fedora 23
obsolete weakness #61

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

aircrack-ng-1.2-rc2/src/aireplay-ng.c

Context:

The highlighted line of code below is the trigger point of this particular Fedora 23 obsolete weakness.

 
}

int do_attack_deauth( void )
{
    int i, n;
    int aacks, sacks, caplen;
    struct timeval tv;
    fd_set rfds;

    if(getnet(NULL, 0, 1) != 0)
        return 1;

    if( memcmp( opt.r_dmac, NULL_MAC, 6 ) == 0 )
        printf( "NB: this attack is more effective when targeting\n"
                "a connected wireless client (-c <client's mac>).\n" );

    n = 0;

    while( 1 )
    {
        if( opt.a_count > 0 && ++n > opt.a_count )
            break;

        usleep( 180000 );

        if( memcmp( opt.r_dmac, NULL_MAC, 6 ) != 0 )
        {
            /* deauthenticate the target */

            memcpy( h80211, DEAUTH_REQ, 26 );
            memcpy( h80211 + 16, opt.r_bssid, 6 );

            aacks = 0;
            sacks = 0;
            for( i = 0; i < 64; i++ )
            {
                if(i == 0)
                {
                    PCT; printf( "Sending 64 directed DeAuth. STMAC:"
                                " [%02X:%02X:%02X:%02X:%02X:%02X] [%2d|%2d ACKs]\r",
                                opt.r_dmac[0],  opt.r_dmac[1],
                                opt.r_dmac[2],  opt.r_dmac[3],
                                opt.r_dmac[4],  opt.r_dmac[5],
                                sacks, aacks );
                }

                memcpy( h80211 +  4, opt.r_dmac,  6 );
                memcpy( h80211 + 10, opt.r_bssid, 6 );
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.