cybersecurity · beginner · ~15 min · safe pentest lab

Detect the Broadcast MAC Address

Practice exact, deny-by-default equality checks over a fixed-size buffer: a value is accepted only when every byte matches, never on a partial or prefix match.

Challenge

Broadcast MAC classifier

A Layer 2 frame parser must decide whether a destination MAC address is the Ethernet broadcast address ff:ff:ff:ff:ff:ff. Broadcast frames reach every host on the segment, so ARP-spoofing and flooding tools abuse them. A parser that misclassifies an address (for example, treating any address that merely starts with ff as broadcast) can be tricked into mishandling traffic or into skipping the tighter filtering a real address deserves.

The asset here is a fixed 6-byte MAC buffer baked into the grader. The threat is an attacker crafting near-broadcast addresses (ff:ff:ff:ff:ff:fe, ff:ff:00:...) hoping a sloppy check accepts them. Deny by default: a MAC is broadcast ONLY when every one of the six bytes equals 0xFF.

Implement:

int is_broadcast_mac(const unsigned char mac[6]);

Return 1 if and only if all six bytes are 0xFF; otherwise return 0.

Example

is_broadcast_mac(bcast)   -> 1
is_broadcast_mac(unicast) -> 0

Edge cases: the all-zero address, a unicast address, and addresses that differ from broadcast in only the first, middle, or last byte must all return 0.

Input format

A read-only array of exactly 6 unsigned char values (the MAC address octets), passed as const unsigned char mac[6].

Output format

An int: 1 if the MAC is the broadcast address ff:ff:ff:ff:ff:ff, otherwise 0.

Constraints

The array always has exactly 6 bytes; read all 6 and no more. Do not modify the buffer. No dynamic allocation, no I/O, no network access. Each byte is 0x00..0xFF.

Starter code

int is_broadcast_mac(const unsigned char mac[6]){
    /* TODO: return 1 only when every one of the 6 bytes is 0xFF, else 0.
       This stub is insecure and does not implement the check. */
    return -1;
}

Common mistakes

Returning 1 as soon as the first byte is 0xFF (prefix match); checking only some of the six bytes; comparing against a signed char and mishandling 0xFF; using memcmp against a wrongly-initialized reference; returning a truthy non-1 value or -1 instead of a clean 0/1.

Edge cases to handle

All-zero MAC (00:00:00:00:00:00) -> 0; broadcast with only the first byte wrong (fe:ff:ff:ff:ff:ff) -> 0; only the last byte wrong (ff:ff:ff:ff:ff:fe) -> 0; a middle byte wrong (ff:ff:00:ff:ff:ff) -> 0; a single 0xFF byte among zeros -> 0; five 0xFF bytes and one non-FF -> 0; exact broadcast -> 1.

Background lessons

Solve this exercise in the browser editor — compile and run against the test harness, no setup required.