Reply to post: Re: I guess this would have shown up with a cursory glance at the code?

How to log into any backdoored Juniper firewall – hard-coded password published

Voland's right hand Silver badge

Re: I guess this would have shown up with a cursory glance at the code?

Depends how and where.

If this went in as assembler in the first place, I doubt that a cursory code review would have found it out. You can really obscure things if you want to :)

You can also obscure this in C too - use the format string in 4-5 places to print so it is fully legit. Then all you need to sneak in is one comparison which can be done simply by replacing == with = in the right place :) Even better - reuse an existing format string.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019