Wednesday, December 21, 2005

Third to the Last Post

What defines me is what hurts me...

This is a true story; One day I was thinking to myself "These fools I work with doesn't have a clue on what I can really do, what networks I've gotten into, stuff that I'd done online. They don't know how good a hacker I've become. They just sit there waiting for their monthly salary, only imagining where they'll go drinking next. They don't understand that there's a world outside their own lives." Then it hit me. I too was living in my own little world. A world of networks, computers and technology. So again I decided I will try to explore beyond the box that this time I had inadvertently put myself into.

I've decided to stop hacking when the new year comes around. This time it's real.

Sunday, July 24, 2005

As time passes by...

Haven't been caught. Not yet anyway... :)

I think it's fitting that I post the following article here. A bit cheesy to the veteran hackers but definitely a must read to someone who visits here with no hacking experience but curious about hacking.


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The following was written shortly after my arrest...

\/\The Conscience of a Hacker/\/

by

+++The Mentor+++

Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Another one got caught today, it's all over the papers. "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
Damn kids. They're all alike.

But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him?
I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain
for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..."
Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is
cool. It does what I want it to. If it makes a mistake, it's because I
screwed it up. Not because it doesn't like me...
Or feels threatened by me...
Or thinks I'm a smart ass...
Or doesn't like teaching and shouldn't be here...
Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found.
"This is it... this is where I belong..."
I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is
that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me
for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.

+++The Mentor+++

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=



See you all from the other side...

Update: Decided to simply append the following stuff instead of having a separate entry for it.


I kinda like this one too... :)


It happened again today. Another one sold out, sacrificing their dreams to the corporate security machine.

No one believes in a cause anymore.

Another potential computer genius was relegated to an existence of nothing more than than a 9-5 cubicle-dwelling promotional tool.

Damn yuppies, putting money before discovery.

Another kid was sentenced today for searching for a way to understand the world. Convicted and imprisoned, not because of what he did, but because of what others thought he could do.

Damn Whitehats - Fear keeps them in business.

The public, believing anything it hears from "reputed experts". Screaming for blood. Looking for something to blame for their lost hope. Their lost ability to seek out new knowledge. Fear consumes them. They cannot let go of their uncertainty and doubt because there is no meaning. They seek to destroy explorers, outlaws, curiosity seekers because they are told too. They are told these people that seek information are evil. Individuality is evil. Judgment should be made based upon a moral
standard set in conformity rather than resistance. Lives are ruined in the name of corporate profit and information is hoarded as a commodity.

I had an awakening. I saw the security industry for what is really is. I saw the corruption, the lies, the deceit, the extortion of protection money in the form of subscription services and snake-oil security consultants.

I wanted to know, I wanted to understand, I wanted to go further than the rest. I never want to be held down by contracts and agreements.

You say I should grow up. You say I should find better things to do with my time. You say I should put my talent to better use. You're saying I should fall in line with the other zombies and forget everything I believe in and shun those with my drive, my curiosity, tell them it's not worth it, deny them of the greatest journey they will ever experience in their lives.

I am not a blackhat. The term is insulting, it implies I am the opposite of you. You think i seek to defeat security, when I seek something greater. I will write exploits, travel through networks, explore where you are afraid to go. I will not put myself in the spotlight and release destructive tools to the public to attract business. I will not feed the fear and hysteria created by the security industry to increase stock prices. I can, and will, code and hack and find out everything I can for the same reasons I did years ago.

I am a Hacker, dont try to understand me, you lost all hope of that when you crossed the line. You fail to see the lies and utter simplicity behind the computer security industry. Once, you may have shared my ideals. You fail to see the fact that security is a maintenance job. Youve given up hope for something better. You fail to see yourself as worthless, fueling an industry whose cumulative result is nothing. I
dont hate you, I dont even really care about you - If you try to stop me, you will fail, because I do this out of love -- you do it for money.

This is our world now.. the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without paying for what could be dirt cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat and lie to us and try to make us belive it is for our own
good, yet we're the ciminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You can't stop me, and you
certainly can't stop us all.

Monday, July 18, 2005

Triptomatic....

I have a bad feeling about something. I may get caught within the next few days. Oh well.. (sigh)

I might as well comment on the PCIJ hack. I wasn't working for any political party, it was just something that I thought would be fun to do... (sigh)

Some of you may have seen the Mozcom and Digitelone tags that I did. Also was responsible for the DTI hack... (sigh)

And some people are so naive. Webservers are just the most visible way to prove that you hacked into a network... (sigh)

And there's so much more that I'm into... (sigh)

I guess I'm just someone who's into exploring... (sigh)



*slightly depressed*

Update:

Mozcom and Digitelone removed the tag pages. :)

Several days after I posted this entry, this came out. Well, like the guy said "the timing was uncanny" ;)

Monday, May 02, 2005

XSS BS....

Did some XSS stuff...

Posted it on http://fnse.be.tt ...

Lame stuff...

Half-assed attempt at a serious advisory...

Half-assed attempt at being funny...

Makes a whole ass...

XSS is lame...

La lang...

Saturday, April 30, 2005

Hind Site...

Threw up a site for all of you. It's http://sysad.madpage.com Since I'm planning to planning to discontinue this blog in the near future, some of you might want to hang out there. Feel free to submit anything you want. It's on a free webhost (look ma, no banner ads!)so hax0r it all you want. Have fun!

Wednesday, April 27, 2005

The Salmon and the Werewolf....

Edited out some ip's (even non-public ones) and some other stuff. Formatting sucks but it's readable...


******************************************************************************
ORACLE CONFIG
******************************************************************************

Foreground
AuthPort 1645
AcctPort 1646
LogDir /data/LOGFILE
DbDir /usr/local/etc/raddb
#SocketQueueLength 500000

<Log FILE>
Filename %L/%Y-%m-%d-%H-logfile.log
LogMicroseconds
Trace 4
</Log>
<Client localhost>
Secret ********
DupInterval 25
</Client>
<Client 210.14.**.*>
Secret ********
DupInterval 25
</Client>
<Client 210.14.**.**>
Secret *********
NoIgnoreDuplicates Access-Request
DupInterval 10
</Client>
<Client 202.57.***.***>
Secret ******
DupInterval 25
</Client>
<Client 202.57.***.**>
Secret ******
DupInterval 25
</Client>
<Client 210.14.*.**>
Secret *****
DupInterval 25
</Client>
<Client 210.14.*.**>
Secret ******
DupInterval 25
</Client>
<Client 210.14.**.*>
Secret ******
NoIgnoreDuplicates Access-Request
DupInterval 10
</Client>
#ip dial Malolos
<Client 10.255.*.*>
Secret ******
DupInterval 25
</Client>
#ip dial Cabanatuan
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial SFP
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Dagupan
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Baguio
<Client 10.255.*.***>
Secret ******
DupInterval 25
</Client>
#ip dial SFU
<Client 10.255.*.***>
Secret ******
DupInterval 25
</Client>
#ip dial Lucena
<Client 10.255.*.*>
Secret ******
DupInterval 25
</Client>
#ip dial Binakayan
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Batangas
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Iloilo
<Client 10.255.**.*>
Secret ******
DupInterval 25
</Client>
#ip dial Bacolod
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial GenSan
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Davao
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Tarlac
<Client 10.255.*.**>
Secret ******s
DupInterval 25
</Client>
#ip dial Cebu
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
#ip dial Calamba
<Client 10.255.*.**>
Secret ******
DupInterval 25
</Client>
<Client 202.57.***.***>
Secret ******
DupInterval 25
</Client>
<Client 210.14.**.**>
Secret *********
DupInterval 25
</Client>
<Client 210.14.**.***>
Secret *********
DupInterval 25
</Client>

<SessionDatabase SQL>
Identifier PREPAID
DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)
(HOST=192.168.***.***) (PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_prepaid
DBAuth ********
Timeout 200
FailureBackoffTime 90
AddQuery insert into RADONLINE(USERNAME, NASIDENTIFIER, NASPORT,ACCTSESSIONID,
TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,CALLINGSTATIONID)
values ('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}',%{Timestamp}, '%{Framed-IP-Address}',
'%{NAS-Port-Type}','%{Service-Type}','%{Calling-Station-Id}')
</SessionDatabase>

<SessionDatabase SQL>
Identifier POSTPAID
DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)
(HOST=192.168.***.***) (PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth *************
Timeout 200
FailureBackoffTime 90
AddQuery insert into RADONLINE(USERNAME, NASIDENTIFIER, NASPORT,ACCTSESSIONID,
TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,CALLINGSTATIONID,CALLEDSTATION)
values ('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}',%{Timestamp}, '%{Framed-IP-Address}',
'%{NAS-Port-Type}','%{Service-Type}','%{Calling-Station-Id}','%{Called-Station-Id}')
</SessionDatabase>

<SessionDatabase SQL>
Identifier PLAN
DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)
(HOST=192.168.***.***) (PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth *************
Timeout 200
FailureBackoffTime 90
AddQuery insert into RADONLINE(USERNAME, NASIDENTIFIER, NASPORT,ACCTSESSIONID,
TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,CALLINGSTATIONID,CALLEDSTATION)
values ('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}',%{Timestamp}, '%{Framed-IP-Address}',
'%{NAS-Port-Type}','%{Service-Type}','%{Calling-Station-Id}','%{Called-Station-Id}')
</SessionDatabase>

<Handler Calling-Station-Id = "">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d\d\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Calling-Station-Id = "/^\d\d\d\d\d\d\d\d$/">
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>

<Handler Realm=admin.pldtvibe.com>
RewriteUsername s/^([^@]+).*/$1/
MaxSessions 1
AcctLogFileName %L/ADMIN/%Y-%m-%d-detail
AcctLogFileFormat %m %d %Y %H:%M:%S NAS-IP-Address=%{NAS-IP-Address} NAS-Port=%{NAS-Port}
User-Name=%{User-Name} Called-Station-Id=%{Called-Station-Id}
Calling-Station-Id=%{Calling-Station-Id}
Acct-Status-Type=%{Acct-Status-Type} Service-Type=%{Service-Type}
Acct-Session-Id=%{Acct-Session-Id} Framed-Protocol=%{Framed-Protocol}
Framed-IP-Address=%{Framed-IP-Address} Acct-Session-Time=%{Acct-Session-Time}
<AuthBy FILE>
Filename %D/pldtusers
</AuthBy>
</Handler>

<Handler Called-Station-Id = "101388">
AccountingHandled
MaxSessions 1
SessionDatabase PLAN
AcctLogFileName %L/PLAN/%Y-%m-%d-detail
#PasswordLogFileName %L/PLAN/%Y-%m-%d-password
AcctLogFileFormat %m %d %Y %H:%M:%S NAS-IP-Address=%{NAS-IP-Address} NAS-Port=%{NAS-Port}
User-Name=%{User-Name} Called-Station-Id=%{Called-Station-Id}
Calling-Station-Id=%{Calling-Station-Id} Acct-Status-Type=%{Acct-Status-Type}
Service-Type=%{Service-Type} Acct-Session-Id=%{Acct-Session-Id}
Framed-Protocol=%{Framed-Protocol} Framed-IP-Address=%{Framed-IP-Address}
Acct-Session-Time=%{Acct-Session-Time} Tunnel-Server-Auth-ID=%{Tunnel-Server-Auth-ID}
Acct-Terminate-Cause=%{Acct-Terminate-Cause}
#PreAuthHook file:"%D/roaming.hook"
<AuthBy SQL>
AuthSelect select trim(PASSWORD), EXPIRATION, DEFAULTREPLY,time_func3_roam_rnd(username),
time_func3_roam_rnd(username) from pps_ppaid.pps_SUBSCRIBER where ROAMING_FLAG = '1'
and USERNAME = '%n' and plantype > 0
#AuthSelect select trim(PASSWORD), EXPIRATION, DEFAULTREPLY, SESSIONREPLY, SESSIONREPLY
from pps_ppaid.pps_SUBSCRIBER where ROAMING_FLAG = '1' and USERNAME = '%n' and
plantype > 0
#AuthSelect select trim(ENCRYPTED_PASSWORD), EXPIRATION, DEFAULTREPLY, SESSIONREPLY,
SESSIONREPLY from pps_ppaid.pps_SUBSCRIBER where ROAMING_FLAG = '1' and USERNAME = '%n'
AuthColumnDef 0, User-Password, check
#AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, GENERIC, reply
AuthColumnDef 3, Session-Timeout, reply
AuthColumnDef 4, Ascend-Maximum-Time, reply

DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=192.168.***.***)
(PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth *************
Timeout 10
FailureBackoffTime 90
AccountingTable pps_ppaid.ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP_DATE,Timestamp,formatted-date,to_date('%e %m %Y %H:%M:%S',
'DD-MM-YYYY HH24 MI SS')
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctFailedLogFileName %L/CLUSTER/testnetra.prepaid.log
AcctLogFileFormat %{User-Name}|%m %d %Y %H:%M:%S|%{Acct-Status-Type}||||%{Acct-Session-Id}
|%{Acct-Session-Time} |%{Acct-Terminate-Cause}|%{NAS-IP-Address}|%{NAS-Port}
|%{Calling-Station-Id}|%{Called-Station-Id}|||%{Framed-IP-Address}
</AuthBy>
</Handler>

<Handler Called-Station-Id = "101355">
AccountingHandled
MaxSessions 1
SessionDatabase PLAN
AcctLogFileName %L/PLAN/%Y-%m-%d-detail
#PasswordLogFileName %L/PLAN/%Y-%m-%d-password
AcctLogFileFormat %m %d %Y %H:%M:%S NAS-IP-Address=%{NAS-IP-Address} NAS-Port=%{NAS-Port}
User-Name=%{User-Name} Called-Station-Id=%{Called-Station-Id} Calling-Station-Id=
%{Calling-Station-Id} Acct-Status-Type=%{Acct-Status-Type} Service-Type=%{Service-Type}
Acct-Session-Id=%{Acct-Session-Id} Framed-Protocol=%{Framed-Protocol}
Framed-IP-Address=%{Framed-IP-Address} Acct-Session-Time=%{Acct-Session-Time}
Tunnel-Server-Auth-ID=%{Tunnel-Server-Auth-ID}
Acct-Terminate-Cause=%{Acct-Terminate-Cause}
#PreAuthHook file:"%D/plannew.hook"
<AuthBy SQL>
AuthSelect select trim(PASSWORD), EXPIRATION, CLI, DEFAULTREPLY, time_func3_plan_rnd(username),
time_func3_plan_rnd(username) from pps_ppaid.pps_SUBSCRIBER where CLI='%{Calling-Station-Id}'
and USERNAME = '%n' and plantype > 0
#AuthSelect select trim(PASSWORD), EXPIRATION, CLI, DEFAULTREPLY, SESSIONREPLY, SESSIONREPLY
from pps_ppaid.pps_SUBSCRIBER where CLI='%{Calling-Station-Id}' and USERNAME = '%n' and
plantype > 0
#AuthSelect select trim(ENCRYPTED_PASSWORD), EXPIRATION, CLI, DEFAULTREPLY, SESSIONREPLY,
SESSIONREPLY from pps_ppaid.pps_SUBSCRIBER where CLI='%{Calling-Station-Id}' and
USERNAME = '%n'
AuthColumnDef 0, User-Password, check
#AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, Calling-Station-Id, check
AuthColumnDef 3, GENERIC, reply
AuthColumnDef 4, Session-Timeout, reply
AuthColumnDef 5, Ascend-Maximum-Time, reply

DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=192.168.***.***)
(PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth *************
Timeout 10
FailureBackoffTime 90
AccountingTable pps_ppaid.ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP_DATE,Timestamp,formatted-date,to_date('%e %m %Y %H:%M:%S',
'DD-MM-YYYY HH24 MI SS')
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctFailedLogFileName %L/CLUSTER/testnetra.prepaid.log
AcctLogFileFormat %{User-Name}|%m %d %Y %H:%M:%S|%{Acct-Status-Type}|||
|%{Acct-Session-Id}|%{Acct-Session-Time} |%{Acct-Terminate-Cause}|%{NAS-IP-Address}
|%{NAS-Port}|%{Calling-Station-Id}|%{Called-Station-Id}|||%{Framed-IP-Address}
</AuthBy>
</Handler>

<Handler Called-Station-Id = "101333">
AccountingHandled
MaxSessions 1
SessionDatabase PREPAID
#RewriteUsername tr/A-Z/a-z/
AcctLogFileName %L/PREPAID/%Y-%m-%d-detail
#PasswordLogFileName %L/PREPAID/%Y-%m-%d-password
AcctLogFileFormat %m %d %Y %H:%M:%S NAS-IP-Address=%{NAS-IP-Address} NAS-Port=%{NAS-Port}
User-Name=%{User-Name} Called-Station-Id=%{Called-Station-Id} Calling-Station-Id=%{Calling-Station-Id}
Acct-Status-Type=%{Acct-Status-Type} Service-Type=%{Service-Type} Acct-Session-Id=%{Acct-Session-Id}
Framed-Protocol=%{Framed-Protocol} Framed-IP-Address=%{Framed-IP-Address} Acct-Session-Time=%{Acct-Session-Time}
Tunnel-Server-Auth-ID=%{Tunnel-Server-Auth-ID} Acct-Terminate-Cause=%{Acct-Terminate-Cause}
#PreAuthHook file:"%D/prepaid.hook"
<AuthBy SQL>
AuthSelect select trim(ENCRYPTED_PASSWORD), EXPIRATION, DEFAULTREPLY,
time_func3_prepd_rnd(username), time_func3_prepd_rnd(username)
from pps_prepaid.SUBSCRIBERS where USERNAME = '%n' and STATUS = '1'
#AuthSelect select trim(ENCRYPTED_PASSWORD), EXPIRATION, DEFAULTREPLY, SESSIONREPLY, SESSIONREPLY
from pps_prepaid.SUBSCRIBERS where USERNAME = '%n' and STATUS = '1'
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, GENERIC, reply
AuthColumnDef 3, Session-Timeout, reply
AuthColumnDef 4, Ascend-Maximum-Time, reply

DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=192.168.***.***)
(PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_prepaid
DBAuth ********
Timeout 10
FailureBackoffTime 90
AccountingTable pps_prepaid.ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP_DATE,Timestamp,formatted-date,to_date('%e %m %Y %H:%M:%S',
'DD-MM-YYYY HH24 MI SS')
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctFailedLogFileName %L/CLUSTER/testnetra.prepaid.log
AcctLogFileFormat %{User-Name}|%m %d %Y %H:%M:%S|%{Acct-Status-Type}||||%{Acct-Session-Id}
|%{Acct-Session-Time} |%{Acct-Terminate-Cause}|%{NAS-IP-Address}|%{NAS-Port}
|%{Calling-Station-Id}|%{Called-Station-Id}|||%{Framed-IP-Address}
</AuthBy>
</Handler>

<Handler Called-Station-Id = "101300">
AccountingHandled
SessionDatabase POSTPAID
RewriteUsername tr/A-Z/a-z/
AcctLogFileName %L/POSTPAID/%Y-%m-%d-detail
#PasswordLogFileName %L/POSTPAID/%Y-%m-%d-password
AcctLogFileFormat %m %d %Y %H:%M:%S NAS-IP-Address=%{NAS-IP-Address} NAS-Port=%{NAS-Port}
User-Name=%{User-Name} Called-Station-Id=%{Called-Station-Id} Calling-Station-Id=%{Calling-Station-Id}
Acct-Status-Type=%{Acct-Status-Type} Service-Type=%{Service-Type} Acct-Session-Id=%{Acct-Session-Id}
Framed-Protocol=%{Framed-Protocol} Framed-IP-Address=%{Framed-IP-Address}
Acct-Session-Time=%{Acct-Session-Time} Tunnel-Server-Auth-ID=%{Tunnel-Server-Auth-ID}
Acct-Terminate-Cause=%{Acct-Terminate-Cause}
#PreAuthHook file:"%D/updatesessiontime.hook"
AuthByPolicy ContinueWhileReject
<AuthBy SQL>
AuthSelect select trim(ENCRYPTED_PASSWORD), EXPIRATION, CLI, DEFAULTREPLY,
time_func3_RND(cli), time_func3_RND(cli)
from pps_ppaid.pps_SUBSCRIBER where CLI='%{Calling-Station-Id}' and
USERNAME = '%n' and plantype = 0
#AuthColumnDef 0, User-Password, check
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, Calling-Station-Id, check
AuthColumnDef 3, GENERIC, reply
AuthColumnDef 4, Session-Timeout, reply
AuthColumnDef 5, Ascend-Maximum-Time, reply

DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=192.168.***.***)
(PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth *************
Timeout 10
FailureBackoffTime 90
AccountingTable pps_ppaid.ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP_DATE,Timestamp,formatted-date,to_date('%e %m %Y %H:%M:%S',
'DD-MM-YYYY HH24 MI SS')
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctFailedLogFileName %L/CLUSTER/testnetra.postpaid.log
AcctLogFileFormat %{User-Name}|%m %d %Y %H:%M:%S|%{Acct-Status-Type}||||%{Acct-Session-Id}
|%{Acct-Session-Time} |%{Acct-Terminate-Cause}|%{NAS-IP-Address}|%{NAS-Port}
|%{Calling-Station-Id}|%{Called-Station-Id}|||%{Framed-IP-Address}
</AuthBy>
<AuthBy SQL>
AuthSelect select trim(ENCRYPTEDPASSWD), DEFAULTREPLY, SESSIONREPLY, SESSIONREPLY from
pps_ppaid.SUBSCRIBERS where USERNAME='%n'
#AuthColumnDef 0, User-Password, check
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, GENERIC, reply
AuthColumnDef 2, Session-Timeout, reply
AuthColumnDef 3, Ascend-Maximum-Time, reply

DBSource dbi:Oracle:(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=192.168.***.***)
(PORT=1521)) (CONNECT_DATA=(SID=pps)))
DBUsername pps_ppaid
DBAuth **********
Timeout 10
FailureBackoffTime 90
AccountingTable pps_ppaid.ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctFailedLogFileName %L/CLUSTER/testnetra.postpaid.log.
AcctLogFileFormat %{User-Name}|%m %d %Y %H:%M:%S|%{Acct-Status-Type}||||%{Acct-Session-Id}
|%{Acct-Session-Time} |%{Acct-Terminate-Cause}|%{NAS-IP-Address}|%{NAS-Port}
|%{Calling-Station-Id}|%{Called-Station-Id}|||%{Framed-IP-Address}
</AuthBy>
</Handler>

<Handler>
<AuthBy FILE>
Filename %D/rejected.users
</AuthBy>
</Handler>




******************************************************************************
SQL DUMP (Not part of oracle config)
******************************************************************************


-- MySQL dump *.**
--
-- Host: localhost Database: adminDB
---------------------------------------------------------
-- Server version *.**.**

--
-- Table structure for table 'ACCOUNTING'
--

CREATE TABLE ACCOUNTING (
USERNAME char(50) NOT NULL default '',
TIME_STAMP int(11) default NULL,
ACCTSTATUSTYPE char(10) default NULL,
ACCTDELAYTIME int(11) default NULL,
ACCTINPUTOCTETS int(11) default NULL,
ACCTOUTPUTOCTETS int(11) default NULL,
ACCTSESSIONID char(30) default NULL,
ACCTSESSIONTIME int(11) default NULL,
ACCTTERMINATECAUSE int(11) default NULL,
NASIDENTIFIER char(50) default NULL,
NASPORT int(11) default NULL,
FRAMEDIPADDRESS char(22) default NULL,
CALLEDSTATIONID char(20) default NULL,
CALLINGSTATIONID char(20) default NULL,
KEY ACCOUNTING_I (USERNAME)
) TYPE=MyISAM;

--
-- Dumping data for table 'ACCOUNTING'
--


INSERT INTO ACCOUNTING VALUES ('*******',0,'Stop',NULL,NULL,NULL,'00001234',1000,NULL,'203.63.***.*',
1234,'202.163.***.***','123456789','987654321');

etc....

CREATE TABLE SUBSCRIBERS (
USERNAME char(15) NOT NULL default '',
PASSWORD char(30) default NULL,
ENCRYPTEDPASSWORD char(30) NOT NULL default '',
EXPIRATION char(12) binary default '*** * 2005',
DEFAULTREPLY char(200) binary default 'Service-Type = Framed-User,Framed-Protocol = PPP,
Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP',
FRAMEDIP char(20) binary default '0.0.0.0',
SESSIONREPLY char(7) default NULL,
USEDTIME int(11) default NULL,
MAXTIME int(11) default NULL,
STATUS char(1) binary default '0',
DATEACTIVATION date default NULL,
COMMENT char(100) default NULL,
COMPANYNAME char(50) default NULL,
UNIQUE KEY USERNAME_I (USERNAME)
) TYPE=MyISAM;

--
-- Dumping data for table 'SUBSCRIBERS'
--


INSERT INTO SUBSCRIBERS VALUES ('****','*********','**********','*** ** 2005','Service-Type = Framed-User,
Framed-Protocol = PPP, Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP',
'202.***.***.***',NULL,NULL,NULL,'1',NULL,NULL,'eREBZ');
INSERT INTO SUBSCRIBERS VALUES ('****','**********','**********','**** ** 2006','Service-Type = Framed-User,
Framed-Protocol = PPP,Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP',
'202.***.***.***',NULL,NULL,NULL,'1',NULL,NULL,'eREBZ');

etc....

Tuesday, April 26, 2005

Look at the moon. It's weird...



--Well, the "project" has been called off. I gues none of us really wanted to push through with it. Why perpetuate the negative image of the hacker anyway, just to prove to ourselves the extent of control we have. Oh well..

--Choke Points in the Phil. Information Highway. Shut down the few major isp's we already have admin access to. Most isp's are quite dependent on the major ones anyway. And the rest are quite vulnerable too, especially to DDoS attacks. There are a lot of outdated routers out there. Not to mention TCP/IP flaws.

--So I guess I'm just going to fade away into the background. The fun was in learning stuff anyway. Once you get root or admin access there's really nothing much else to do. There's not much difference among linux distro's anyway. :) But I guess I'll always be a hacker. Besides, I still have to log on to my r00ted systems to check my logs and make sure everything is running smoothly. :)

--A friend gave me some wise advice about this blog. He said I was giving away too much personal info in here like, all the police have to do is search for the pc's which have ubuntu installed on them. Lolz. Sometimes I get so drunk, I want to to sms in my real name and address here, just for kicks. Lolz. Wonder how that would feel in the morning.

--So maybe I'll just do some more things before I really give up this blog. Like annoy some people. Lolz. I really don't know, maybe irritate some DOST guys, those ePLDT/Infocom people, whatever. Lolz. Somebody tell the sysad of the machine hosting the NBI site to view some pic in the /tmp! Hehehe. Maybe I'll put myself in the zone-h top 10. :) All I have to do is hit one of those hosting companies advertising "we have over 1,000 sites hosted". Hehe, I'll probably look into that but those networks are typically more secure than a government one. :) Oh, and maybe rant out against the "XSS is a vulnerability" people. XSS, IMHO, is not a serious vulnerability. Hehe.

--So I guess I'll start with http://forum.domains.ph They already updated it, they said. :)

Maxi Pad...



Some stuff sent in by ize****. This guy is building the foundation for future voip 0wnag3 in the Philippines. Hehehe.

Thursday, April 21, 2005

Hoax for your opinion?

er, Hoax = who asked. Hehe, bad pun, I'm not that imaginative today...

In the news today.

"We have no plans to go after the guy who did it. We just updated and patched the software. We're just going to make sure that this won't happen again."

[Hehe, good!]

This is funny as hell.

"This [defacement] is a hoax because there is no effect [on] our website" Pagkalinawan said.

(The hacker didn't touch the index page, he just installed his tag page.)

Hehe, in that case, I almost never hacked anything because almost eveything I've done "had no effect" on websites, everything was just a hoax.

Hehe, tadew!

Monday, April 18, 2005

Cisco po!

To the one who requested the sample cisco config, here it is...
Edited out some ip's and some hashes... Any similarity to any existing config is strictly coincidental. :P

Current configuration : 11678 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname PHTEAM
!
boot system flash disk2:c7200-is-mz.122-13.ZD1.bin
enable secret 5
!
clock timezone PHT 8
aaa new-model
!
!
aaa group server radius infoddu
server 202.57.**.*** auth-port 1645 acct-port 1646
!
aaa group server radius infocom
server 203.172.**.*** auth-port 1645 acct-port 1646
server 202.163.**.*** auth-port 1645 acct-port 1646
server 203.172.**.*** auth-port 1645 acct-port 1646
!
aaa authentication login default line
aaa authentication login vty-con line
aaa authentication ppp infocom group infocom
aaa authentication ppp infoddu group infoddu
aaa authorization network infocom group infocom
aaa authorization network infoddu group infoddu
aaa accounting exec infocom start-stop group infocom
aaa accounting exec infoddu start-stop group infoddu
aaa accounting network infocom start-stop group infocom
aaa accounting network infoddu start-stop group infoddu
aaa session-id common
ip subnet-zero
!
!
ip cef
ip finger
ip domain name info.com.ph
ip name-server 203.172.25.21
ip name-server 202.57.96.4
!
vpdn enable
!
vpdn-group BACOLOD
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname BACOLOD_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group BAGUIO
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname BAGUIO_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group BATANGAS
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname BATANGAS_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group BINAKAYAN
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname TIGRIS_BINAKAYAN
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group CABANATUAN
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname expertcbn
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group CISCO-DAVAO
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname DVO_TIGRIS
lcp renegotiation on-mismatch
l2tp tunnel password 7
l2tp tunnel receive-window 64
!
vpdn-group DAGUPAN
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname DGP_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group EXPERT_TARLAC
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname experttarlc
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group GENSAN
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname GENSAN_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group ILOILO
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname ILOILO_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group LUCENA
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname LUCENA
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group MALOLOS
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname MLL-INFOCOM
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group PLDT-INFOCOM3
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname jne-infocom3
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group PLDT-INFOCOM4
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname jne-AS5300-2
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group SFP
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname SFP_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group SFU
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname SFU_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group SUBIC
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname INFOCOM_SUBIC
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
(whew! haba pla neto, hehe)
vpdn-group TARLAC
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname TARLAC_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group TIGRIS-CALAMBA
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname CALAMBA_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group TIGRIS-INFOCOMCEBU
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname CEBU_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group TIGRIS-MAKATI
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname MAKATI_TIGRIS1
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group TIGRIS-MAKATI2
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname MAKATI_TIGRIS2
lcp renegotiation on-mismatch
l2tp tunnel password 7
!
vpdn-group ZAMBOANGA
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname infoc_zambo
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group expertbats
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname expertbats
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group expertlpz
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname expertlpz
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group expertmalolos
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname expertmalolos
lcp renegotiation always
l2tp tunnel password 7
!
vpdn-group expertzbd
accept-dialin
protocol l2tp
virtual-template 6
terminate-from hostname expertzbd
lcp renegotiation always
l2tp tunnel password 7
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
no negotiation auto
!
interface GigabitEthernet0/2
description *** Connects to Chronicles GE4/6 ***
ip address 202.57.**.*** 255.255.255.224
duplex full
speed 1000
media-type gbic
negotiation auto
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
no negotiation auto
!
interface Virtual-Template1
no ip address
!
interface Virtual-Template5
description *** Dedicated Dialup ***
ip unnumbered GigabitEthernet0/2
no peer default ip address
ppp authentication pap infoddu
ppp authorization infoddu
ppp accounting infoddu
ppp ipcp dns 203.172.**.*** 202.57.**.***
!
interface Virtual-Template6
description ***PROVINCIAL IP-DIAL***
ip unnumbered GigabitEthernet0/2
ip mroute-cache
peer default ip address pool infocom-pool-provincial
ppp authentication pap infocom
ppp authorization infocom
ppp accounting infocom
ppp ipcp dns 203.172.**.*** 202.57.**.***
!
router ospf 100
log-adjacency-changes
auto-cost reference-bandwidth 1000
summary-address 202.163.240.0 255.255.255.0
summary-address 203.172.27.0 255.255.255.0
summary-address 203.172.15.0 255.255.255.0
summary-address 202.163.230.0 255.255.255.0
summary-address 202.163.249.0 255.255.255.0
summary-address 203.131.73.0 255.255.255.0
summary-address 222.126.65.0 255.255.255.0
summary-address 222.126.66.0 255.255.255.0
summary-address 222.126.67.0 255.255.255.0
summary-address 222.126.68.0 255.255.254.0
summary-address 222.126.70.0 255.255.254.0
summary-address 222.126.77.0 255.255.255.0
redistribute connected subnets
redistribute static subnets
network 202.57.124.0 0.0.0.255 area 0
!
ip local pool infocom-pool-provincial 203.172.27.1 203.172.27.254
ip local pool infocom-pool-provincial 203.172.15.1 203.172.15.254
ip local pool infocom-pool-provincial 202.163.249.1 202.163.249.254
ip local pool infocom-pool-provincial 202.163.230.1 202.163.230.254
ip local pool infocom-pool-provincial 203.131.73.1 203.131.73.254
ip local pool infocom-pool-provincial 222.126.65.1 222.126.65.254
ip local pool infocom-pool-provincial 222.126.66.1 222.126.66.254
ip local pool infocom-pool-provincial 222.126.67.1 222.126.67.254
ip local pool infocom-pool-provincial 222.126.68.1 222.126.69.254
ip local pool infocom-pool-provincial 222.126.70.1 222.126.70.254
ip local pool infocom-pool-provincial 222.126.71.1 222.126.71.254
ip local pool infocom-pool-provincial 222.126.77.1 222.126.77.254
ip classless
no ip http server
!
!
!
access-list 44 deny any
access-list 45 permit 202.57.125.200
access-list 77 permit 202.57.124.9
access-list 88 permit 202.163.253.134 log
access-list 88 permit 202.163.253.131 log
access-list 88 permit 203.172.25.2 log
access-list 88 permit 202.57.124.10 log
access-list 88 permit 202.57.124.9
access-list 88 permit 203.172.11.230 log
access-list 88 permit 202.163.234.8 log
access-list 88 permit 203.172.11.193 log
access-list 88 permit 203.172.11.220 log
access-list 88 permit 202.57.96.80 log
access-list 88 permit 202.57.101.85 log
access-list 88 permit 202.57.96.85 log
access-list 88 permit 202.57.96.84 log
access-list 88 permit 202.57.96.90 log
access-list 88 permit 203.172.31.177 log
access-list 88 permit 202.57.96.89 log
access-list 88 permit 210.14.16.25 log
access-list 88 deny any
access-list 99 permit 203.172.11.64 log
access-list 99 permit 202.57.124.10 log
access-list 99 permit 202.57.124.9 log
access-list 99 permit 202.163.234.8 log
access-list 99 permit 202.57.124.27 log
access-list 99 permit 192.168.1.254 log
access-list 99 permit 203.172.11.244 log
access-list 99 permit 203.172.11.220 log
access-list 99 permit 202.57.96.84 log
access-list 99 deny any
access-list 109 permit ip 203.131.75.0 0.0.0.255 any
access-list 111 permit ip any any
!
route-map proxy-redir permit 10
match ip address 109
set ip default next-hop 203.172.11.217
!
route-map proxy-redir permit 20
match ip address 111
!
snmp-server community RO 99
snmp-server community RO 99
snmp-server community RO 77
snmp-server enable traps tty
!
radius-server host 202.57.**.*** auth-port 1645 acct-port 1646 key 7
radius-server host 203.172.**.*** auth-port 1645 acct-port 1646 key 7
radius-server host 203.172.**.*** auth-port 1645 acct-port 1646 key 7
radius-server host 202.163.**.*** auth-port 1645 acct-port 1646 key 7
radius-server authorization permit missing Service-Type
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
gatekeeper
shutdown
!
banner login ^C
******************************* WARNING!!! ***********************
This is a private property of eREBZ, Inc. If you have accessed this facility by mistake, please disconnect immediately. Unauthorized access to this system may subject you to disciplinay action and criminal prosecution.
*****************************************************************************

P H T E A M

^C
!
line con 0
password 7
stopbits 1
line aux 0
stopbits 1
line vty 0 4
access-class 88 in
exec-timeout 5 0
password 7
!
ntp authentication-key 1 md5
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179982
ntp access-group peer 45
ntp access-group serve 44
ntp update-calendar
ntp server 202.57.**.*** key 1
!
end

(whew!, haba!)