feb 2008
Posts: 10
Location: Germany

PostPosted: Mon Dec 29, 2008 8:55 pm    Post subject:

Taken83oveR wrote:
Yea, I am doing it before magicjack even finishes loading up (using my own shortcut), as soon as I see it in the taskmanager. I am right clicking and dumping. Not giving it time to do much of anything.

Edit: Ok I got it. The trick is not to do it to fast or to slow. As soon as magicjack opens up, and you see the gui. Very soon, magickack will try to sign in. You want to start the dump, right before this process.

I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

Assuming you strings, pmdump, and grep in your PATH, you can get your password like this
  1. Find the pid for your magicjack.exe
    Code:
    C:\>pmdump -list|grep -i magicjack
     31337 - magicJack.exe

  2. Dump the magicjack.exe process using the pid listed above
    Code:
    pmdump 31337 dumpfile.dat

  3. use grep to pull out possible passwords (I'm sure there is easier way to do this)
    Code:
    C:\>strings dumpfile.dat | grep -w -E [0-9A-Z]{20} |grep -v -E [[email protected]#$%^&*()_+\[\=">""<".;:']

Your password will be one of the strings displayed.

Edited to fix grep statement. Thank you to posters.


Last edited by Günter Höhn on Wed Dec 31, 2008 11:47 am; edited 4 times in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website
kumeil
MagicJack Newbie


Joined: 29 Dec 2008
Posts: 2

PostPosted: Mon Dec 29, 2008 9:31 pm    Post subject:

Hey, I am trying to get the password again. I do a dump when it says ready to call. I still can't find the password inside. What field am I looking for? THANKS.
Back to top
View user's profile Send private message
robatino
MagicJack Expert


Joined: 29 Aug 2008
Posts: 97

PostPosted: Mon Dec 29, 2008 9:55 pm    Post subject:

> I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

In general, it won't be. I did a successful dump by doing it quickly, before the phone call. It contains the password on a line starting with "ProxyUserPassword=". A dump I did just after the phone call doesn't contain either this string or the password (which I did a separate search for). I did both dumps after the latest MJ update.

> What field am I looking for? THANKS.

Search for "ProxyUserPassword" (without quotes). If the password is there, it will be immediately after that.
Back to top
View user's profile Send private message
Sherwin Williams
magicJack Apprentice


Joined: 23 Dec 2008
Posts: 24

PostPosted: Mon Dec 29, 2008 10:16 pm    Post subject:

Günter Höhn wrote:
Taken83oveR wrote:
Yea, I am doing it before magicjack even finishes loading up (using my own shortcut), as soon as I see it in the taskmanager. I am right clicking and dumping. Not giving it time to do much of anything.

Edit: Ok I got it. The trick is not to do it to fast or to slow. As soon as magicjack opens up, and you see the gui. Very soon, magickack will try to sign in. You want to start the dump, right before this process.

I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

Assuming you strings, pmdump, and grep in your PATH, you can get your password like this
  1. Find the pid for your magicjack.exe
    Code:
    C:\>pmdump -list|grep -i magicjack
     31337 - magicJack.exe

  2. Dump the magicjack.exe process using the pid listed above
    Code:
    pmdump 31337 dumpfile.dat

  3. use grep to pull out possible passwords (I'm sure there is easier way to do this)
    Code:
    C:\>strings dumpfile.dat | grep -w -E [0-9A-Z]{20} |grep -v -E [[email protected]#$%^&*()_+\"\[=<>.;:']

Your password will be one of the strings displayed.

Nice use of the grep command. Had my password in like 3 seconds with that beauty.
Back to top
View user's profile Send private message
neo2121
Dan isn't smart enough to hire me


Joined: 09 Jan 2008
Posts: 282

PostPosted: Mon Dec 29, 2008 10:58 pm    Post subject:

Well i get a lot of e-mails on the subject of not being able to find the password in the dump file. Well there is a new tool out over at magicjackhacks.com its the top news story right now. But this program uses pmdump and takes about 5 min but in the end it will spit out your password via command line.

In regards to the update not allowing you to get the password anymore I plugged my magicjack just to get the download ran the program and still got the password they haven't changed my password either. Well I hope this helps a few people out
Back to top
View user's profile Send private message Visit poster's website AIM Address
alphabeta
magicJack Apprentice


Joined: 02 Apr 2008
Posts: 15

PostPosted: Mon Dec 29, 2008 11:18 pm    Post subject:

I got all Zeros when I search for the "ProxyUserPassword" . Is this right or I am missing something?
Back to top
View user's profile Send private message
Taken83oveR
Dan isn't smart enough to hire me


Joined: 11 Jun 2008
Posts: 119

PostPosted: Mon Dec 29, 2008 11:23 pm    Post subject:

neo2121 wrote:
Well i get a lot of e-mails on the subject of not being able to find the password in the dump file. Well there is a new tool out over at magicjackhacks.com its the top news story right now. But this program uses pmdump and takes about 5 min but in the end it will spit out your password via command line.

In regards to the update not allowing you to get the password anymore I plugged my magicjack just to get the download ran the program and still got the password they haven't changed my password either. Well I hope this helps a few people out


PM.exe, does not run on x64.
Back to top
View user's profile Send private message
SpamBox
Dan isn't smart enough to hire me


Joined: 14 Dec 2007
Posts: 417
Location: Rocky Mountains Front Range

PostPosted: Mon Dec 29, 2008 11:55 pm    Post subject:

neo2121 wrote:
Well i get a lot of e-mails on the subject of not being able to find the password in the dump file. Well there is a new tool out over at magicjackhacks.com its the top news story right now. But this program uses pmdump and takes about 5 min but in the end it will spit out your password via command line.

In regards to the update not allowing you to get the password anymore I plugged my magicjack just to get the download ran the program and still got the password they haven't changed my password either. Well I hope this helps a few people out


Works on XP Media Center Edition just fine. Had to run it twice though. The first time my MJ was 'upgraded' and your 'magic' found my old pw. Unplugged MJ, re-ran your 'magic', re-plugged my MJ, and it found my new pw.

Thanks! Saved me from getting a headache. Very easy to use.
-SpamBox
Back to top
View user's profile Send private message
Günter Höhn
magicJack Apprentice


Joined: 28 Feb 2008
Posts: 10
Location: Germany

PostPosted: Tue Dec 30, 2008 12:48 am    Post subject:

neo2121 wrote:
Well i get a lot of e-mails on the subject of not being able to find the password in the dump file. Well there is a new tool out over at magicjackhacks.com its the top news story right now. But this program uses pmdump and takes about 5 min but in the end it will spit out your password via command line.

In regards to the update not allowing you to get the password anymore I plugged my magicjack just to get the download ran the program and still got the password they haven't changed my password either. Well I hope this helps a few people out

Ha. I was thinking the same thing thing. I've received almost 40 PM's since posting. There is not need to wait 5 minutes to get your SIP info. I posted above how to get it in 5 seconds. Without running some unknown exe!

Don't know about you, but, I don't randomly run exe's that people post!
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Taken83oveR
Dan isn't smart enough to hire me


Joined: 11 Jun 2008
Posts: 119

PostPosted: Tue Dec 30, 2008 1:30 am    Post subject:

Günter Höhn wrote:
Taken83oveR wrote:
Yea, I am doing it before magicjack even finishes loading up (using my own shortcut), as soon as I see it in the taskmanager. I am right clicking and dumping. Not giving it time to do much of anything.

Edit: Ok I got it. The trick is not to do it to fast or to slow. As soon as magicjack opens up, and you see the gui. Very soon, magickack will try to sign in. You want to start the dump, right before this process.

I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

Assuming you strings, pmdump, and grep in your PATH, you can get your password like this
  1. Find the pid for your magicjack.exe
    Code:
    C:\>pmdump -list|grep -i magicjack
     31337 - magicJack.exe

  2. Dump the magicjack.exe process using the pid listed above
    Code:
    pmdump 31337 dumpfile.dat

  3. use grep to pull out possible passwords (I'm sure there is easier way to do this)
    Code:
    C:\>strings dumpfile.dat | grep -w -E [0-9A-Z]{20} |grep -v -E [[email protected]#$%^&*()_+\"\[=<>.;:']

Your password will be one of the strings displayed.


I get a error when using your method. Thought I would try it, just for fun.
Back to top
View user's profile Send private message
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 1:54 am    Post subject:

Looks like the only passwords that were changed was the ones running ATA's or other softphones . I know this for a fact so that means MJ can tell which users are not using their softphone and specifically targeted those users only. Sorta of an ECM. If you persist on not using the MJ softphone I guess the next step would be termination. Besides, they now have the ability to change your password at random so do you want to dump everyday?
Back to top
View user's profile Send private message
Poo619
MagicJack Expert


Joined: 20 Nov 2007
Posts: 96

PostPosted: Tue Dec 30, 2008 7:44 am    Post subject:

How do you know for a fact that they only changed the passwords on people who use ATA's? The only people who would even realize their password was changed are those searching for it to use on an ATA so I can't possible see how you can say that you know for a fact.
Back to top
View user's profile Send private message
neo2121
Dan isn't smart enough to hire me


Joined: 09 Jan 2008
Posts: 282

PostPosted: Tue Dec 30, 2008 9:00 am    Post subject:

Günter Höhn wrote:

Ha. I was thinking the same thing thing. I've received almost 40 PM's since posting. There is not need to wait 5 minutes to get your SIP info. I posted above how to get it in 5 seconds. Without running some unknown exe!

Don't know about you, but, I don't randomly run exe's that people post!


included is the source code for the file so you can look it over if you think its malicious. Just trying to help out I don't know how you get your password but it takes my rig about 5 min to dump the exe and then for me to open the file and scroll all the way to the bottom and copy and paste we just made it simpler that's all. use it don't use it I don't care its there though Smile have good one
Back to top
View user's profile Send private message Visit poster's website AIM Address
Günter Höhn
magicJack Apprentice


Joined: 28 Feb 2008
Posts: 10
Location: Germany

PostPosted: Tue Dec 30, 2008 9:14 am    Post subject:

joevv wrote:
Looks like the only passwords that were changed was the ones running ATA's or other softphones . I know this for a fact so that means MJ can tell which users are not using their softphone and specifically targeted those users only. Sorta of an ECM. If you persist on not using the MJ softphone I guess the next step would be termination. Besides, they now have the ability to change your password at random so do you want to dump everyday?

My password changed, and I do not use an ATA.

If properly configured, there is no way magicJack can tell you are using an ATA.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
jamoke
MagicJack Newbie


Joined: 29 Dec 2008
Posts: 9

PostPosted: Tue Dec 30, 2008 9:34 am    Post subject: Proper Configuration

How does one "properly" configure their device so MJ can't tell what you're using? I would imagine it's a matter of setting the user agent, but I'm not sure how you set this for the MJ trunk versus all SIP trunks globally. I am an Asterisk user.

Last edited by jamoke on Tue Dec 30, 2008 10:46 am; edited 1 time in total
Back to top
View user's profile Send private message
gooney
Dan isn't smart enough to hire me


Joined: 09 Feb 2008
Posts: 382
Location: Salt Lake City, Utah

PostPosted: Tue Dec 30, 2008 10:14 am    Post subject:

joevv wrote:
Looks like the only passwords that were changed was the ones running ATA's or other softphones . I know this for a fact so that means MJ can tell which users are not using their softphone and specifically targeted those users only. Sorta of an ECM. If you persist on not using the MJ softphone I guess the next step would be termination. Besides, they now have the ability to change your password at random so do you want to dump everyday?

I think they would rather terminate your account if they know youre using an ata rather than just changing password.

neo2121 wrote:


included is the source code for the file so you can look it over if you think its malicious. Just trying to help out I don't know how you get your password but it takes my rig about 5 min to dump the exe and then for me to open the file and scroll all the way to the bottom and copy and paste we just made it simpler that's all. use it don't use it I don't care its there though Smile have good one


Tested your little utility just for fun and i must say you guys did a very good job... took around 3 seconds is all to get the password and no need for timing pmdump.

Günter Höhn wrote:

I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

Assuming you strings, pmdump, and grep in your PATH, you can get your password like this
  1. Find the pid for your magicjack.exe
    Code:
    C:\>pmdump -list|grep -i magicjack
     31337 - magicJack.exe

  2. Dump the magicjack.exe process using the pid listed above
    Code:
    pmdump 31337 dumpfile.dat

  3. use grep to pull out possible passwords (I'm sure there is easier way to do this)
    Code:
    C:\>strings dumpfile.dat | grep -w -E [0-9A-Z]{20} |grep -v -E [[email protected]#$%^&*()_+\"\[=<>.;:']

Your password will be one of the strings displayed.


Tested your workaround and works really well... great job with grep


Last edited by gooney on Tue Dec 30, 2008 10:34 am; edited 2 times in total
Back to top
View user's profile Send private message
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 10:42 am    Post subject:

Poo619 wrote:
How do you know for a fact that they only changed the passwords on people who use ATA's? The only people who would even realize their password was changed are those searching for it to use on an ATA so I can't possible see how you can say that you know for a fact.


I have many MJ's and I have the sip info on all of them. I use some with ATA's and others with Mj softphone. All of the ATA's stoped working when the passwords changed. When I reaquired the sip info and compared to the originals only the ATA's had changed the others did not.
Back to top
View user's profile Send private message
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 10:47 am    Post subject:

Günter Höhn wrote:


If properly configured, there is no way magicJack can tell you are using an ATA.


Don't be so sure. The Mj softphone interacts with many windoze apps. Resgistry for one so don't miss inform people by stating that there's no way mj can tell if you're using an ATA.
Back to top
View user's profile Send private message
MagicHack
Dan isn't smart enough to hire me


Joined: 12 Nov 2007
Posts: 241

PostPosted: Tue Dec 30, 2008 10:56 am    Post subject:

joevv wrote:
Günter Höhn wrote:


If properly configured, there is no way magicJack can tell you are using an ATA.


Don't be so sure. The Mj softphone interacts with many windoze apps. Resgistry for one so don't miss inform people by stating that there's no way mj can tell if you're using an ATA.

The magicJack does in fact read/write from the registry, but none of that information is in fact passed to magicJack. If you do a network capture using wireshark, you'll see they use standard SIP. Nothing more, nothing less. So, assuming you set your user-agent string appropriately, the packets will look as though they came right from the magicJack.
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 10:59 am    Post subject:

gooney wrote:
[
I think they would rather terminate your account if they know youre using an ata rather than just changing password.


The answer is obvious. This board alone has over 16,000 registered members. Most come here to learn how to use ATA's and other softphones to use with linux. I estimate the number of people using other softphone/hardware to be in the thousands (very conservative estimate).
Its not in MJ's best interest to terminate that many users right now but in the future they may because the revenue lost would not cause a major impact on their business.
Back to top
View user's profile Send private message
alphabeta
magicJack Apprentice


Joined: 02 Apr 2008
Posts: 15

PostPosted: Tue Dec 30, 2008 11:06 am    Post subject:

joevv wrote:
gooney wrote:
[
I think they would rather terminate your account if they know youre using an ata rather than just changing password.


The answer is obvious. This board alone has over 16,000 registered members. Most come here to learn how to use ATA's and other softphones to use with linux. I estimate the number of people using other softphone/hardware to be in the thousands (very conservative estimate).
Its not in MJ's best interest to terminate that many users right now but in the future they may because the revenue lost would not cause a major impact on their business.


How using ATA causing revenue loss?
Back to top
View user's profile Send private message
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 11:07 am    Post subject:

MagicHack wrote:
[... assuming you set your user-agent string appropriately, the packets will look as though they came right from the magicJack.


There you go. That's one way they could tell if your are not using their softphone. All they have to do is change the user Agent. Their softphone will reply with the correct value others will not.
Back to top
View user's profile Send private message
joevv
Dan isn't smart enough to hire me


Joined: 26 Jun 2008
Posts: 121

PostPosted: Tue Dec 30, 2008 11:10 am    Post subject:

alphabeta wrote:
How using ATA causing revenue loss?

I didn't say using ATA's caused revenue lost. Terminating all ATA users would be a revenue lost to MJ
Back to top
View user's profile Send private message
gooney
Dan isn't smart enough to hire me


Joined: 09 Feb 2008
Posts: 382
Location: Salt Lake City, Utah

PostPosted: Tue Dec 30, 2008 11:42 am    Post subject:

joevv wrote:
Looks like the only passwords that were changed was the ones running ATA's or other softphones . I know this for a fact so that means MJ can tell which users are not using their softphone and specifically targeted those users only. Sorta of an ECM. If you persist on not using the MJ softphone I guess the next step would be termination. Besides, they now have the ability to change your password at random so do you want to dump everyday?

By the way i have been using ata since feb or maybe march i forgot lol anyway they have not changed my password and it is still running as of this moment. maybe it will change today hahaha never know.
Back to top
View user's profile Send private message
VaHam
Dan Should Pay Me


Joined: 13 Feb 2008
Posts: 851

PostPosted: Tue Dec 30, 2008 2:05 pm    Post subject:

Taken83oveR wrote:
Günter Höhn wrote:
Taken83oveR wrote:
Yea, I am doing it before magicjack even finishes loading up (using my own shortcut), as soon as I see it in the taskmanager. I am right clicking and dumping. Not giving it time to do much of anything.

Edit: Ok I got it. The trick is not to do it to fast or to slow. As soon as magicjack opens up, and you see the gui. Very soon, magickack will try to sign in. You want to start the dump, right before this process.

I believe the password will be in there all the time. My MJ has been running for a few days, and the steps below work fine.

Assuming you strings, pmdump, and grep in your PATH, you can get your password like this
  1. Find the pid for your magicjack.exe
    Code:
    C:\>pmdump -list|grep -i magicjack
     31337 - magicJack.exe

  2. Dump the magicjack.exe process using the pid listed above
    Code:
    pmdump 31337 dumpfile.dat

  3. use grep to pull out possible passwords (I'm sure there is easier way to do this)
    Code:
    C:\>strings dumpfile.dat | grep -w -E [0-9A-Z]{20} |grep -v -E [[email protected]#$%^&*()_+\"\[=<>.;:']

Your password will be one of the strings displayed.


I get a error when using your method. Thought I would try it, just for fun.


I get the exact same error.
Back to top
View user's profile Send private message
synchron
Dan isn't smart enough to hire me


Joined: 15 May 2008
Posts: 230

PostPosted: Tue Dec 30, 2008 2:48 pm    Post subject:

Guys, how important is it to enter the user-agent string header? The ATA does not have a field entry for this in either SIP Proxy settings or SIP User Account, however, I could enter it via Telnet and their CLI (It's an Innomedia MTA6328re). I get both Voip light successful registration without the user-agent string.

I also Wireshark captured with both MJ dongle and with ATA and I can't seem to find where this user-agent string is used. Is it really necessary and will I get flagged for it?

TIA,

Synchron. Cool
Back to top
View user's profile Send private message
laserjobs
Dan Should Pay Me


Joined: 12 Nov 2007
Posts: 670

PostPosted: Tue Dec 30, 2008 3:20 pm    Post subject:

synchron wrote:
Guys, how important is it to enter the user-agent string header? The ATA does not have a field entry for this in either SIP Proxy settings or SIP User Account, however, I could enter it via Telnet and their CLI (It's an Innomedia MTA6328re). I get both Voip light successful registration without the user-agent string.

I also Wireshark captured with both MJ dongle and with ATA and I can't seem to find where this user-agent string is used. Is it really necessary and will I get flagged for it?

TIA,

Synchron. Cool


There seems to be no place to change the user-agent on the Innomedia. I just turned the user-agent header off but it probably will not make any difference.
Back to top
View user's profile Send private message
MagicHack
Dan isn't smart enough to hire me


Joined: 12 Nov 2007
Posts: 241

PostPosted: Tue Dec 30, 2008 4:42 pm    Post subject:

VaHam wrote:
I get the exact same error.

Gunther, I get that error too. However, when I escape the brackets, it works...

So, change your grep to be something like:

Code:
strings mj.bin | grep -w -E [0-9A-Z]{20} | grep -v -E [[email protected]#$%^&*()_+\[\=">""<".;:']
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
mufon
Dan isn't smart enough to hire me


Joined: 25 Jan 2008
Posts: 296
Location: HIghland Village, Texas

PostPosted: Tue Dec 30, 2008 8:07 pm    Post subject:

laserjobs wrote:
synchron wrote:
Guys, how important is it to enter the user-agent string header? The ATA does not have a field entry for this in either SIP Proxy settings or SIP User Account, however, I could enter it via Telnet and their CLI (It's an Innomedia MTA6328re). I get both Voip light successful registration without the user-agent string.

I also Wireshark captured with both MJ dongle and with ATA and I can't seem to find where this user-agent string is used. Is it really necessary and will I get flagged for it?

TIA,

Synchron. Cool


There seems to be no place to change the user-agent on the Innomedia. I just turned the user-agent header off but it probably will not make any difference.


The Innomedia is probably like the AC-211 in that the user-agent string is configure via provisioning config file. If you can get an admin guide for the Innomedia, it probably provides details.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
laserjobs
Dan Should Pay Me


Joined: 12 Nov 2007
Posts: 670

PostPosted: Tue Dec 30, 2008 8:22 pm    Post subject:

mufon wrote:
laserjobs wrote:
synchron wrote:
Guys, how important is it to enter the user-agent string header? The ATA does not have a field entry for this in either SIP Proxy settings or SIP User Account, however, I could enter it via Telnet and their CLI (It's an Innomedia MTA6328re). I get both Voip light successful registration without the user-agent string.

I also Wireshark captured with both MJ dongle and with ATA and I can't seem to find where this user-agent string is used. Is it really necessary and will I get flagged for it?

TIA,

Synchron. Cool


There seems to be no place to change the user-agent on the Innomedia. I just turned the user-agent header off but it probably will not make any difference.


The Innomedia is probably like the AC-211 in that the user-agent string is configure via provisioning config file. If you can get an admin guide for the Innomedia, it probably provides details.


I could not find it anywhere in the documentation
http://www.innomedia.com/manuals/AdministratorGuide_IP%20Devices_v1_1.pdf
Back to top
View user's profile Send private message
VaHam
Dan Should Pay Me


Joined: 13 Feb 2008
Posts: 851

PostPosted: Tue Dec 30, 2008 9:59 pm    Post subject:

MagicHack wrote:
VaHam wrote:
I get the exact same error.

Gunther, I get that error too. However, when I escape the brackets, it works...

So, change your grep to be something like:

Code:
strings mj.bin | grep -w -E [0-9A-Z]{20} | grep -v -E [[email protected]#$%^&*()_+\[\=">""<".;:']


Thanks Gunter and you MagicHack that fixed the problem I was having.

Interesting the MJ password did not change on the MJ I was testing.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Unofficial magicJack Forum -> magicJack Tips, Tricks, and Hacks All times are GMT - 4 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Powered by phpBB Ultra Turbo Extended Edition Live © 2001-9999, phpBB Group
magicJack and magicJack Plus are trademarks of magicJack LLP. This website is in no way affiliated, endorsed, or sponsored by magicJack LLP, and is an unofficial forum for consumers to openly communicate regarding their experiences with the magicJack products.