Why Does 0xC0A80101 Open Your Router? Uncovering IPv4’s Hidden Number Formats

One day a colleague posted a screenshot showing the browser address bar with http://0xC0A80101/, which opened the company router’s management page, surprising everyone who expected 192.168.1.1. Some joked it was a legacy quirk rather than a hack.

IPv4 is essentially a 32‑bit integer. Humans write it as four octets in dotted decimal (e.g., 192.168.1.1), but computers can represent the same value in decimal, octal, hexadecimal, or as a single 32‑bit number.

Historically, early Unix network functions like inet_aton and inet_addr borrowed C’s numeric literal conventions: a leading 0 denotes octal, 0x or 0X denotes hexadecimal, otherwise decimal. These functions also accept fewer than four parts, merging the remaining bytes into a 32‑bit value, which created many “creative” notations.

In short, IPv4 is a 32‑bit integer; any notation is valid as long as the parser accepts it.

Standard dotted decimal: 192.168.1.1 (most common and safest)

Octal per byte: 0300.0250.01.01 (because 192 → 300₈, 168 → 250₈)

Hexadecimal per byte: 0xC0.0xA8.0x01.0x01 Combined hexadecimal: 0xC0A80101 Combined decimal: 3232235777 Mixed or shortened forms: 192.168.257, 3232235777, etc.

Converting is straightforward: each byte to two‑digit hex yields 0xC0A80101; each byte to three‑digit octal yields 300.250.1.1. For example, 192.168.1.1 = 0xC0A80101 = 3232235777, a representation sometimes used when storing IPs as integers.

These flexible notations pose two security concerns. First, obfuscation and bypass: simple string‑based filters may block http://192.168.1.1/ but miss http://0xC0A80101/, allowing attackers to evade restrictions. Second, downstream parsing differences: various languages and libraries handle leading zeros, octal, and shortened forms inconsistently, leading to mismatched addresses, log confusion, or false security alerts.

For instance, the string "010.0.0.1" may be parsed as octal 010 → decimal 8, resulting in 8.0.0.1 instead of the expected 10.0.0.1, a classic source of bugs.

8.8.8.8 in different bases

Google Public DNS 8.8.8.8 also has many representations:

Dotted decimal: 8.8.8.8 Octal per byte: 10.10.10.10 (since 8₈ = 10)

Hexadecimal per byte: 0x08.0x08.0x08.0x08 Combined hexadecimal: 0x08080808 Combined decimal: 134744072 Seeing the same address expressed in completely different strings highlights the separation between representation and numeric value.