Pages

Showing posts with label MagicJack proxy. Show all posts
Showing posts with label MagicJack proxy. Show all posts

Identify MagicJack proxy

You can identify which proxy you are connected to using the following method:
Preparation
  1. Download pmdump from http://www.ntsecurity.nu/toolbox/pmdump/.
  2. Start MagicJack
  3. Identify MagicJack's process ID (PID).
    • Open a DOS (command) window.
    • Execute pmdump -list
    • Find "magicjack.exe" in the output. Note the number associated with it.
  4. Make at least one call. (Ex. to the special echo-test number: 909-390-0003.).
Final steps
  1. Using the DOS (command) window and PID as described above, execute:
    pmdump {pid} mj_dump.txt
  2. Open mj_dump.txt using a text editor like textpad.
  3. Search for the string:
    s=ENSResip
That string occurs at the start of a line. And it occurs within repeating blocks of data, like a repeating pattern. In these blocks you will find lines starting with o= and c=. These lines contain the IP address of the SIP/proxy and RTP/vms servers respectively.
For example, if you connect to the Phoenix proxy, you should see:
o=- {nnnnnnnnnn} {nnnnnnnnnn} IN IP4 66.104.81.70
s=ENSResip
c=IN IP4 66.104.81.75
You can use nslookup to resolve both IP addresses to hostnames, revealing the regional SIP/proxy and RTP/vms servers you are presently using.
No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)