The author, Konstantin Agouros, used version 2.2.26 of the utility and a GS105E with firmware V1.02.04. Unfortunately, as points out, the password is not really encrypted but XOR obfuscated using a fixed string "NtgrSmartSwitchRock" (which is present in all firmwares mentioned above). informs us that password encryption is supported since v2.2.24 (this also requires a firmware update on the switch). Older versions of the management software and firmware would send a plain text password for changing settings, while no password is required at all to read settings from the switch. The utility uses ethernet and IP broadcasts to communicate with the switch, and the switch answers also using broadcasts (this permits configuring regardless of IP-settings, beneficial for inexperienced home users). However, *all* Netgear ProSafe Plus switches can be managed using the "ProSafe Plus Switch Utility" (latest version v2.2.36), which is available for Windows only.Īs can be read in (in German), communication between this utility and switch is unencrypted. Only GS105Ev2 and GS105PE contain the web based credentials ntgruser + debugpassword (firmwares for the other switches do not seem to support web based management). I looked at the latest firmware for 5 and 8 port Netgear Prosafe Plus switches (the first part of the file name is the switch type):
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |