[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Ip address and mac address hardcoded

To: mramelie@xxxxxxxxxxxx
Subject: Re: [Full-disclosure] Ip address and mac address hardcoded
From: coderman <coderman@xxxxxxxxx>
Date: Sat, 16 Nov 2013 15:18:20 -0800

On Sat, Nov 16, 2013 at 3:59 AM,  <mramelie@xxxxxxxxxxxx> wrote:
> ... I come acrosss an ip address and a
> mac address hardcoded in some libraries of a firmware for a vendor. Why
> should it be there this kind of hardcode?

i've seen this done for testing purposes, when running hardware
through a quality check harness which needs such static configuration.

what is the IP? (publicly route-able or internal only?)
what is the MAC OUI prefix? (valid vendor or some arbitrary unallocated ident?)

answering these questions would help identify test vs. backdoor intent...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Ip address and mac address hardcoded
  - From: mramelie

Prev by Date: [Full-disclosure] Ip address and mac address hardcoded
Next by Date: Re: [Full-disclosure] Ip address and mac address hardcoded
Previous by thread: [Full-disclosure] Ip address and mac address hardcoded
Next by thread: Re: [Full-disclosure] Ip address and mac address hardcoded
Index(es):
- Date
- Thread