Sep 6, 2014

TM Innacomm ADSL-INNATECH-W7100N Username Password

Telekon Malaysia (TM), The Innacomm ADSL-INNATECH-W7100N is a new modem replacing Innacomm W3400V6. The modem login ID/username/password is already printed in the manual guideline. This new modem wireless router all in one residential gateway is unique due to its modem password architecture is the last-4 digit modem CPE MAC Address ID.

Here's how it is look like, the TM Innacomm ADSL-INNATECH-W7100N Username Password

Modem Login: tmadmin
Modem Pass : Adm@****

Hint: **** is the last-4 digit modem CPE MAC Address ID (e.g: XXXXXXXX1234, so CPE MAC ID is 1234)

Modem Pass: Adm@1234

You can refer also to TM ADSL RIGER DB120-WL Default Username Password both are identical.

Different modem has different CPE MAC Address ID. But don't worry, you can refer sticker info at the back of the modem every time you forgot or lost the modem box.

Jul 23, 2014

How-To Upload myBRO Device Certificate and Private Key

I made this write ups for the request of my guest readers who has having a hard time on uploading their myBRO DV235T device certificate and private key aka the Green Packet 4G wireless broadband WiMAX CPEs. Let me tell you that this WiMAX modem have different flavor, the first firmware release and being loaded by PLDT/Smart Telco were version: v2.10.14-g1.0.6-smart then v2.10.14-g1.0.7-smart and next is v2.10.14-g1.0.8-smart similarly there is also stock firmware of Green Packet which is used by subscriber/s and Netizen who are avid of getting the full access to this device such as the web_update-2_3G-v2.10.14-g1.0.4-gp and the web_update-3_5G-v2.10.14-g.1.0.5-gp all of this said firmwares work for this tutorial.

This guide will help you upload your myBRO DV235T Green Packet 4G WiMAX modem broadband device certificate and private key only via any web browser will do.

First, open any web browser such as Firefox, IE, SeaMonkey or any other similar browser and point to if you are using PLDT/Smart Firmware and if your device is loaded with Green Packet stock firmware.

Once you are login to the graphical user interface (gui) as the above screenshot, navigate your mouse  on the left Main Menu point to WIMAX menu  it will prompt you the sub-menu on Authentication Setting.On the Authentication Mode drop down and select User and Device Authentication. Just leave the below setting that has check/tick.

Next, on the EAP Supplicant just follow the Screenshot above I hope it is very clear to you on how to fill up the following space provided make sure your MAC address the colon (:) is omitted, then upload the device certificate wmx_client_ca.pem  likewise the private key wmx_priv_key.key.

Scrolling down, on the Options Menu please do not forget to untick or uncheck the Ignore Cert Verification and then click the Save button to apply the changes you have done.

Finally, go back to Main Menu, navigate your mouse and point  it to Network menu, then on the WAN sub-menu. Locate the space provided labeled with Clone MAC Address as what the snapshot show you. You can now input your desired MAC Address make it sure that the colon (:) now is not omitted. Again scroll down hit the button Save, your myBRO DV235T 4G WiMAX broadband modem will now reboot in 70 seconds. Login again on the stated IP addresses to your corresponding firmware now you are connected. Enjoy!

Jul 15, 2014

How-To : myBRO Device Certificate and Private Key Retrieval

As of June 26, 2014 the PLDT/Smart Telco 4G wireless Internet Service Provider made its first clearing operation on its network and wireless system to eliminate the country's number one rampant in cloning the 4G wireless broadband CPEs. According to this forum the usual MAC address base authentication of the SMART myBRO 4G wireless modem is no long effective as of the said date, this is because the AAA is already been implemented such as the Device Certificate + Private Key + MAC address, if this three is not much on your Green Packet device such as DV235T and OX230 then you will no longer be welcome to the network. In short you will be denied to access to the Smart 4G Base Station, there's no way for you to use even the proxy server to bypass their portal.

Here's simple step on how to retrieve your myBRO 4G wireless broadband modem device certificate, private key and the mac address either via telnet or ssh make sure to enable port 23 or 22 to be able to get this terminal open.

Once you are login to the command line interface (cli) e.g. telnet or ssh, just type this following command respectively.

cd /etc

The ls /etc command is to view the list directory of the /etc now you will be able to see the filename wmx_client_ca.pem this is the device certificate and the wmx_priv_key.key filename  is the private key.

cat wmx_client_ca.pem

cat wmx_priv_key.key

After you have viewed the device certificate and the private key in plain text, you can copy paste this to notepad and save it as wmx_client_ca.pem, wmx_priv_key.key filename respectively. Now you already successfully retrieved your myBRO device certificate likewise the private key.

Additionally, the next command is if you wanted to retrieve your myBRO 4G wireless broadband WAN MAC address just type this command and you will prompted your device WAN MAC.

sncfg get WAN_MAC

I have included this extra screenshot because of some myBRO 4G Wireless broadband CPEs their device certificate and private key are hidden, just like on this screen. The Green Packet equipment which Chipset is MediaTek is embedded with Linux OS and therefore it is equip with tiny all in one Busybox you can use the tool to unhide the device certificate and the private key.

Jul 14, 2014

CIDG 7 seized P300K worth of LTE modems

Thursday, June 26, 2014

THE Criminal Investigation and Detection Group (CIDG) entrapped four persons for allegedly selling Internet modems without authority from a telecommunication company.

Some P300,000 worth of modems, antennas and cable cords for Internet installation were confiscated by the operatives Wednesday afternoon in Mandaue City.

The suspects work as sub-contractors for Globe Telecom.

The are identified as Israel John Brigoli Abenir, 25; Lemuel Galinato, 22; Orlando Rizaldo Mula, 27; and Roy Gonzales Aguelo, 45.

CIDG 7 Deputy Chief Fermin Armendarez explained that the sub-contractors install modems for clients to have Internet connections.


The operation was conducted based on the report of Globe Telecom Security Officer Ramil Manlosa.

Manlosa said his job is to monitor their customers’ Internet connection through their website.

Manlosa told police that he found modems being sold online while he was browsing the Internet last June 19.

He then informed Globe Telecom Security Head Manolito Zapata, who instructed the former to coordinate with the police.

Armendarez said Long-Term Evolution (LTE) modems cannot be sold because these are given for free to Globe Telecom Internet subscribers.

Armendarez led the entrpament at 3 p.m. in Barangay Labogon, Mandaue City.

Through the online website selling the modems, Manlosa ordered 20 gadgets.

He was immediately contacted by the administrator of the website.

Each modem was reportedly sold for P5,000.

But Manlosa said a modem costs about P10,000.

SPO1 Jackson Rivera acted as the buyer.

He met the four suspects during the delivery of the sold items.

As soon as the suspects handed Manlosa’s order, the other CIDG 7 operatives swooped down on the suspects.


Recovered from Abenir were nine LTE modems with power cord and five LTE antennas with a total market value of P90,000.

Seized from Galinato was an LTE modem worth P10,000.

Mula and Aguelo were also caught with 10 LTE modems with power cord, 10 LTE antennas, and 10 LAN cords worth P100,000.

It was only after the entrapment that Globe Telecom found out that the four suspects were working as their sub-contractors.

The modems that were sold were supposed to be distributed to Globe Telecom’s subscribers for their Internet installation.

Reporters tried to get a statement from any of the four suspects but they all declined to be interviewed.

A complaint for estafa is expected to be filed against the suspects.

They are currently detained at the CIDG 7 stockade. - Sunstar

Jun 21, 2014

8866 2288 6600 8800 9966 7700

Ever heard of domains such as,,,,, and Me neither -- well, at least not until recently.

The latest zero-day exploit, which affects Microsoft Word, drops a Trojan that tries to connect to a host at Turns out that these particular domains are IP forwarders -- e.g. they let you register any available host at the domain and forward traffic to whichever IP address you prefer. Sounds like a great way for cyber criminals to keep their real attack systems on the move.

I learned about this over at F-Secure, where they explain a bit more about these domains.

When you see these domains in your URL filtering or Web access logs they should send up gigantic red flags in your mind. In my opinion they should be completely blocked unless you have a real good reason not to block them. Better safe than sorry. You can check this forum the Exploits that leads to Trojan Perkesh.