{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
IF YOU DON'T KNOW WHAT IS NETHUNTER OR KALI(BACKTRACK) LINUX YOU DON'T NEED IT.
DISCLAIMER: I, ASSUME NO RESPONSIBILITY FOR ANY ILLEGAL ACTIONS AND/OR DAMAGE PERFORMED OR CAUSED BY INDIVIDUALS WHO USE IT FOR PURPOSES WHICH IT IS NOT INTENDED TO BE USED.
DESCRIPTION:
The Kali NetHunter is an Android ROM overlay that includes a robust Mobile Penetration Testing Platform. The overlay includes a custom kernel, a Kali Linux chroot, and an accompanying Android application, which allows for easier interaction with various security tools and attacks. Beyond the penetration testing tools arsenal within Kali Linux, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, Evil AP MANA attacks, and much more. For more information about the moving parts that make up NetHunter, check out our NetHunter Components page. NetHunter is an open-source project developed by Offensive Security and the community.
More info
Kali NetHunter Application
Home Screen - General information panel, network interfaces and HID device status.
Kali Chroot Manager - For managing chroot metapackage installations.
Check App Update - For checking Kali NetHunter Android App updates.
Kali Services - Start / stop various chrooted services. Enable or disable them at boot time.
Custom Commands - Add your own custom commands and functions to the launcher.
MAC Changer - Change your Wi-Fi MAC address (only on certain devices)
VNC Manager - Set up an instant VNC session with your Kali chroot.
HID Attacks - Various HID attacks, Teensy style.
DuckHunter HID - Rubber Ducky style HID attacks
BadUSB MITM Attack - Nuff said.
MANA Wireless Toolkit - Setup a malicious Access Point at the click of a button.
MITM Framework - Inject binary backdoors into downloaded executables on the fly.
NMap Scan - Quick Nmap scanner interface.
Metasploit Payload Generator - Generating Metasploit payloads on the fly.
Searchsploit - Easy searching for exploits in the Exploit-DB
3rd Party Android Applications (WIP)
NetHunter Terminal Application
DriveDroid
USB Keyboard
Shodan
Router Keygen
cSploit
BUGS
The same as on original Nexus 5 version
REQUIREMENTS
Latest HybridRom Concept Edition + Advanced Kernel v2 from this thread. Don't install anything else.
Hands growing from a right place
External WiFi Adapter for Monitor Mode
INSTALLATION
Make sure you've read the requirements
Boot in TWRP
Install what you need with aroma installer.
Wait until process is finished (will take some time to extract packages)
DOWNLOAD
Kernel Sources
XDA:DevDB Information
Kali NetHunter Togari, ROM for the Sony Xperia Z Ultra
Contributors
Uncle Lucifer
Source Code: https://github.com/offensive-security/kali-nethunter
ROM OS Version: 5.1.x Lollipop
Version Information
Status: Testing
Created 2016-03-11
Last Updated 2016-03-11
Reserved
Reserved
Most of the things will work out of the box.while some of the scripts requires modifications, like changing patch and etc.
Unless you don't want to change storage patches, don't upgrade SuperSU binary.
I just figured out that it's somehow breaks symlinks, which can break a lot of scripts.
Also. when you install it, don't pick supersu, may cause a bootloop.
Seems like something is broken in the new supersu update.
Also I did a kernel update.
It includes updates for modules necessary for external wifi and usb attacks support.
I hope that they will soon add our device officially.
I got cannot boot and red LED flashing after flash "Kali NetHunter For HybridRom Concept EditioN" on "HybridRom Concept EditioN V2.0 ". Any step or version wrong? I need to restore factory image now(downloading).
pckeung said:
I got cannot boot and red LED flashing after flash "Kali NetHunter For HybridRom Concept EditioN" on "HybridRom Concept EditioN V2.0 ". Any step or version wrong? I need to restore factory image now(downloading).
Click to expand...
Click to collapse
It may happen if you didn't have advanced kernel v2.
You don't need flash whole rom again.
Just flash boot.img from concept with hotboot and you will have recovery.
Uncle Lucifer said:
It may happen if you didn't have advanced kernel v2.
You don't need flash whole rom again.
Just flash boot.img from concept with hotboot and you will have recovery.
Click to expand...
Click to collapse
oh Thank! I can restart the flashing process now.
Dear developers, can you build your kernel for Samsung Galaxy Tab 3.8.0 SM T311? (Cyanogenmod 13)?
Finally , the nethunter installed into my z Ultra successfully. But it restart when i enable monitor mode with my USB wifi. This problem has not appear in my nexus 5. I already flashed the "kernel update". I will try other USB wifi.
*i have school project about this topic. Thanks for help.
pckeung said:
Finally , the nethunter installed into my z Ultra successfully. But it restart when i enable monitor mode with my USB wifi. This problem has not appear in my nexus 5. I already flashed the "kernel update". I will try other USB wifi.
*i have school project about this topic. Thanks for help.
Click to expand...
Click to collapse
LOL, I was writing an extended essay back in school about wireless packets injection.
I was using nokia n900.
I've got a TP-Link WN721N and monitor mode works fine.
Didn't have any networks around with WEP encryption, so idk about injection.
Phone may reboot, but only if I disconnect external wifi.
And yeah, I enabled drivers, which were avaliable in my sources, so if your adapter is too old, then it might be missing.
Good luck with your project.
Feel free to write,if you need anything.
i find my tp-link lsusb command dut i cant start wlan0 bacause when i type ifconfig its not find my tp-link tl-wdn3200, i use xperia x ultra c6833.anythink what i can do about that?
shadow8 said:
i find my tp-link lsusb command dut i cant start wlan0 bacause when i type ifconfig its not find my tp-link tl-wdn3200, i use xperia x ultra c6833.anythink what i can do about that?
Click to expand...
Click to collapse
Wlan0 is your internal adapter.
Try
Code:
ifconfig wlan1 down
iwconfig wlan1 mode monitor
ifconfig wlan1 up
wlan card not found
Uncle Lucifer said:
Wlan0 is your internal adapter.
Try
Code:
ifconfig wlan1 down
iwconfig wlan1 mode monitor
ifconfig wlan1 up
Click to expand...
Click to collapse
when i type ifconfig wlan1 down i get wlan1 error while getting interface flags: no such device
and iwconfig wlan1 mode monitor i get Error for wireless request "set mode" (8B06) :
shadow8 said:
when i type ifconfig wlan1 down i get wlan1 error while getting interface flags: no such device
and iwconfig wlan1 mode monitor i get Error for wireless request "set mode" (8B06) :
Click to expand...
Click to collapse
Not all wlan adapters are supported, I think you should go to official wiki page and find if your model is supported.
wlan adapter not find
Uncle Lucifer said:
Not all wlan adapters are supported, I think you should go to official wiki page and find if your model is supported.
Click to expand...
Click to collapse
its supported because i already use that with kali my pc.i read its mayby kernel bug and some people download and instal somekind other version because they have samekind broplem.but i want to keep this1.and thx fast reply hopefully i get this work.ps i build y cable also and that giving power tp-link but no luck that1
shadow8 said:
its supported because i already use that with kali my pc.i read its mayby kernel bug and some people download and instal somekind other version because they have samekind broplem.but i want to keep this1.and thx fast reply hopefully i get this work.ps i build y cable also and that giving power tp-link but no luck that1
Click to expand...
Click to collapse
If it works on kali on pc, it doesn't mean that it's going to work on mobile.
It's not bug, just means that it simply does not have drivers for the specific device
Thx.i need,To check if i find drivers.afterall its not many wlan adapters what support monitor Mode.so i am so happy if some1 can say what wlan adapter support Xperia z ultra.and ofg thats need monitor Mode
Its bossible To add More attack software inside romm? Mayby somekind Phone and Bluetooth attack
please create one for xperia sp
electro_nik said:
please create one for xperia sp
Click to expand...
Click to collapse
Instructions are available on the official website.
Compiling it,not harder if is not easier than using it.
Related
***ABANDONED***
I am sorry but I stopped supporting this kernel because I don't have much time recently.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This is first custom kernel for Xperia Z4 Tablet SGP712/SGP771.
Download
Download from official website
How to root
See my blog post:
https://androplus.org/Entry/626/
I won't create kernel for device which I don't own.
If you want me to create, please give me the device.
Donate:
PayPal
XDA:DevDB Information
AndroPlusKernel for Z4 Tablet, Kernel for the Sony Xperia Z4 Tablet
Contributors
AndroPlus, Tommy-Geenexus, DHGE, dl12345, andip71, nilezon
Source Code: https://github.com/AndroPlus-org/android_kernel_sony_msm8994
Kernel Special Features:
Version Information
Status: Testing
Created 2015-08-02
Last Updated 2017-05-04
Features and changelog
I won't answer questions or requests for older version (e.g. "Please update kernel for old firmware!")
Moved to here
SONY has a 28.0.A.7.31 under "Android Downloads"
Have not found a changelog yet.
DHGE said:
SONY has a 28.0.A.7.31 under "Android Downloads"
Have not found a changelog yet.
A device tree is in the attachment.
Click to expand...
Click to collapse
Oh I meant set of files such as "android_device_sony_karin" or "android_device_sony_msm8994-common". (you can see some device tree for other devices on cyanogenmod's Github)
This is also called device tree.
@AndroPlus:
Hello, I'm seriously considering to buy this device but first I want to make sure (before buying a new tablet) that (a) it supports root (which obviously you were able to do) and (b) to support linux running on the device's framebuffer.
Since running linux on my 10 inch + tablets has become a 2nd nature to me (tablets make some of the best netbooks, being so light and battery-efficient compared to regular netbook) may I venture a suggestion?
Can you try enabling the config_VT on the kernel's option (i.e. the Virtual Terminal feature)? I know some devices to be unbootable after enabling that feature, others do boot. I mean I would be happy to try it myself, but for that I would need to buy the device first, and I much prefer to have a confirmation first.
So yeah great work there (creating the first custom kernel et al). Enabling a single feature would -at worse- cause a boot loop, so I'd guess it would be an easy experiment to do (in case of bootloop you just reflash a "proper" version of the kernel).
Thanks.
Code:
# Character devices
#
CONFIG_TTY=y
# [COLOR="Red"]CONFIG_VT is not set[/COLOR]
CONFIG_UNIX98_PTYS=y
# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set
# CONFIG_LEGACY_PTYS is not set
# CONFIG_SERIAL_NONSTANDARD is not set
# CONFIG_NOZOMI is not set
# CONFIG_N_GSM is not set
# CONFIG_N_SMUX is not set
# CONFIG_TRACE_SINK is not set
CONFIG_DEVMEM=y
CONFIG_DEVKMEM=y
I do not have the time ATM to test VT.
When I have the itch to work in terminal mode I either use adb from my Debian box or the app "Terminal Emulator".
What would VT give us more?
I'd like (as a challenge, not too useful) to port Perl 5.22 to the device and some tools...
But that should be possible with my above mentioned terminals at hand.
I have disabled SONY's RIC and that prevents the bootloops when fiddling with the configuration.
No guaranty for CONFIG_VT though.
Next thing I will try (not this week I suppose): work with the latest ..31 version from SONY and try to enable SELinux again. AndroPlus used my sources and with "his" kernel SELinux is disabled - necessary for me in rooting in the first attempt but I'd like to have SELinux again (stagefright etc.)
Virtual Terminal gives us the chance to output whatever image "we wish" directly to Android's framebuffer.
To make a longer story short, it lets us run Linux on a chroot environment almost natively.
The alternative to that would be running a whole X-server on top of Android or -worse- establish a VNC connection to the chroot environment. In both occasions running a (Desktop) linux distro would be a pain both for every-day use purposes but also kill the battery.
So -yeah- enabling the VT feature lets us -basically- turn our android tablet into a linux tablet with a press of a button (a script that starts the chroot environment and outputs to android's framebuffer) and then back to android through a second script.
I find the concept of Android/Linux netbooks/tablet very appealing as unlike Surface pro it lasts a longer (battery wise), it's half the weight and much better for tablet purposes.
Anyway testing VT would be a godsend (just see whether it boots at least). If it does boot I will buy the tablet in a heartbeat, and probably even write a guide of how to turn it into a full featured Linux machine with the press of a button (without having to dual boot)
I'll try to build config_VT enabled kernel.
For ric problem, maybe this commit works, so I'll try this.
https://github.com/fxpdev/android_k...mmit/a1223a90286f3a59eadb82c709c8d3c427e7bb78https://github.com/fxpdev/android_k...mmit/a1223a90286f3a59eadb82c709c8d3c427e7bb78
maybe this commit works
Click to expand...
Click to collapse
This is straight disabling RIC.
Fine but when I went this route my device bootlooped. I suppose because RIC-calls are hardcoded into SONY's init binary and we do not have the source for that.
So my "solution" was just to patch the calls to RIC and give OK on every call.
When AOSP sources will be available we have a modifiable init and you get your device tree.
@Stevethegreat
It booted successfully after adding CONFIG_VT and patch to arch/arm64/kernel/setup.c.
https://github.com/AndroPlus-org/an...mmit/18db9f30bc60bdb5ec0e91826e1ebba313b762a0
How do I check if it really works?
AndroPlus said:
@Stevethegreat
It booted successfully after adding CONFIG_VT and patch to arch/arm64/kernel/setup.c.
https://github.com/AndroPlus-org/an...mmit/18db9f30bc60bdb5ec0e91826e1ebba313b762a0
How do I check if it really works?
Click to expand...
Click to collapse
Wow those are great news. Thanks!
A quick way to check if it worked is to open Terminal emulator. Then navigate to dev/graphics and make a mental note of the different fb files that exist in that folder (for example fb0, fb1, etc)
When you do that you simply type "su" (to gain super user access) and lastly:
cat /dev/urandom > /dev/graphics/fb0
If all goes well you should get a flashing screen or even a solid screen with urandom's gibberish on top of the screen (a screen fillled with characters). You should *not* get "static" (non specific image) or an error code, really. After trying fb0 , please try the rest of FBx that you found in /dev/graphics. At least one should work as above (generally fb0 does).
Once again thanks man, much appreciated. If all goes well, I'm buying this tablet
I built a new kernel from the 28.0.A.31 sources with SELinux enabled (Yeah!! :laugh.
On a second run I set CONFIG_VT=y.
cat /dev/urandom > /dev/graphics/fb0
Click to expand...
Click to collapse
gives:
tmp-mksh: ... No space left on device
attempting to write on fb2 (three framebuffers 0-2) gives No such device
So no sport here ...
Hmmm pity :/.
Hope you ran the command as a super user.
Also maybee trying it w SeLinux in permissive may give different result.
Still I may buy the tablet annyway. As long as it boots with VT on I may find a way to make it work once I have it in hand...
yes I used the root account
I really like the tablet:
http://forum.xda-developers.com/showpost.php?p=62033395&postcount=17
Was fortunate to get it for 465 EUR, otherwise I'd have used my Tablet Z longer.
DHGE said:
yes I used the root account
I really like the tablet:
http://forum.xda-developers.com/showpost.php?p=62033395&postcount=17
Was fortunate to get it for 465 EUR, otherwise I'd have used my Tablet Z longer.
Click to expand...
Click to collapse
Since I'm very much interested, where did you find it (selling it) at 465 Euros? Everywhere I look is close to 600 Euros (shipping included) and that's kind of too much.
edit: sorry for the off-topic, I just remembered that this thread is about the OP's kernel, not our discussion (still PM me the answer if you wish, thanks).
I use this way to disable RIC:
CONFIG_SECURITY_SONY_RIC=n
I did diff command to check what files are changed in 28.0.A.7.31 and... no diff
Well I uploaded v2, now kernel has some new features such as KCAL and CPUQuiet.
I could build TWRP from source but it didn't boot, so I need to brush up my dirty device tree...
I compile a dtbtool from this git: https://github.com/scotthartbti/android_device_common_qcom.git
and use this command: dtbtool --force-v2 -o dt.img -s 2048 -p scripts/dtc/ arch/arm/boot/dts/
thus I have made a dt.img for my xperia z4
I tried to build TWRP and build succeeded, but didn't boot
here's last_log
kitakami device tree
https://github.com/AndroPlus-org/android_device_sony_karin
I could build and boot Cyanogen Recovery (useless...):
Download
If someone want to try useless recovery, enter into fastboot mode and type
Code:
fastboot flash recovery cmr.img
then reboot and hit power key when LED turn on.
[UPDATE]
OK, TWRP now boots!
...but no touch input:crying:
Build from official source didn't boot at all, and this multi-language fork boots.
Recap please
I've been following this thread intrigued for about a month, as long as I've had the tablet. I see that people have been successful in getting their tablets rooted and even gotten TWRP to work on some of them.
What I'm interested is getting simple instructions on how to get root access and of course TWRP would be a big plus since I'm using it on my phone
A Project By
Code:
[FONT=Garamond][COLOR=Red][B][SIZE=4][CENTER]*** Disclaimer***[/CENTER][/SIZE][/B][/COLOR][/FONT]
[CENTER][FONT=System]The warranty of this device has ended ages ago but still, [B]please[/B] read this disclaimer.
This thing will break your device [B]HARD[/B] and possibly [B]HURT[/B] you if you don't follow instructions properly.
I [B][URL="https://en.wikipedia.org/wiki/Brick_(electronics)"][COLOR=Red]HARD BRICK[/COLOR][/URL][/B] my device 4 times before getting it right.
So please, if you follow these instructions, it [URL="https://en.wiktionary.org/wiki/should"][B]SHOULD[/B][COLOR=Gray][SIZE=1](3)[/SIZE][/COLOR][/URL] be safe for you to flash it without worries
since I have solved almost all of the problems that occur.
BUT nevertheless [B]myself, [URL="https://forum.xda-developers.com/member.php?u=6857433"]FiveO[/URL], [URL="https://www.kali.org/"]Kali Linux[/URL], [URL="https://www.offensive-security.com/"]Offensive Security[/URL], [URL="https://forum.xda-developers.com"]XDA[/URL][/B] and its staff, members and crew
and/or any of the [B]developers credited[/B] on this [B][URL="https://www.kali.org/kali-linux-nethunter/"]project[/URL][/B] will [B][COLOR=red][URL="https://dictionary.cambridge.org/dictionary/english/never"]NEVER[/URL][/COLOR][/B] be held responsible.
The tools provided in this thread are to be used in a legal context only.
Thank you.[/FONT][/CENTER]
PLEASE DO NOT QUOTE THE ENTIRE THREADIntroduction
The Kali NetHunter is an Android penetration testing platform targeted towards Nexus and OnePlus devices built on top of Kali Linux, which includes some special and unique features.
Of course, you have all the usual Kali tools in NetHunter as well as the ability to get a full VNC session from your phone to a graphical Kali chroot, however the strength of NetHunter does not end there. We've incorporated some amazing features into the NetHunter OS which are both powerful and unique. From pre-programmed HID Keyboard (Teensy) attacks, to BadUSB, Man In The Middle attacks, to one-click MANA Evil Access Point setups, access to the Offensive Security Exploit(1) Database(2)...
And yes, NetHunter natively supports wireless 802.11info frame(1) injection(2) with a variety of supported USB NICs.
Click to expand...
Click to collapse
NetHunter Editions
NetHunter can be installed on every Android device under the sun using one of the following editions:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
The following table illustrates the differences in functionality:
The NetHunter-App specific chapters are only applicable to the NetHunter & NetHunter Lite editions.
The Kernel specific chapters are only applicable to the NetHunter edition.
Click to expand...
Click to collapse
Images
NetHunter Apps
NetHunter Companion Apps
Nethunter Kex
Kex Docs
Nethunter Store
Nethunter Store F-Droid and others repo add-on
Nethunter Terminal
Click to expand...
Click to collapse
NetHunter and NetHunter Lite ROM compatibility test result on Android PIE
[ROM][9.0][BACON][OFFICIAL]Syberia Project
syberia_bacon-v2.6-20190622-1327-OFFICIAL = Pending
syberia_bacon-v2.9-20190921-0756-OFFICIAL = Pending
[ROM][9.0][OFFICIAL][bacon] LineageOS 16.0 for OnePlus One
lineage-16.0-20190620-nightly-bacon-signed = Success
lineage-16.0-20190701-nightly-bacon-signed = Success
lineage-16.0-20191130-nightly-bacon-signed = Failed
[ROM][9][Pie][Bacon][UNOFFICIAL] crDroid 5.5 (6/16/2019)
crDroidAndroid-9.0-20190616-bacon-v5.5 = Pending
[ROM][9.0.0][PIE] ViperOS 6.1 [BACON][UNOFFICIAL]
Viper-bacon-20190219-v6.1-UNOFFICIAL = Pending
[ROM][9.0.0][WEEKLIES] CarbonROM | cr-7.0 [bacon]
CARBON-CR-7.0-OPAL-RELEASE-bacon-20191120-0302 = Pending
[ROM] [OFFICIAL] [AOSP] Arrow OS [Pie] [9.0.0_r44] | Bacon [2019-07-21]
Arrow-v9.0-bacon-OFFICIAL-20190613 = Pending
Arrow-v9.0-bacon-OFFICIAL-20191016 = Pending
[ROM][9.0][OFFICIAL]Superior OS Nemesis[Bacon][16-09-2019]
SuperiorOS-Nemesis-bacon-OFFICIAL-20190630-0838 = Failed
SuperiorOS-Nemesis-bacon-OFFICIAL-20191012-0637 = Failed
Will do 2nd test for SuperiorOS
[ROM]-[bacon]-[OFFICIAL]-Havoc-OS-[9.0.0]
Havoc-OS-v2.6-20190626-bacon-Official = Success
Havoc-OS-v2.9-20190912-bacon-Official = Success
[ROM][9.0.0_r37] POSP v2.3 - bacon [OFFICIAL][WEEKLIES]
potato_bacon-9-20190719.Baked-v2.3.WEEKLY = Pending
[ROM][LineageOS][Android 9.0.0r40][OMS]TugaPower™ 19.0
TugaPowerP21_OP1 = Failed
TugaPowerP22_OP1 = Failed
TugaPowerP23_OP1 = Failed
Result on TWRP
twrp-3.3.1-0-bacon = Nethunter Flashable
TWRP 3.3.1-K1 = Nethunter Unflashable
Unofficial TWRP 3.2.1-1 by TugaPower = Nethunter Flashable(Stable)
Click to expand...
Click to collapse
SELinux Issues
SELinux will effect HID Interface functionality as well as SafetyNet, please download SELinux mod changer to solve this problem.
Click to expand...
Click to collapse
Download
NetHunter
Nethunter 2020.1 Stable
NetHunter Lite
Nethunter Lite 2020.1 Stable
Gapps
MindTheGapps
F-Droid Store
F-Droid
Click to expand...
Click to collapse
NetHunter Rootless Editions
Maximum flexibility with no commitment
Usage
Note: The command nethunter can be abbreviated to nh.
Tip: If you run kex in the background (&) without having set a password, bring it back to the foreground first when prompted to enter the password, i.e. via fg <job id> - you can later send it to the background again via Ctrl + z and bg <job id>
To use KeX, start the KeX client, enter your password and click connect
Tip: For a better viewing experience, enter a custom resolution under “Advanced Settings” in the KeX Client
Tips
Run apt update && apt full-upgrade first thing after installation. If you have plenty of storage space available you might want to run apt install kali-linux-full as well.
Firefox won’t work on unrooted devices. Just replace it with Chromium via: apt remove firefox-esr apt install chromium Next: ~ Find the “Chromium Web Browser” item in the application menu ~ right click and select “Edit Application” ~ Change the “Command” to /usr/bin/chromium --no-sandbox %U
All of the penetration testing tools should work but some might have restrictions, e.g. metasploit works but doesn’t have database support. If you discover any tools that don’t work, please post it in our forums.
Some utilities like “top” won’t run on unrooted phones.
Non-root users still have root access in the chroot. That’s a proot thing. Just be aware of that.
Galaxy phone’s may prevent non-root users from using sudo. Just use “su -c” instead.
Perform regular backups of your rootfs by stopping all nethunter sessions and typing the following in a termux session: tar -cJf kali-arm64.tar.xz kali-arm64 && mv kali-arm64.tar.xz storage/downloads That will put the backup in your Android download folder. Note: on older devices, change “arm64” to “armhf”
Please join us in our forums to exchange tips and ideas and be part of a community that strives to make NetHunter even better.
Click to expand...
Click to collapse
Instructions
NetHunter & NetHunter Lite
Skip this step if device already rooted
Preparation
Backup everything including internal storage.
Download Bacon Root Toolkit
Unlock bootloader and root(+flash custom recovery) your device.
Reboot to recovery
Flash TWRP use TugaPower
Reboot back to recovery and continue with flashing instruction
Flashing
Please make sure batteries are above 90%
Backup everything including internal storage,
Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES.
(you can proceed without wiping internal storage but it can cause unknown problem)
Reboot back to TWRP
Flash ROMs
(Please choose ROM that already tested if possible)
Flash Magisk 20.3
Flash Gapps
(Please use MindTheGappps version instead of OpenGapps since it's has BusyBox pre install that could cause problems after flashing)
Reboot System and proceed with the start-up, after start-up completed, enable developer’s mode.
Reboot back to TWRP and flash Nethunter 2020.1
Reboot back to system.
NetHunter Rootless
Android Device (Stock unmodified device, no root or custom recovery required)
Installation
Install the NetHunter-Store app from https://store.nethunter.com
From the NetHunter Store, install Termux, NetHunter-KeX client, and Hacker’s keyboard
Note: The button “install” may not change to “installed” in the store client after installation - just ignore it. Starting termux for the first time may seem stuck while displaying “installing” on some devices - just hit enter.
Open Termux and type:
Code:
[LIST=1]
[*]termux-setup-storage pkg
[*]install wget
[*]wget -O install-nethunter-termux https://offs.ec/2MceZWr
[*]chmod +x install-nethunter-termux
[*]./install-nethunter-termux
[/LIST]
Happy Hunting
Click to expand...
Click to collapse
Post Installation Setup
Open the NetHunter App and start the Kali Chroot Manager.
Install the Hacker Keyboard from the NetHunter Store using the NetHunter Store app.
Install any other apps from the NetHunter app store as required.
Configure Kali Services, such as SSH.
Set up custom commands.
Initialize the Exploit Database.
Click to expand...
Click to collapse
Frequently Asked Questions
Q - Documentation and Attack Descriptions
A- Attack descriptions as well as some documentation to get you started with the installation and setup of Kali NetHunter can be found at Nethunter Wiki
Q - Is Kali NetHunter an Android ROM?
A- Kali Linux NetHunter is not a ROM but is meant to be installed over an existing stock factory image of Android. It can also be installed over some Cyanogenmod based ROMs depending on device support. It is heavily based on using custom kernels and only supports a select number of devices. We're relying on you, the community, to port your devices for the full Kali NetHunter experience.
Q - Does NetHunter support Marshmallow, or Nexus 9 devices?
A - Yes, check our wiki for more information on supported devices and ROMs wiki
Q - What kind of attacks does NetHunter support?
A - Our wiki has a list of included attack tools wiki
Q - NetHunter is awesome! How do I install it?
A - Follow the instructions on the Installation wiki
Q - What is the best wireless card for NetHunter?
A - A list of supported devices and chipsets wiki
Click to expand...
Click to collapse
Thanks To/Credits/Source Code
Code:
[FONT="Franklin Gothic Medium"]# [URL="https://www.gsmarena.com/oneplus_one-6327.php"]OnePlusOne[/URL]
[oneplus1]
author = "[URL="https://twitter.com/_binkybear?lang=en"]binkybear[/URL] & [URL="https://twitter.com/yesimxev/with_replies"]yesimxev[/URL]" for the [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-devices/tree/master/pie/oneplus1"]zImage-dtb and Module[/URL]
version = "2.2"
devicenames = bacon A0001 one OnePlus
block = /dev/block/platform/msm_sdcc.1/by-name/boot
[URL="https://forum.xda-developers.com/member.php?u=4544860"]osm0sis [/URL]for the [URL="https://github.com/osm0sis/AnyKernel3/"]AnyKernel3 Ramdisk Mod Script [/URL]Customized for NetHunter
[URL="https://forum.xda-developers.com/member.php?u=5672995"]jcadduono [/URL]for the [URL="https://github.com/jcadduono/lazyflasher"]lazyflasher[/URL]
[URL="https://twitter.com/re4sonkernel?lang=en"]re4son [/URL]for the [URL="https://gitlab.com/kalilinux/nethunter/apps/kali-nethunter-app"]Nethunter App[/URL], [URL="https://www.kali.org/docs/nethunter/"]Documentation[/URL] and [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project/-/tree/master/nethunter-rootless"]NetHunter Rootless[/URL]
[URL="https://www.kali.org/"]Kali Linux[/URL] for the [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project"]Nethunter Project[/URL]
[URL="https://lineageos.org/"]LineageOS[/URL] for the [URL="https://github.com/LineageOS/android_kernel_oppo_msm8974"]Kernel Source Code[/URL]
[URL="https://forum.xda-developers.com/member.php?u=4841620"]Timmmmaaahh[/URL] for Proofreading[/FONT]
Hello XDA Members,
This is Official Nethunter 2019.4 Originally for OnePlus One Android Marshmallow that i port with Android PIE Boot-Patcher.
It's a stable build if you flash with a suitable ROM, so please check the Test Results before flashing,
The ROM compatibility test is still ongoing, and i will update it regularly.
Nethunter 2019 has some issue with Older Devices on latest ROM build, For example on Lineage 16, Nethunter will not work after July build, it will cause boot loop or error on Lineage newer build,
but this problem is not the same with all ROM,
example Havoc-OS work with Nethunter 2019 without any issues, even with September build.
I still finding a way to fix this issues, and i intend to solve this before i release Nethunter 2020.1 next year.
That all update i have for now.
Thank You for participating, have a great day.
Sent from my OnePlus One using XDA Labs
Heck yeah, nice to see seething like this finally ported to pie
Glad to see you finally releasing! Looking forward to testing it on my sweet old Bacon (when I ever find some time, lol)!
wow really nice, any idea why Kex only show blue screen with pointer? now menu or something else? sorry its been a year since lastime im try kali net hunter/
ender1324 said:
Heck yeah, nice to see seething like this finally ported to pie
Click to expand...
Click to collapse
Thanks, I'm happy to see you like it.
Timmmmaaahh said:
Glad to see you finally releasing! Looking forward to testing it on my sweet old Bacon (when I ever find some time, lol)!
Click to expand...
Click to collapse
Thank you Timmy and thanks for all the help too, hope you do find some time to try it:good:.
xsetiadi said:
wow really nice, any idea why Kex only show blue screen with pointer? now menu or something else? sorry its been a year since lastime im try kali net hunter/
Click to expand...
Click to collapse
If this what you meant(refer attachment) then it's the new Kali Desktop Xfce user interface.
Not like that. There's no start menu. Only blank screen with pointer like this
Installation tips.
Hello FairuzOnn and thank you very much for your hard work, it is appreciated.
I like the way your post is written, it's easy to read.
I am preparing my OPO for Nethunter install over a new ROM (lineage-16.0-20190701-nightly-bacon-signed) and I have a question for you. You mentionned at point #2:
"Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES".
That means there will nothing left on the OPO except TWRP. So my understanding is that I should use adb sideload to install the ROM.ZIP from my computer. If not, can you tell me more about this?
Normally, I download the ROM to my OPO and then flash it with TWRP but I think it's better to "clean" the phone and start fresh.
Can you run EDXposed and Multirom? If not, I'll backup after the ROM/Nethunter install before I install those.
Again, thank you very much.
xsetiadi said:
Not like that. There's no start menu. Only blank screen with pointer like this
Click to expand...
Click to collapse
Hi xsetiadi sorry for the very late reply.
Try update chroot
on nethunter terminal
Code:
apt-get update
apt-get dist-upgrade
That should solve the problem.
2643625 said:
Hello FairuzOnn and thank you very much for your hard work, it is appreciated.
I like the way your post is written, it's easy to read.
I am preparing my OPO for Nethunter install over a new ROM (lineage-16.0-20190701-nightly-bacon-signed) and I have a question for you. You mentionned at point #2:
"Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES".
That means there will nothing left on the OPO except TWRP. So my understanding is that I should use adb sideload to install the ROM.ZIP from my computer. If not, can you tell me more about this?
Normally, I download the ROM to my OPO and then flash it with TWRP but I think it's better to "clean" the phone and start fresh.
Can you run EDXposed and Multirom? If not, I'll backup after the ROM/Nethunter install before I install those.
Again, thank you very much.
Click to expand...
Click to collapse
Hello
Thank you for the compliment
You can use adb sideload or adb push, but the best way to flash ROM is by using USB Pendrive or USB OTG.
By the way I recommend using Havoc ROM, it's currently the most stable for nethunter.
You can use EDXposed but it will break safety net,
As for Multirom, I'm still working on it, the current build i made for android pie has lot of issues and can cause hard brick.
I will update you if Multirom android pie build stable to use.
This looks so impressive. Wish I were smart enough to find use for it lol
Hi! How to fix? I'm using I am using TWRP from the developer Kutep0v. (TWRP 3.2.1-K2).
thoiloidainhan said:
This looks so impressive. Wish I were smart enough to find use for it lol
Click to expand...
Click to collapse
Hi thoiloidainhan,
You can visit offensive security to learn about ethical hacking, please try it if you got the time.
Бахрам Байрамза said:
Hi! How to fix? I'm using I am using TWRP from the developer Kutep0v. (TWRP 3.2.1-K2).
Click to expand...
Click to collapse
Hello Бахрам Байрамза,
You can solve this problem, by using stock TWRP or Unofficial TWRP 3.2.1-1 by TugaPower.
For some reason all KutepOv TWRP not compatible to flash NetHunter.
HAPPY HUNTING
FairuzOnn said:
Hi thoiloidainhan,
You can visit offensive security to learn about ethical hacking, please try it if you got the time.
Hello Бахрам Байрамза,
You can solve this problem, by using stock TWRP or Unofficial TWRP 3.2.1-1 by TugaPower.
For some reason all KutepOv TWRP not compatible to flash NetHunter.
HAPPY HUNTING
Click to expand...
Click to collapse
Thanks!
Бахрам Байрамза said:
Thanks!
Click to expand...
Click to collapse
Your Welcome:good:
Hi there, thanks for all your hard work. I'm about to install but which base rom would you recommend as some time has passed.
amd-dude said:
Hi there, thanks for all your hard work. I'm about to install but which base rom would you recommend as some time has passed.
Click to expand...
Click to collapse
Hi sorry for the late reply,
Right now I recommend HACOV ROM,
anyway I currently compile new update, version 2020.1,
I'm planing to finish it and upload it the latest by tomorrow,
batter wait for this update.
FairuzOnn said:
Hi sorry for the late reply,
Right now I recommend HACOV ROM,
anyway I currently compile new update, version 2020.1,
I'm planing to finish it and upload it the latest by tomorrow,
batter wait for this update.
Click to expand...
Click to collapse
Will do, I'll download all the other files in the meantime.
FairuzOnn, wondering if you completed the new version yet?
nickkilla said:
FairuzOnn, wondering if you completed the new version yet?
Click to expand...
Click to collapse
Hi sorry for the late reply, i Have finish most of it, got some problem with NetHunter App I'm working on it, I'm really sorry for the delay. I'm at Gaylord California right now, i have to attend a conference here, i think i will post the new update in 2 or 3 days time.
Sent from my OnePlus One using XDA Labs
FairuzOnn said:
Hi sorry for the late reply, i Have finish most of it, got some problem with NetHunter App I'm working on it, I'm really sorry for the delay. I'm at Gaylord California right now, i have to attend a conference here, i think i will post the new update in 2 or 3 days time.
Sent from my OnePlus One using XDA Labs
Click to expand...
Click to collapse
No worries. Thanks for the update.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I present to you: Kali NetHunter for the TicWatch Pro 3 WearOS
Kali NetHunter is an Android ROM overlay that turns an ordinary phone into the ultimate Mobile Penetration Testing Platform. Now it's available for your smartwatch with some limitations.
The overlay includes a custom kernel, a Kali Linux chroot, an accompanying Android application, which allows for easier interaction with various security tools and attacks.
Beyond the penetration testing tools arsenal within Kali Linux, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, WPS attacks, and much more. For more information about the moving parts that make up NetHunter, check out our NetHunter Components page.
NetHunter is an open-source project developed by Offensive Security and the community.
All variants are supported (TicWatch Pro 3 GPS/LTE/Ultra GPS/Ultra LTE) with a generic installer as of now. This means there's no custom kernel yet, however all the features work from the TicWatch Pro, except BadUSB.
## 1. Unlock the bootloader
- Connect your watch to your PC with a DIY USB cable or a 3D printed data dock, and fire up a terminal.
- If you have set up your watch on the phone you can access settings, otherwise hold both buttons for a few seconds on the welcome screen.
- Enable developer settings by going to System -> About -> tap Build number 10 times
- Enable ADB, re-plug USB and accept debug from PC
- Reboot into bootloader with `adb reboot bootloader` from the terminal
- Unlock bootloader with `fastboot oem unlock`
## 2. Flash TWRP, WearOS image, Magisk, dm-verity disabler
Please note Magisk 24.3 is recommended.
- Again enable ADB, and reboot to bootloader with `adb reboot bootloader`
- Disable vbmeta verification: `fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img`
- Flash recovery `fastboot flash recovery recovery.img`
- Boot into recovery by selecting it with the side buttons (switch with bottom one, select with upper button)
- Select Wipe -> Advanced Wipe -> select Format Data
- Reboot to recovery
- Select "Install -> ADB Sideload"
- Flash OneOS with `adb sideload`
- Flash Ultra addon with `adb sideload` only if you have an Ultra watch
- Flash Mobvoi Apps with `adb sideload`
- Make a copy of your Magisk apk file to Magisk-v24.3.zip
- Flash Magisk with `adb sideload`
- Flash Disabler with `adb push Disable_Dm-Verity_ForceEncrypt_11.02.2020.zip /sdcard/` and Install via TWRP
- Reboot & do initial setup (pair with your phone through WearOS app)
## 3. Finalise Magisk app to finish the rooting process
- Finalise Magisk installation with app `adb install Magisk-v24.3.apk`
- Launch Magisk Manager
- You might want to disable auto-update, set grant access in auto response, and disable toast notifications for easier navigation in the future
## 4. Install NetHunter
- Reboot to recovery
- Select Install -> ADB Sideload
- Flash NetHunter image with `adb sideload`
- Reboot
- Start NetHunter app & chroot
- Reboot
## 5. Set NetHunter watch face
- Install Facer onto your phone and watch from Play Store
- Search for NetHunter
- Select & Sync
### Enjoy Kali NetHunter on the TicWatch Pro 3
## Downloads
- Magisk
- TWRP images
- OneOS ROM, Mobvoi apps, Ultra addon
- vbmeta image
- dm-verity and forceencrypt disabler
- NetHunter zip
## Additional recommended apps
- TotalCommander: useful for selecting eg. a Ducky script, use "adb install" method
Download link: https://www.totalcommander.ch/android/tcandroid323-armeabi.apk
## Supported features
- Kali services
- Custom Commands
- MAC Changer
- HID Attacks
- DuckHunter
- Nmap Scan
- WPS Attacks
## Upcoming features (not guaranteed)
- Nexmon, as the chipset is supported, needs some time
- Bluetooth Arsenal (internal bluetooth via blueblinder, as carwhisperer fails to r/w when SCO channel is connected)
- Router Keygen (to be optimised)
- Hijacker (if nexmon succeeds)
- Mifare Classic Tool (need to build OS with android.hardware.nfc enabled)
## Hardware limitations
- Power resource is not enough for any external adapters, although this kernel might support Y cable in the future!
WearOS version:
XDA: DevDB Information
Kali Nethunter, Kernel & ROM for the TicWatch Pro 3
Contributors
@yesimxev
Source Code: https://gitlab.com/kalilinux/nethunter/
Reserved
Thank you so much for this
Is it working on twp3ultra?
And which stockrom img incase anything went wrong.
Thank you in advance
nelikp said:
Thank you so much for this
Is it working on twp3ultra?
And which stockrom img incase anything went wrong.
Thank you in advance
Click to expand...
Click to collapse
Yes it is, use rover for Ultra LTE and rubyfish for Ultra GPS. Link for stock ROMs is above in the OneOS dowbload page, scroll down for stock
yesimxev said:
Yes it is, use rover for Ultra LTE and rubyfish for Ultra GPS. Link for stock ROMs is above in the OneOS dowbload page, scroll down for stock
Click to expand...
Click to collapse
Thank you so much
Waiting my cable from alixpress
May i have the oneos download page sir
nelikp said:
Thank you so much
Waiting my cable from alixpress
May i have the oneos download page sir
Click to expand...
Click to collapse
Everything is there. Just scroll
Achi Shukuteki said:
Everything is there. Just scroll
Click to expand...
Click to collapse
Thanks sir
I found it
Here
Download •OneOS Wear•
wear.revtechs.me
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
kerode said:
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
Click to expand...
Click to collapse
I think the general forum would be more appropriate for that question. I was interested in the same thing, though.
kerode said:
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
Click to expand...
Click to collapse
Well that goes onto my list next to the enable android.hardware.nfc + android.hardware.sensor.compass in the ROM for building OneOS if it's not disabled in kernel
Edited:
My bad, kali chroot needs to be run first. Succes now
Just flashed nethunter to my twp3 but when i start nethunter app somehow there was a pop up saying "chroot is not yet installed".
Should i sideload nethunter zip again?
Can i flash zip file via twrp after push the file to the watch?.
Thanks
enter2explore said:
Edited:
My bad, kali chroot needs to be run first. Succes now
Just flashed nethunter to my twp3 but when i start nethunter app somehow there was a pop up saying "chroot is not yet installed".
Should i sideload nethunter zip again?
Can i flash zip file via twrp after push the file to the watch?.
Thanks
Click to expand...
Click to collapse
If all the steps were followed correctly, then show me /tmp/recovery.log after flashing again. Use pastebin please
yesimxev said:
If all the steps were followed correctly, then show me /tmp/recovery.log after flashing again. Use pastebin please
Click to expand...
Click to collapse
Hi @yesimxev
Already solved, it just the matter i forgot to start chroot. Work normally now.
Thanks
yesimxev said:
Well that goes onto my list next to the enable android.hardware.nfc + android.hardware.sensor.compass in the ROM for building OneOS if it's not disabled in kernel
Click to expand...
Click to collapse
awesome mate, looking forward to it!!
managed to install and chroot
but how to wps attack?
any guide would appreciate
TIA
Im stuck when running command fastboot oem unlock all I get it waiting for any device and thats it.
nemzzy668 said:
Im stuck when running command fastboot oem unlock all I get it waiting for any device and thats it.
Click to expand...
Click to collapse
Check the connection.
Achi Shukuteki said:
Check the connection.
Click to expand...
Click to collapse
Connewction is fine, ADB works, windows then also detects it when it reboots. Just fastboot that sticks. Using Windows 11
nemzzy668 said:
Connewction is fine, ADB works, windows then also detects it when it reboots. Just fastboot that sticks. Using Windows 11
Click to expand...
Click to collapse
Oh hmmm. Im on Win10. I'll leave it to the forum with that one. Unless you want to use a live Linux distro, grab the tools, you already have the files, and try that way.
Run fastboot devices first after reboot to bootloader..make sure ur watch detected.
Otherwise check ur driver
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
With Great power comes great responsibility.
Disclaimer::
Please use this Kernel in accordance with local law and with the privacy of yourself and others in mind. Not responsible for any charges you might accrue, bail money or fines if you choose to use it for unlawful reasons
Warning your warranty is now void. Do this at your own risk. The mad clown is in no way responsible for the chaos, worldwide disease, nuclear destruction, laughing fish, costumed caped crusaders or damage caused to your device by performing the steps involved.
The mad tech clown is back with another Kernel for all of the Kali-linux-nethunter users wanting the portability of kali-nethunter for their Pixel 6 and 6Pro devices codenamed Oriole and Raven .
I now bring you the
Mad-Kali-Maxhunter kernel for raviole
Some of the features include:
-power efficient workqueues
-fsync switch
-boeffla wake lock blocker
-force usb fastcharge
-mm: oom_kill: Reduce some verbose logging
-cpufreq: add cleanslate battery optimizer feature
-/dev/tmp and /dev/tmp/ mount
-full bluetooth support
-Wifi injection
-dvb / sdr support
Plus:
-Everything neeeded to use kali properly on your device plus some systemd stuff
-dns resolver support
-full usb/otg support
See source commits for more
This is not a super fancy pot luck kernel with every allowable feature. This is tuned out quite effeciently and ive found that adding certain features or too many causes heat to rise and we all know thats not good with this device.
Source
GitHub - Biohazardousrom/android_kernel_google_raviole
Contribute to Biohazardousrom/android_kernel_google_raviole development by creating an account on GitHub.
github.com
Download
16.68 GB folder on MEGA
74 files and 20 subfolders
mega.nz
How to Flash:
pre-requisites:
Franco Kernel Manager & root
Download zip to the internal storage of your device.
Open FKM and tap 3 line menu and choose flasher.
Choose manual flash and navigate to the zip file, select it and choose reboot after flash.
Enjoy
For more support
gs101 and gs201 development/support
Pixel 6/pro & 7/pro discussion group for general support and development
t.me
Thanks to
acuicultor
freak07
tbalden
arter97
andip71
for all your development
reserved
Some notes to help you get the Kali-nethunter system set up on your device.
1. Please install the Kali-nethunter magisk modules. These will have the firmwares needed to use the various USB dongles for wifi/bluetooth.
2. Visit this site to download and install the Kali-nethunter store https://store.nethunter.com/en/
3. After installing the store app let it update and then install these 3 apps
-Kali-nethunter installer updater and interface (aka kali-nethunter gui)
-Kali-nethunter terminal
-Kali-nethunter bvnc and kex manager
once installed open the kali gui app and ok any permissions it asks for. it will then force close.
Note:: Since android 12 the gui quit asking for several permissions needed for running scripts in the terminal so you will need to download the attached file kadb.sh to your pc then connect your device to the pc and open a command prompt and run
./kadb.sh
this will grant the missing permissions and allow the gui to open again without it force closing. script was written for linuxed based pc's. if you use windows just open it up and copy and paste the comnands one by one.
or if you have another rooted device you can connect the two via otg and run from the extra rooted device
4. open the gui app once more and navigate to install and start chroot. if you have your own just add the location to the given box when you choose install. for everyone else let the app download it and install from the Kali repository.
Note:: this will take some time please do not exit the app while in the process of downloading or installing
5. to make it easier to enter the kali nethunter terminal app create a custom comnand in the gui. it can be anuthing ls, apt-get update just what ever. then save it to kali and use it when ever you want to use the terminal
Note:: If you want to use the Kex manager/vnc you will need the root password to run programs as root. That password is toor.
Also you can activate wlan0 and wlan1 without a usb dongle. But for some reason it wont allow use of bluetooth without a dongle. i never could find a rhyme or reason for this but i have found when using bluetooth on my pc that kali would not use the built in bluetooth either and i would have to use a dongle. this is probably by design for stealth reasons but dont quote me.
I have found dual wifi and bluetooth adapters in the past and they work simultaneously
This is great! Will it be possible for you to share the kernel build instructions here? I cloned you repo into private/gs-google and ran BUILD_KERNEL=1 ./build_slider.sh -j$(nproc) after that. I do see the kernel files in out/mixed/dist. I flashed them, and it gave me boot loops.
It would be awesome if you could share some build instructions as well.
you can find more info on building kernels here....
Building Kernels | Android Open Source Project
source.android.com
but the steps i took were to initialize and sync the repo listed in the link above. then from there i made my cherry picks. next i went to /arch/arm64/configs and edited the gki_defconfig to match the needed configs i needed for kali linux. after that i ran build/build.sh.
it will error after that because the abi_symbol_allowlist in /android/abi_gki_aarch64_generic file will need updated with the new symbols now compiled in the newly customized kernel.
then after you have corrected all the errors and its built a kernel you will have 4 items to flash..
boot.img
dtbo.img
vendor_boot.img
vendor_dlkm.img
dtbo and boot are flashed in fastboot while vendor_boot and vendor_dlkm are flashed in fastbootd.
but the easiest way to flash is by making an anykernel.zip
also need to point out that some custom roms will not allow you to flash custom kernels so i would hop on tg and ask the maintainer if that rom permits flashing kernels else your gonna have a hard time
thanks for the build @Duhjoker. I managed to flash it on a Pixel 6 and install NetHunter but wifi monitoring mode doesn't work. This is the output from `airmon --debug`
Hey Duhjoker! Thanks for your work on this! Its a dream come true! I just have one question. Is there any chance we will see a pixel 6a version of this kernel with wifi injection? Or is this a pipedream?
evansfromza said:
thanks for the build @Duhjoker. I managed to flash it on a Pixel 6 and install NetHunter but wifi monitoring mode doesn't work. This is the output from `airmon --debug`
View attachment 5705665
Click to expand...
Click to collapse
i am aware of the problem and im looking into it. to be honest i never could get airmon-ng to work on any android.
im thinking monitor mode may need to be enabled first through /sys/ like qualcomm but i could be wrong. this is my first exynos kernel and im having to relearn stuff.
gahndii said:
Hey Duhjoker! Thanks for your work on this! Its a dream come true! I just have one question. Is there any chance we will see a pixel 6a version of this kernel with wifi injection? Or is this a pipedream?
Click to expand...
Click to collapse
I can but i dont own a pixel 6a. The build would have to completely blind but if your willing to test i can try. i did the same for the pixel 3 so it shouldnt be a problem but read next post to see whats up on the current state of building
ok so i dont know whats up with android 13 kernel source but so far none of the builds are booting. ive been at it since release and no go.
but be assured i am working on stuff
Duhjoker said:
I can but i dont own a pixel 6a. The build would have to completely blind but if your willing to test i can try. i did the same for the pixel 3 so it shouldnt be a problem but read next post to see whats up on the current state of building
Click to expand...
Click to collapse
Though I wouldn't mind testing something like that, however would not consider myself a reliable tester. I'm more of a tinkerer honestly. I haven't flashed a rom in 4-5 years haha I gave up years ago on a kernel with wifi packet injection drivers baked in. (for a model I owned) I would not be able to give you solid reliable feedback but id happily try it out for fun. From what ive been reading looks like im staying on Android 12 for a bit longer.
The ramdisk provided by Google for A13 is the issue, you must extract it from vendor_boot and replace it inside prebuilts folder, thanks to freak07 for the solution.
Here's the commit from him.
acuicultor said:
The ramdisk provided by Google for A13 is the issue, you must extract it from vendor_boot and replace it inside prebuilts folder, thanks to freak07 for the solution.
Here's the commit from him.
Click to expand...
Click to collapse
Thank you so much for that. it was driving me crazy and couldnt understand what the problem was.
so now we have kali coming for a13 in a couple days
ok guys Mad-Kali-MaxHunter-Raviole-T for android 13 is now live and linked in op.
I have been researching the wifi monitor mode and packet injection properties on the wlan and heres the state of the driver from my google searches
The bcm4389 wifi 6e client set of chips was announced in 2020 by broadcom and can be found in the Samsung galaxy s21 and google pixel 6, 6pro and 6a models along with some xiaome phones.
For us that means that the drivers and firmware are so new that theres been very little development for it. i myself was only able to find a bluetooth patch that im sure has already been picked up by the google source kernel devs.
from what i can tell of the other drivers by looking at the nexmon github page and further reading the previous wlan modules needed patched firmware to enable airmon-ng.
im still doing research into how to fix this but if anyone has any clues please speak up.
but for now if you should be able to get by using a usb wifi dongle.
Hi, @Duhjoker I was able to install everything successfuly but it seems like the kernel is missing some features not directly related to Kali but that would be nice to add.
HID attack support from Rucky, and ISO usb host from DriveDroid.
I'm using a Pixel 6 Pro on A13
Thanks for your work
Unfortunately, usb wifi dongles aren't working even if they're supported, even after installing their firmwares. Something's wrong with the kernel.
I have good news. Seems google did the hard work for us on hacking the firmware for monitor mode and it looks like we can now use monitor mode to catch packets "NATIVELY".
please read here for the details.
Get BCM4389 into monitor mode for WIFI sniffing
Hey all, I was trying to watch beacon frames transmitted by my access point, but had no capable hardware in my house to sniff it. Or did I? Turns out, Pixel 6 / Pixel 6 Pro can do it. Here's my howto...
forum.xda-developers.com
i havent tested this fully yet but a friend in my tg chat helped me snag the binaries rc files and best of all the firmware.
i dont currently have a magisk module yet but with root copy the vendor folder in the zip to /data/adb/modules pick any module for example
/data/adb/modules/busybox-ndk/system
reboot and enjoy
edit: you made need to chmod the binaries after placing them
deleted
tried that, it doesn't work.
also, wifi dongles are recognized by lsusb but not mounted (airmon-ng only shows phy0 - internal wlan interfaces)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
ALYNX Nethunter Kernel for Pixel 4a 5G - [Android 12L]
What is Nethunter ?
Kali NetHunter is a free & Open-source Mobile Penetration Testing Platform for Android devices, based on Kali Linux.
Click to expand...
Click to collapse
Code:
I'm not responsible for bricked devices, dead SD cards.
Do some research if you have any concerns about features included in this Kernel.
About the kernel :
Kernel is based on fsociety kernel sources.
Features:
Internal Wifi Monitor Mode Support (packet injection doesn't work as it is based on qcacld-3.0 which is not capable of packet injection yet)
HID gadget keyboard/mouse
USB WiFi, mac80211 (Monitor mode, packet capture, packet injection) [Compatibility List]
RTL88XXAU USB WIFI Support
RTL8188EUS USB WIFI Support
ATH9K_HTC USB WIFI Support
Ethernet Support
Bluetooth USB Support
SDR Support
BadUSB
warning: please do not update magisk after flashing the kernel, you can update the magisk before flashing the kernel.
Installation:
Download the zip file containing the kernel from below
Flash the zip using franco kernel manager if franco doesn't work use EX kernel manager (Flashing the kernel/zip will preserve the root)
Install Busybox
Download Wireless_firmware.zip open Magisk and install the zip as Magisk module
Install Nethunter store
Install Nethunter app & Nethunter terminal from Nethunter store
Open Nethunter app & Download the full chroot kalifs within the app and let the app setup everything. After it finishes it'll start the chroot automatically.
Update the sources with apt-get update && apt-get upgrade in the chroot using nethunter terminal
Reboot the device
Note: if nethunter app crashes open any android terminal in su environment and paste the following.
Code:
pm grant com.offsec.nethunter android.permission.ACCESS_FINE_LOCATION
pm grant com.offsec.nethunter android.permission.ACCESS_COARSE_LOCATION
pm grant com.offsec.nethunter android.permission.READ_EXTERNAL_STORAGE
pm grant com.offsec.nethunter android.permission.WRITE_EXTERNAL_STORAGE
pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT
pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_SU
pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_NH
pm grant com.offsec.nethunter com.offsec.nhterm.permission.RUN_SCRIPT_NH_LOGIN
Extra:
if you want to replace nethunter terminal with termux (not completely nethunter main app will still launch nethunter terminal everytime for any operation but you can access kali chroot environment from termux.
(i know nethunter terminal sucks)
Follow these steps to access the environment from termux:
Install termux from f-droid or from nethunter store
Open termux and install root repo using pkg update && pkg install root-repo tsu wget
Download the script from termux using wget https://raw.githubusercontent.com/name-is-cipher/boot-nethunter/main/install_boot-kali.sh
chmod +x install_boot-kali.sh && ./install_boot-kali.sh
let it setup everything.
restart termux and type boot-kali to access the nethunter chroot environment
if you like my work give this post a like : )
Credits:
Team Kali For Nethunter
momojura For fsociety kernel.
XDA:DevDB Information
Alynx Nethunter For Pixel 4a 5G Bramble
Contributors: V3rB0se
Source Code: https://github.com/V3rB0se/redbull
Version Information
Status: Stable
Stable Release Date: 02/08/2022
Created 02/08/2022
Last Updated 27/07/2022
Reserved
Hey! Slight problem.
I just flashed the kernel through Franco's, and it's loaded correctly, but I don't have usb.hid for some unknown reason. I'm not sure if I've messed up or you have, so I thought I'd ask? See below for further info.
WoodenPlankGames said:
Hey! Slight problem.
I just flashed the kernel through Franco's, and it's loaded correctly, but I don't have usb.hid for some unknown reason. I'm not sure if I've messed up or you have, so I thought I'd ask? See below for further info.
View attachment 5711105View attachment 5711107
Click to expand...
Click to collapse
try installing some older versions of nethunter.
I found a setting to enable it, but now I'm having another problem: Your kernel appears to have entirely disabled OTG Game controller support.
WoodenPlankGames said:
I found a setting to enable it, but now I'm having another problem: Your kernel appears to have entirely disabled OTG Game controller support.
Click to expand...
Click to collapse
please post the logs. i have no idea what you're talking about. was it enabled before in the stock kernel?
V3rB0se said:
please post the logs. i have no idea what you're talking about. was it enabled before in the stock kernel?
Click to expand...
Click to collapse
I don't have any logs. It's not complicated. I plugged in my razer Kishi, and it didn't work. It did on (and still does when i reflash my backup of) the stock kernel.
Edit: Interestingly, the HID feature this kernel reports (Once you enable it in the nethunter app) adding still works after reflashing stock. I was under the impression that needed a kernel patch. Odd.
WoodenPlankGames said:
I found a setting to enable it, but now I'm having another problem: Your kernel appears to have entirely disabled OTG Game controller support.
Click to expand...
Click to collapse
I'll make sure to fix this in the upcoming update. but i need logs to find the problem.
WoodenPlankGames said:
I don't have any logs. It's not complicated. I plugged in my razer Kishi, and it didn't work. It did on (and still does when i reflash my backup of) the stock kernel.
Edit: Interestingly, the HID feature this kernel reports (Once you enable it in the nethunter app) adding still works after reflashing stock. I was under the impression that needed a kernel patch. Odd.
Click to expand...
Click to collapse
everything else is working i guess?
Sup fellas, it's been almost 10 years since I've unlocked a Bootloader and now it looks like there is all this Github and Backtrack ports around... Soo can someone refresh me...
After I unlock the BootLoader can I go str8 to installing a custom Rom or do i gotta put the Bloat free + ROOTED rom on first for some reason....?
What Custom Roms are compatible with this kernel? I doubt the stock android 12 rom this probably needs will have the Radio Tower mods i need.... (what rom is good for the Radio tower exploits again? uh.. you know.. the ones that offer Data Wells .. of course for research / education / pentesting purposes only... lol Maybe that Resurrection rom i seen on here yesterday/? LOL) [i srsly dont know why i cant find it in the pixel 4a forums anymore along with pages of discontinued roms... = / hmm ]
AND if a rom requires a different kernel than this can I flash this one on there afterwards and still expect the Rom will function and i wont be bricked..?
BrawnyPaperTowelHead said:
Sup fellas, it's been almost 10 years since I've unlocked a Bootloader and now it looks like there is all this Github and Backtrack ports around... Soo can someone refresh me...
After I unlock the BootLoader can I go str8 to installing a custom Rom or do i gotta put the Bloat free + ROOTED rom on first for some reason....?
What Custom Roms are compatible with this kernel? I doubt the stock android 12 rom this probably needs will have the Radio Tower mods i need.... (what rom is good for the Radio tower exploits again? uh.. you know.. the ones that offer Data Wells .. of course for research / education / pentesting purposes only... lol Maybe that Resurrection rom i seen on here yesterday/? LOL) [i srsly dont know why i cant find it in the pixel 4a forums anymore along with pages of discontinued roms... = / hmm ]
AND if a rom requires a different kernel than this can I flash this one on there afterwards and still expect the Rom will function and i wont be bricked..?
Click to expand...
Click to collapse
i think you should ask such question here but yeah you can go straight to install custom roms after unlocking the bootloader.
V3rB0se said:
i think you should ask such question here but yeah you can go straight to install custom roms after unlocking the bootloader.
Click to expand...
Click to collapse
Thank You sir, Compliments to the CHef!
NEWEST EDIT: GOT KALI.apk running finally by pasting the provided codefix in 'Nethunter Terminal' thanstead of TERMUX!!! ! : But now I Cant get CHROOT to install whether from the server installer or Manual Patching...! appears that lots of users are having the same problem... https://www.zerodaysnoop.com/articles/install-problems-with-nethunter-lite/
EDIT AGAIN!: Found The "If Kali .apk doesnt start.. paste the following:..." section on bottom... but now I cant get that to even work... First it seems Termux needs root ... but I try sudo and Tsudo..but it only gives the same error I believe...??? see below!:
EDIT: 'BUSY BOX INSTALLER from fDroid client said busybox was actually installed now after i probably rebooted the phone... so I moved on to downloading Nethunter.. and Nethunter Terminal... tried opening nethunter app wuthout terminal installed... it gave an error.. went and installed Nethunter terminal... tried choosing KALI layout and it gace an error... then I chose Android SU Terminal mode and it works....
So I try opening Nethunter to Download the chroot and Khalifs... Nethunter keeps stalling and giving errors and wont let me find these chroots, etc....???? wtf?
---- gonna try reinstalling kali stuff in the right order (ALL OVER) in the meantime to see if these alleviates anything...
Followed instructions perfectly... thought i needed a JSON configuration file for an hour until I noticed FRANCO MANAGER had a MANUAL INSTALL option...
Made my way to the busy box install part.... now NONE (ABSOLUTELY NONE) of the BusyBox apps on F-Droid are working with my phone! below is the error i Get with the best looking app...
gonna try my luck with using termux to create the directory it says it can't install Busybox in.. and also try Play Store versions in the meantime.... -___-;
ANY IDEAS?
BrawnyPaperTowelHead said:
NEWEST EDIT: GOT KALI.apk running finally by pasting the provided codefix in 'Nethunter Terminal' thanstead of TERMUX!!! ! : But now I Cant get CHROOT to install whether from the server installer or Manual Patching...! appears that lots of users are having the same problem... https://www.zerodaysnoop.com/articles/install-problems-with-nethunter-lite/
EDIT AGAIN!: Found The "If Kali .apk doesnt start.. paste the following:..." section on bottom... but now I cant get that to even work... First it seems Termux needs root ... but I try sudo and Tsudo..but it only gives the same error I believe...??? see below!:
EDIT: 'BUSY BOX INSTALLER from fDroid client said busybox was actually installed now after i probably rebooted the phone... so I moved on to downloading Nethunter.. and Nethunter Terminal... tried opening nethunter app wuthout terminal installed... it gave an error.. went and installed Nethunter terminal... tried choosing KALI layout and it gace an error... then I chose Android SU Terminal mode and it works....
So I try opening Nethunter to Download the chroot and Khalifs... Nethunter keeps stalling and giving errors and wont let me find these chroots, etc....???? wtf?
---- gonna try reinstalling kali stuff in the right order (ALL OVER) in the meantime to see if these alleviates anything...
Followed instructions perfectly... thought i needed a JSON configuration file for an hour until I noticed FRANCO MANAGER had a MANUAL INSTALL option...
Made my way to the busy box install part.... now NONE (ABSOLUTELY NONE) of the BusyBox apps on F-Droid are working with my phone! below is the error i Get with the best looking app...
gonna try my luck with using termux to create the directory it says it can't install Busybox in.. and also try Play Store versions in the meantime.... -___-;
ANY IDEAS?
Click to expand...
Click to collapse
Do not download termux from playstore download it from fdroid. for chroot you can download it manually and use backup option in nethunter app to install the zip. and install the tsu package from root-repo.
V3rB0se said:
Do not download termux from playstore download it from fdroid. for chroot you can download it manually and use backup option in nethunter app to install the zip. and install the tsu package from root-repo.
Click to expand...
Click to collapse
Okay.. I DID manually download it and had to code a github program to download the chroot from the official repo for me without timing out and causing a hash error with my terrible Internet.... then it seeded it for a Torrent that wont fail during Download....
But the whole problem turned out to be how ANDROID 12L breaks the install with it's SCREEN TIMEOUT/Sleep mode thing... which was only warned about in some youtube video for the Pixel 4a version that i seen listed before finding this guide....
Oh well... now wondering if I need the massive 1gb chroot file on my system for kali to function properly or if i could delete it now... : /