Sunday, February 10, 2008

Firmware updates

There have been some people talking in the comments about things to do to the firmware. While I'm sure some of you have actually agreed to the license and are likely restrained by its terms, I bet most of you haven't. You also don't necessarily have to agree to a license to simply download files from a web site.

Simply sitting in an airport next to me (or stalking me at my house) you could easily pick up my EyeFi card, its mac address, and watch it do its firmware updates. You might also see the manager fetch a file from the server for its firmware updates in plain text. If you want a firmware file for a souvenir, you could try fetching from these urls which are completely unauthenticated (except that your card has to be registered). So, try a few random ones until you get a hit:

for ((i=0;i<100;i++));
rmac=$(printf '00-18-56-03-%02x-%02x\n'
$((RANDOM%256)) $((RANDOM%256)));
wget "${url}/getCardFirmware?Card=$rmac&Version=1.0496";

The error result documents are ~100 bytes, while the real ones are a couple hundred kilobytes.

No comments: