Re: [Announce] Cleven - an aircrack gui
 

Do we really need deauthentication in cleven???
i really don't think we needed it (on my behalf :D) cause i have Cleven, fAircrack & Wepon on my device....fAircrack does have the deauthentication but it doesn't work all the time...beside deauthentication only works if there a clients connected with the AP....

for me the most important is authentication....Wepon got the best authentication...Cleven is seconds & fAircrack third....i think we should focus on authentication (in Cleven) cause we need to authenticate if there no clients connected to any AP...if there is a clients then all we have to do is waits until the data is around 35k-50k before we try to decrypt it....

Re: [Announce] Cleven - an aircrack gui
 

Yea, because using 3 tools to achieve one thing is optimal ;) to be honest, in You place, I would use sole terminal.

Anyway, what the heck You mean by "better" authentication? There is no such thing. Fake auth won't "magically" create ARP for injection. It can create ACK only. If there is no client connected, You've to wait anyway - for someone to connect, most likely, or - for IVs generated @ ratio ~3 IVs/minute :p

Excuse me, if You've asked it in the past - I must have missed it. AFAIK there are 2 variants of deauth command - one targeted at client (need client MAC, and - as i always thought - AP MAC, but, if You're sure client MAC is all what it needs, I may be wrong), and another, targeted at AP MAC, which theoretically should deauth every client connected. The latter is described (in aircrack docs) as "less effective". I suspect, that it's about method to forge non-legit deauth packet - probably, some clients respond to "generic" ones, if it just "seems" to come from AP, other are "smarter" and need 100% standarised packet with their MAC "mentioned".

The "overall" deauthentication is currently supported in StefanL's fAircrack 0.45, and it works (when it have chance to work, i.e. correct signal quality, and vulnerable clients connected).

As for parsing data from airodumb-ng, unfortunatelly, I've no idea, and that's one of moments, when I regret, that I'm not skillful coder ;)

I hope this deauth explanation helps.

/Estel

Re: [Announce] Cleven - an aircrack gui
 

Sorry for double-posting, but I *might* have found a bug.

When I try decrypting with "all common" enabled, aircrack-ng window just "flashes", like when trying to decrypt from .cap file without any IVs. I'm sure all of my files contain IV's, and I can try to decrypt them individually - everything work fine. Ho ever, trying to decrypt all common - no matter which (number) file i select, result in a no-go. So, ping Saturn ;)

Re: [Announce] Cleven - an aircrack gui
 

Cannot confirm it.

One thing that might not be clear is that the "common" cannot check ".cap" and ".ivs" files together (that's a limitation of aircrack).

Therefore, if you have 20 .cap files and 1 .ivs file from an AP and you select the ivs file + common, you basically select the ivs only.

Could this be the "bug" you see?

Re: [Announce] Cleven - an aircrack gui
 

All are equal for the simple reason that the authentication is done by aircrack.

The presentation (i.e. UI) can be different but the action is the same and it is done by aircrack..

Re: [Announce] Cleven - an aircrack gui
 

Not necessarily. -p0481 attack option in wifite does work on some (most?) APs and can get 150-200 ivs/sec with no clients around. It does seem to return bogus data on some APs (newer soft version maybe, no idea really) and then you might need 150k instead, but in the end works very well with no clients connected.

Re: [Announce] Cleven - an aircrack gui
 

All right.. I thought broadcast deauthentication is not useful but it seems that some would appreciate.
My goal is still to add in the future client association but till then and for testing, I'm adding the broadcast type in the next version (1.12-1) which will be upload in a few minutes.

for reference: http://www.aircrack-ng.org/doku.php?id=deauthentication

Re: [Announce] Cleven - an aircrack gui
 

Hi, I tried to search what is the option you mention but I find only your posts about it in a couple of threads :)

Do you have a link with some info on what this option does?
BTW, I haven't used wifite..

Re: [Announce] Cleven - an aircrack gui
 

Just download wifite.py (http://code.google.com/p/wifite/) and run it. It has 4 attack options, 4th one being the clientless. I also could not find too much about it, and sadly have no python skills to look through the code.
EDIT: it's -p 0841, my mistake

Re: [Announce] Cleven - an aircrack gui
 

all right, I got it now..

here is a good description of it:
http://aircrack-ng.org/doku.php?id=h...rnate_solution

Re: [Announce] Cleven - an aircrack gui
 

Negative. I've just checked it, and all files are .ivs. Also, I managed to capture error aircrack-ng is throwing at me, when I try all common:

If I try any of .ivs without "all common" everything works (but only for selected .ivs file, obviously)

Also, huge thanks for adding broadcast deauth!

Thanks szopin, I didn't know that method. I hope it will make it's way to Cleven.

/Estel

Re: [Announce] Cleven - an aircrack gui
 

Could it be the name of the AP has some special character? to be more specific a "."?

Not sure yet but I have a suspicion on what could go wrong.

If you don't mind PM me with the exact AP name..

Re: [Announce] Cleven - an aircrack gui
 

can you make a harmattan icon of it?

Re: [Announce] Cleven - an aircrack gui
 

*redacted by mistake...*

Re: [Announce] Cleven - an aircrack gui
 

You have to use MAC registered with AP.

Re: [Announce] Cleven - an aircrack gui
 

Omg, MAC-Filtering? That's all that it means? Wow, thank you very much!!! I finally have a new solution to try out :D

Re: [Announce] Cleven - an aircrack gui
 

Hmmm... I used one of the MAC registered with the AP, and the authentication was succesful for the first 4 or 5 tries, but then it started rejecting me, I think...

And after a few of those, it went back to Association Denied (Code 18)... Any more advise at this point would be greatly appreciated... Could it be some form of manual "counter-attack"...? :|

Re: [Announce] Cleven - an aircrack gui
 

You flooded the AP with reply-inducing forged packets by any chance? This is their defense. And worst part is... the MAC you spoofed might learn about the unsuccessfull attack, good luck with wpa cracking

Re: [Announce] Cleven - an aircrack gui
 

Not sure if this is a bug for aps with space in cleven, works fine with fAircrack:

00:01:16 Waiting for beacon frame (BSSID: xx:xx:xx:xx:xx:xx) on channel 10
For the given BSSID "xx:xx:xx:xx:xx:xx", there is an ESSID mismatch!
Found ESSID "Xxx Xxx" vs. specified ESSID "Xxx"
Using the given one, double check it to be sure its correct!

00:01:16 Sending Authentication Request (Open System) [ACK]
00:01:16 Authentication successful
00:01:16 Sending Association Request [ACK]
00:01:16 Denied (code 12), wrong ESSID or WPA ?

00:01:19 Sending Authentication Request (Open System) [ACK]
00:01:19 Authentication successful
00:01:19 Sending Association Request [ACK]
00:01:19 Denied (code 12), wrong ESSID or WPA ?

Edit: same ap same settings no space worked perfect

Re: [Announce] Cleven - an aircrack gui
 

[FIXED! See below]

Quick (possible) bug report:

It looks like the version from extras-devel (1.12-1) is not correct. It says "Cleven 1.10" at the top, and (for instance) does not recognize .ivs files in the "Decrypt capture" screen.

I've downloaded the clevenMain.py file from the source and used it instead of the clevenMain.pyc file, and it works well (albeit it feels slower, as expected).

Autobuilder mixup, maybe?

===
I found the issue. It turns out that I had installed 1.10 from Extras first, and when I upgraded to 1.12-1 from Extras-devel, the .pyc files were never deleted. Interesting quirk I was not expecting...

No problems with Cleven, then. :)

Re: [Announce] Cleven - an aircrack gui
 

So I heard the newest update has something about deauthentication? :) lol, is there a step further I can do with Cleven now concerning my previous situation?

Re: [Announce] Cleven - an aircrack gui
 

No, except making sure your mac broadcast is not yours. Deauth is useful when you try to catch a preshared key (WPA) but your chances of cracking it on n900 are minimal at best. Concentrate on WEP if you want to make use of your equipment.

Re: [Announce] Cleven - an aircrack gui
 

hi folks

let me jus say thank you for the availability of cleven and all the support you have shown for it

i downloaded it yesterday

great bit of kit

iv previously hacked wep with aircrack with no problem through x-terminal

but never wpa

iv searched this thread and read the wiki but i couldnt find an answer to my question

when i go into decrypt captured

select wpa and see my modum (upc776945-01.cap)

when i select a captured file (.cap)

and then go to select dictionary

i do not seem to have any dictionarys present?

is there something i have missed?

pressing the decrypt button btw does nothing.

i appologies in advance as i admit i am a noob to this

i also appriciate the time taken to help

regards

stephen

Re: [Announce] Cleven - an aircrack gui
 

Dictionaries are out there to download. They can be huge though (GBs of words) so including them in a package is not the best idea. Also considering how much processing power it takes it's best to use N900 for capture only and do the cracking on more powerful device. (unless someone gets GPU to assist and pyrit, this is far from easy, if at all a feasible)

Re: [Announce] Cleven - an aircrack gui
 

cheers szopin

appriciate the responce

makes perfect sence i suppose

kinda makes cracking wpa keys on the n900 itself a bit of a pipe dream

again thanks for the responce:)

Re: [Announce] Cleven - an aircrack gui
 

Uploaded in devel version 1.12-2.

In short, there were a couple of issues with the names that were mentioned in the past by users (like very similar AP names in the list were not accessible etc.). I've put some effort here and from my tests many of those have been fixed.

Changes:

• Fix in the readout of the ESSID names.
• Fix in the filenames created by the Capture function.
• Several minor corrections and improvements in the UI:
  • when entering in deletion mode the dictionary select becomes hidden
  • when scanning the text gives better instructions and the current state.

Feel free to post any issues still pending.

Re: [Announce] Cleven - an aircrack gui
 

sorry Saturn but for me still the same as per previous post on aps with spaces, wondering if anyone else have the same problem as me.
the rest works perfet wep aps with no spaces and wpa handshake including decription with dictionaries

16:11:02 Waiting for beacon frame (BSSID: 00:24:B2:8B:3A:D6) on channel 10
For the given BSSID "00:24:B2:8B:3A:D6", there is an ESSID mismatch!
Found ESSID "Rog Upc" vs. specified ESSID "Rog"
Using the given one, double check it to be sure its correct!

16:11:02 Sending Authentication Request (Open System) [ACK]
16:11:02 Authentication successful
16:11:02 Sending Association Request [ACK]
16:11:02 Denied (code 12), wrong ESSID or WPA ?

same as above no matter what the name with space is

any sugestions ?

Re: [Announce] Cleven - an aircrack gui
 

Still impossible to use "all common" option, at least which AP name pattern I've send You few days ago, Saturn.

I also can't seem to find deauthentication (broadcast) option, even after update.

/Estel

Re: [Announce] Cleven - an aircrack gui
 

The deauthentication becomes available when you start capturing an AP with WPA.

Your other issue is really strange. I would like you to try if you have the time to uninstal cleven and delete the two folders
/opt/cleven
/home/user/.cleven

and try again.

I want to believe that there are leftover files and thus the behaviour you see.

Re: [Announce] Cleven - an aircrack gui
 

After your post, I have written a small test program and the latest version (1.12-2) behaves correctly.

Could you please uninstall and delete the two folders as I proposed in the previous post too?

If that will not work, then we'll wait a few weeks. I will have a second router and I will be able to test more cases.

Thanks for the report in any case.

Re: [Announce] Cleven - an aircrack gui
 

done as per instruction above and unfortunately still the same for aps with spaces, have tried on two different routers: Netgear and Netopia
also found somethig strange with the mac address, I have changed to a random one and now everytime I unload the driver goes back to the first random mac instead the original one, if I reboot at first shows the original mac then I change to a random one and when I unload the driver goes back again to the first time I chose to change the mac instead of the original one, any iddeas why this happen ?

Re: [Announce] Cleven - an aircrack gui
 

Thanks Saturn, will try it and report back. Meanwhile, could You please consider enabling deauthenticate for WEP AP's too? It is also very useful when trying to inject packets - deauthenticated client authenticate again, generating instantly ARP for injecting.

Generally, as a rule of thumb, it would be great to have all options available no matter of executing order. Personally, I find it very irritating, if I need to click "capture" before I can inject or authenticate - I don't know why it tries to force specific use-case. It's impossible to predict all things user may want to do, so, why not letting her/him execute commands in any order she/he may want?

Also, could You please allow some config switch for disabling initial test (for kernel etc) and intro? It makes Cleven starting time ridiculously long. I agree, that it should be both ON by default, but seriously, having it on for every startup is counter-productive.

It's just constructive criticism/ideas, I hope it sounds right way :)

/Estel

Re: [Announce] Cleven - an aircrack gui
 

Thanks for trying.

For the mac issue delete the following file:
and reboot. The next time you start cleven the correct file will be created.

Re: [Announce] Cleven - an aircrack gui
 

Estel, I will keep in mind your proposals.

I know that in the new UI I will add some of them already. In the current one adding more buttons is a problem.

Re: [Announce] Cleven - an aircrack gui
 

Hello,
I am having some problems with cleven so I’ll try to explain it. I am following those steps on page 15 and X Terminal is starting to collect data. I read that I need between 30k-50k to be able to crack WPA network (I am trying cleven on my own WPA network). Meanwhile the nokia n900 is collecting data I am using my network with my laptop so it is active. The problem is that the data is collected to slow. What I mean is that it takes n900 around 1 hour to collect about 1000 data so for 30 000 data it will take what? 30 hours? I left my nokia for several hours and after 5 hours I checked it and I saw the message from X terminal saying that there is no space left. This came up with 5843 data collected. What am I doing wrong here? I apologize for ignorance and I hope that someone will spare few minutes to answer my questions.
Best regards to you all and thanks in advance,
M

Re: [Announce] Cleven - an aircrack gui
 

you might read my step again my friends cause if do read it again then you might realize what mistakes did you have made....
my step in pages 15 is for WEP not WPA :D :D :D

Re: [Announce] Cleven - an aircrack gui
 

OK, my bad, I admit.
You are right pusak gaoq I went back to check.
But the problem still remain for me so can you please guide me through or point me to the page/website where I can see where/what am doing wrong regarding cracking WPA network
Best regards and thanks again.
M

Re: [Announce] Cleven - an aircrack gui
 

First post at the end has links for the aircrack tutorials.

http://www.aircrack-ng.org/doku.php?...6b13035cabd1e9

In short, all steps can be done with the application but you should aim for 1 to 3 and leave the 4th for a powerful PC.

Re: [Announce] Cleven - an aircrack gui
 

OK, thanks Saturn. I will check this out.
Thanks agan.

Re: [Announce] Cleven - an aircrack gui
 

i successfully could crack an ap with cleven.thanks.today i tried cracking my university wifi network.it collected data upto 52k. den successfully decrypted. when checkd fr key files it showed me .ivs.txt file. file.then it showed me a key.bt i couldnot connect it with that key. previously when i cracked another ap. it showed a key file of .cap.txt. y dis one is ivs.txt. and y cant i connect it with that password