Sunday, January 25, 2015

asterisk was hacked and modified - extensions_custom.conf

the above file was modified to add on the following entries

< [ext-did-0002-custom]
< exten => 60321069614,1,Set(__FROM_DID=${EXTEN})
< exten => 60321069614,n,Gosub(app-blacklist-check,s,1)
< exten => 60321069614,n,ExecIf($[ "${CALLERID(name)}" = "" ] ?Set(CALLERID(name)=${CALLERID(num)}))
< exten => 60321069614,n,Set(__CALLINGPRES_SV=${CALLERPRES()})
< exten => 60321069614,n,Set(CALLERPRES()=allowed_not_screened)
< exten => 60321069614,n(dest-ext),Goto(ext-group,991,1)

from the report tab, you can see that they trying to call out to IDD number using the above extension. 

Question.. how the hell they can modify the file with root permission ??


Posted by at No comments:

Saturday, January 3, 2015

playSMS - how to customise the web look and feel

Surprisingly, under the /var/www/html, you don't find the index.html but index.php instead and despite that, it is not easy to figure out on how they programmed the html.. based on the "source code", from the browser, I can only identify some of the codes are from

./plugin/themes/default/templates/themes_layout.html

but yet to understand the logic behind
Posted by at No comments:

playSMS - introduction and tips to customise your own gateway

replicate the gateway directory
/var/www/html/playsms/plugin/gateway

But you also need to change the /var/www/html/playsms/plugin/gateway//config.php and fn.php, try to search for "your name" within this directory to see what others need to be changed. 

You will not be able to access the /playSMS if you only introduced new directory within making the above modifications. 

However, once the above is done, you can access the /playSMS but still I don't see the new your gateway under the "Manage Gateway" menu... so.. need to explore further... 
Posted by at No comments:

Thursday, January 1, 2015

fail2ban - to include all Malaysia IP Range into the whilelist

go to http://software77.net/geo-ip/ to extract all the IP ranges with CIDR format

login to server, go to /etc/fail2ban/jail.conf

edit the file and go to "ignoreip" to include all the IP range above

and then restart the fail2ban /etc/rc.d/init.d/fail2ban restart


Posted by at No comments:
Subscribe to: Posts (Atom)