Cleven

The Cleven application is a user interface to the aircrack-ng for the N900 device.

It provides the ability to easily configure the injection drivers, scan for surrounding stations, and, using injection and authentication or deauthentication, capture Identification Vector keys.

In addition, it provides interfaces to decrypt the captured files and manage the successful attacks.

It has been created with PyQT (PyQt v4.7.5 for Python v2.6) and the functionality is provided by Python.

Contents

Installation

The application can be installed directly by the Application Manager (HAM) from the Extras repositories (check here for its status).

Dependencies

Included

The application depends on:

  • python2.5
  • python2.5-qt4-gui
  • python2.5-qt4-core
  • python2.5-qt4-maemo5
  • aircrack-ng
  • macchanger

Expected

In order to load the bleading edge drivers it expects an equivalent kernel. Currently possible power kernels include:

  • 46-wl1
  • 47
  • 48 (unconfirmed; same issues with the drivers have been reported)

Key features

  • Includes the injection drivers (courtesy of lxp).
  • Original MAC is stored and restored on exit.
  • Handles correctly spaces and special characters in the Network names
  • The Network names are sorted and the hidden are not shown.
  • Decryption can be done for data captured over multiple sessions.
  • Successful decrypted keys are stored in a separate folder.

Usage

Startup Dialog

Starting the application shows a splash screen.

Staring

In the background, a check is been made if the kernel available supports the injection drivers. In the error case, a warning message is displayed for the incompatibility.

Kernel Error

System Configuration Dialog

As soon as the application starts the System Configuration dialog is shown.

It is recommended to set the Internet Connection Setting to ASK so that the system does not try to connect while the system tries to use the monitor mode.

The next steps will be to load the injection drivers and enable the monitor mode.

The MAC address can be also changed to a random one or in the case of MAC filtering by the Access Point to an already connected by typing the value and pressing SET.

Note 1: The same configuration dialog can be accessed at the end of the session (i.e. from the Drop down menu) to revert the settings.

Note 2: The default system MAC address will be restored automatically when the drivers get unloaded.

Main Window

Decryption Window

The "Decryption Window" sorts files alphabetically and by security type.

Using the "All Common" button it is instructs the decryption to consider all files captured from the same network on different sessions.

When the WPA security type is chosen then also a button for selecting a dictionary appears.

Pressing this button a dialog appears that shows the dictionaries stored in
/home/user/.cleven/dictionaries
and allows the selection of the dictionary to be used for the decryption.


Deletion of files

From the Decryption window and pressing the menubar will provide the option to enable the "Deletion Mode". While in this mode, pressing the menubar again will give the opposite option, i.e. exit from the mode.

The "Deletion Mode" keeps the same appearance as the parent window and sorts files alphabetically and by security type.

Using the "All Common" button it is possible to delete all files captured from the same network.

Keys Management Window

Drop down menu

The drop down menu, aka Menubar, will offer the following options:

  • Button: Configure Drivers
  • Button: Decrypt Captured Files
  • Button: Show Keys
  • Button: About
  • Button: Quit

All of them (with the exception of the Quit) will open a new window or dialog to perform the action described.

About

In the about window one can find the version of the application running as well as buttons to connect to additional documentation (like all the rest of the windows it supports rotation).

Versions

1.10-1 (Development Version)

Changelog

  * Workarournd for WAP authentication to accept spaces in network names.

Issues

 * WPA deauthentication does not collect client's MAC.

1.9-1

Changelog

 * Fixed check for the compatible kernel versions.
 * Redesign of the decryption window. Added new dialog and button for selecting the dictionary for the WPA decryption.	

Issues

 * WAP authentication do not accept spaces in network names.
 * WPA deauthentication does not collect client's MAC.

1.8-2

Changelog

 * Fixed check for the compatible kernel versions.	

1.8-1

Changelog

 * Added skip button for the intro page.
 * Added check for compatible kernel version.	

1.7-1

Changelog

 First public release...
 Key dependencies and features:
 * The package depends on aircrack-ng, macchanger and expects power kernel >= 46.
 * Includes the injection drivers (courtesy of lxp)
 * Original MAC is stored and restored on exit.
 * Handles correctly spaces and special characters in the ESSID names
 * The ESSID names are sorted and the hidden are not shown.
 * Decryption can be done for data captured over multiple sessions.
 * Successful decrypted keys are stored in a seperate folder.
 * Management of captured files.

License

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 only.

Disclaimer

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Also, this program is intended for learning purposes only. I do not condone hacking and wouldn't be held responsible for your actions. Only you would face legal consequences if you used this script for illegal activities.