Related
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Hello guys Im Happy To Say That Kali NetHunter (Latest Version 3.15)
Supports Oneplus Two ( any OOS 2.2.x , OOS3.1.0 , CM13 based ROM ).
So First, What is Kali Nethunter? Kali NetHunter is an Android ROM overlay that includes a robust Mobile Penetration Testing Platform. The overlay includes a custom kernel, a Kali Linux chroot, and an accompanying Android application, which allows for easier interaction with various security tools and attacks. Beyond the penetration testing tools arsenal within Kali Linux, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, Evil AP MANA attacks, and much more
Please Note That This is an Official Build, But it havent released to public yet
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Before We Proceed Here are Some Useful Information for Beginners To Start With For The Preparation Of The Oneplus 2 Device :
https://forums.oneplus.net/threads/...-custom-recovery-root-efs-backup-more.345478/
Please Replace The TWRP and SU From The Above Link With The Below Ones as They're Newly Released and Updated :
TWRP 3.0.2-2 Latest! https://dl.twrp.me/oneplus2/ ( or the Hybrid one from --> https://goo.gl/0uOlGk for advanced users )
Super-SU Latest! https://download.chainfire.eu/supersu (Not Necessary)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Prerequisites ( Assuming you followed The instructions Up )
1- TWRP Recovery
2- Kali Nethunter ( depending on your ROM )
Build for OOS 2.2.x based ROMs:
Without Chroot
Builds for OOS 3.0.2 OOS 3.1.0 based ROMs:
Without Chroot
Minimal Chroot
Full Chroot
Builds for the Official CM13 based ROMs:
Without Chroot
Minimal Chroot
Full Chroot
3- BusyBox ( downloaded later on through the playstore only for OOS2.2.x users )
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~How to Install~
- Reboot/Boot into TWRP Recovery ( Simply By Pressing the Power and The Vol. Down Buttons At the Same Time For Like 5 Seconds ) Check The Instructions Up!!.
- Goto "Install" and Select The zip file You Have Downloaded Previously And Have Copied Into Your Device's Internal Storage and Confirm The Flash.
- Reboot ( no need to wipe dalvik/cache ).
- Dont open anything! just head to the playstore and install BusyBox. install it... (Only for OOS2.2.x Users)
- Goto Nethunter App. ( Grant All Application Permissions )
- Go To The "Kali Chroot Manager" Tab. ( Grant Root Access)
- Close The App and REOPEN IT and then Reboot. THATS IT
P.S: For OOS 2.2.x , CM13 and OOS3 With no Chroot, Users are pleased to follow the previous steps and to commit the following after granting root access to the nethunter app:
- Click on "INSTALL KALI CHROOT".
- Click on "Download Latest" when Prompted and choose "FULL CHROOT" or "MINIMAL CHROOT" :fingers-crossed: ( you can use your device while its being downloaded in the background )
- When Done Just Close The App and Reboot. THATS IT
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~Advanced Users : IN-CASE YOU DONT WANT TO ALWAYS DOWNLOAD THE NEWEST BUILDS, PLEASE JUST FLASH THE LATEST KERNEL ( IF YOU WANT TO ) ONLY FROM HERE ........ our device codename is "oneplus2" ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~~NOTES & Updates~~
Update
Nethunter Does support CM13.0 But Still Cyanogenmod 13 is Not Stable And All The Builds Aren't Official Yet, So This Build Will Remain as is Without any Modifications Until a Stable Version Comes Out ( WITH NO WIFI DROPS )
ALL WORKS NOW
Please Refer To The 2nd Post if You are Having Ext. Wireless adapter issues.
Please Refer To The 3rd Post if You are Having Any Errors Regarding the Nethunter App.
Please Refer To The 4th Post if You are Having Any Sound or Audio Tuner Problems For a Permanent Fix.
Please Refer To The 5th Post if you're having other non-nethunter related issues.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Credits: The Offensive Security Team
Speacial Thanks For Binky Bear For All His Efforts And To All Other Contributing Nethunter Members
:good: Please Hit/Say Thanks & Share :good:
XDA:DevDB Information
Kali Nethunter, Kernel for the OnePlus 2
Contributors
Renjen-n00b, ChrisAr, zoroarctic, BinkyBear, jcadduono
Source Code: https://github.com/offensive-security/kali-nethunter
Kernel Special Features:
Version Information
Status: Stable
Current Stable Version: 3.15.2
Created 2016-06-12
Last Updated 2016-09-26
Reserved
for any errors please triple check the following before issuing or posting:
1- you have read the first post entirely and understood what you're doing.
2- you have downloaded the right version of nethunter for your OP2.
3- make sure you grant the nethunter app all the permissions requested.
4- make sure you dont have any KERNEL modifier app ( unless you know what you're doing ).
5- you dont have any OTHER KERNEL FLASHED.
6- you dont have Xposed installed ( unless you know what you're doing ).
7- OTG working perfectly... so check your adapter or converter... its definitely not a nethunter problem!
8- you dont UPDATE your system AT ALL ==> NO OTAs AS WELL! ( unless you're in the mood of redownloading the chroot and taking backups and bla bla bla ).
9- you have enough free storage ( some advanced users might need +20GB for example ).
10- you dont update or modify Supersu at all. ( you're free to ONLY update the app from the playstore ).
11- got ;67R/;60R/;30R errors? then for sure you havent followed all the steps up! RE-READ "HOW TO INSTALL" PART
For OOS 2.2.x users only, please make sure your busybox is installed correctly and updated from the playstore
Resolutions
for atheros chip based adapter users who are unable to get their wlan1 up or even shown in the terminal follow these instructions:
1- goto "nethunter terminal" app and tap on "Kali"
2- type "apt-get update"
3- type "apt-get install firmware-atheros"
4- check "airmon-ng" after re-plugging your adapter
-----------------------------------------------------------------------------
for realtek chip based adapter users who are unable to get their wlan1 up or even shown in the terminal follow these instructions:
1- goto "nethunter terminal" app and tap on "Kali"
2- type "apt-get update"
3- type "apt-get install firmware-realtek"
4- check "airmon-ng" after re-plugging your adapter
-----------------------------------------------------------------------------
for chips other than (realtek or atheros) users are asked to follow these instructions:
1- goto "nethunter terminal" app and tap on "Kali"
2- type "apt-get update"
3- type "apt-get install firmware-misc-nonfree"
4- check "airmon-ng" after re-plugging your adapter
Got sound issues? no problem.. head to this thread and flash the downloadable zip.
Divine Beats -----> HERE
Got any unanswered problems/issues? @krishna442 is running a very useful thread to help you!
check it out! ---> Solutions, Tips and Tricks
Renjen-n00b said:
Simple Fix I Found.. is by installing V4A apk with its drivers.. everything will work perfectly
Link: https://drive.google.com/open?id=0B253_z812EUWS3Vob3E1SXZpckE
Click to expand...
Click to collapse
Thank you so much for this. But is V4A working on OxygenOS?
krishna442 said:
Thank you so much for this. But is V4A working on OxygenOS?
Click to expand...
Click to collapse
Krishna442, yeah actually V4A is partially working on oxygen with nethunter installed .. but as I said ITS A FIX ONLY TO REVIVE AUDIO TUNER ==> to let it work again ..
Renjen-n00b said:
Krishna442, yeah actually V4A is partially working on oxygen with nethunter installed .. but as I said ITS A FIX ONLY TO REVIVE AUDIO TUNER ==> to let it work again ..
Click to expand...
Click to collapse
Tried it on CM21.1, WiFi didn't work, camera didn't open. Is it only for OxygenOS?? Of so I'll try it on OxygenOS then.
krishna442 said:
Tried it on CM21.1, WiFi didn't work, camera didn't open. Is it only for OxygenOS?? Of so I'll try it on OxygenOS then.
Click to expand...
Click to collapse
CM12.1 nethunter version doesn't support camera yet, WiFi is working normally...
anyway all my tests were under the OOS latest version.
Renjen-n00b said:
CM12.1 nethunter version doesn't support camera yet, WiFi is working normally...
anyway all my tests were under the OOS latest version.
Click to expand...
Click to collapse
Downloading OxygenOS then
Thank you so much. Will post back.
please and you're welcome
Renjen-n00b said:
Simple Fix I Found.. is by installing V4A apk with its drivers.. everything will work perfectly
Link: https://drive.google.com/open?id=0B253_z812EUWS3Vob3E1SXZpckE
Click to expand...
Click to collapse
@sewer56lol V4A working?!
Sent from my ONE A2003 using Tapatalk
Yash98 said:
@sewer56lol V4A working?!
Sent from my ONE A2003 using Tapatalk
Click to expand...
Click to collapse
U WOT M8?!? I'm curious now.
Edit: Gave me hope. No V4A is still dead.
Sent from my ONE A2003 using Tapatalk
Yash98 said:
@sewer56lol V4A working?!
Sent from my ONE A2003 using Tapatalk
Click to expand...
Click to collapse
let me get this clear.. V4A Works partially on OOS but this isn't the thing we're looking for in here.. you see after flashing nethunter, audio tuner stops functioning, thus installing V4A's drivers as super user would fix audio tuner's functionality...
Renjen-n00b said:
let me get this clear.. V4A Works partially on OOS but this isn't the thing we're looking for in here.. you see after flashing nethunter, audio tuner stops functioning, thus installing V4A's drivers as super user would fix audio tuner's functionality...
Click to expand...
Click to collapse
For me AudioTuner worked after installing nethunter already without V4A.
Sent from my ONE A2003 using Tapatalk
Renjen-n00b said:
please and you're welcome
Click to expand...
Click to collapse
Works like charm on Oxygen OS
@Renjen-n00b thank you so much for adding to OP.
I've built NetHunter3.0 for CyanogenMod 12.1 & CyanogenMod 13.0 on OnePlus2. Camera, WI-FI works! Also, don't know why phone appears fast now!
Uploading . . .
will give you links once done @Renjen-n00b please add them to OP
Kali-NetHunter3.0 for Lollipop(CyanogenMod 12.1) - https://drive.google.com/file/d/0B-OUGzSlIcM4ZVhBcHZVVklyVkU/view?usp=sharing
Kali-NetHunter3.0 for Marshmallow(CyanogenMod 13.0) - https://drive.google.com/file/d/0B-OUGzSlIcM4UzQ1Ukw3QzRLR2c/view?usp=sharing
Also to uninstall you need to re-flash CM 12.1 or CM 13.0 by wiping /system. I think /data need not be wiped. Anyway, Taking backup before installing wouldn't hurt anyone.
Using it now everything works fine... Even reflashed boeffla over it and it still works like a charm!
Sent from my ONE A2001 using Tapatalk
@deletescape well if you've flashed boeffla' kernel you won't be able to use HID attacks or ever use the USB Keyboard app --> a theory I'm not sure tho
Renjen-n00b said:
@deletescape well if you've flashed boeffla' kernel you won't be able to use HID attacks or ever use the USB Keyboard app --> a theory I'm not sure tho
Click to expand...
Click to collapse
Yeah could be had some keyboard related issues at the beginning but then it seemed to work again but will try it out later (won't do such things at my work notebook ^^)
Sent from my ONE A2001 using Tapatalk
A Project By
Code:
[FONT=Garamond][COLOR=Red][B][SIZE=4][CENTER]*** Disclaimer***[/CENTER][/SIZE][/B][/COLOR][/FONT]
[CENTER][FONT=System]The warranty of this device has ended ages ago but still, [B]please[/B] read this disclaimer.
This thing will break your device [B]HARD[/B] and possibly [B]HURT[/B] you if you don't follow instructions properly.
I [B][URL="https://en.wikipedia.org/wiki/Brick_(electronics)"][COLOR=Red]HARD BRICK[/COLOR][/URL][/B] my device 4 times before getting it right.
So please, if you follow these instructions, it [URL="https://en.wiktionary.org/wiki/should"][B]SHOULD[/B][COLOR=Gray][SIZE=1](3)[/SIZE][/COLOR][/URL] be safe for you to flash it without worries
since I have solved almost all of the problems that occur.
BUT nevertheless [B]myself, [URL="https://forum.xda-developers.com/member.php?u=6857433"]FiveO[/URL], [URL="https://www.kali.org/"]Kali Linux[/URL], [URL="https://www.offensive-security.com/"]Offensive Security[/URL], [URL="https://forum.xda-developers.com"]XDA[/URL][/B] and its staff, members and crew
and/or any of the [B]developers credited[/B] on this [B][URL="https://www.kali.org/kali-linux-nethunter/"]project[/URL][/B] will [B][COLOR=red][URL="https://dictionary.cambridge.org/dictionary/english/never"]NEVER[/URL][/COLOR][/B] be held responsible.
The tools provided in this thread are to be used in a legal context only.
Thank you.[/FONT][/CENTER]
PLEASE DO NOT QUOTE THE ENTIRE THREADIntroduction
The Kali NetHunter is an Android penetration testing platform targeted towards Nexus and OnePlus devices built on top of Kali Linux, which includes some special and unique features.
Of course, you have all the usual Kali tools in NetHunter as well as the ability to get a full VNC session from your phone to a graphical Kali chroot, however the strength of NetHunter does not end there. We've incorporated some amazing features into the NetHunter OS which are both powerful and unique. From pre-programmed HID Keyboard (Teensy) attacks, to BadUSB, Man In The Middle attacks, to one-click MANA Evil Access Point setups, access to the Offensive Security Exploit(1) Database(2)...
And yes, NetHunter natively supports wireless 802.11info frame(1) injection(2) with a variety of supported USB NICs.
Click to expand...
Click to collapse
NetHunter Editions
NetHunter can be installed on every Android device under the sun using one of the following editions:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
The following table illustrates the differences in functionality:
The NetHunter-App specific chapters are only applicable to the NetHunter & NetHunter Lite editions.
The Kernel specific chapters are only applicable to the NetHunter edition.
Click to expand...
Click to collapse
Images
NetHunter Apps
NetHunter Companion Apps
Nethunter Kex
Kex Docs
Nethunter Store
Nethunter Store F-Droid and others repo add-on
Nethunter Terminal
Click to expand...
Click to collapse
NetHunter and NetHunter Lite ROM compatibility test result on Android PIE
[ROM][9.0][BACON][OFFICIAL]Syberia Project
syberia_bacon-v2.6-20190622-1327-OFFICIAL = Pending
syberia_bacon-v2.9-20190921-0756-OFFICIAL = Pending
[ROM][9.0][OFFICIAL][bacon] LineageOS 16.0 for OnePlus One
lineage-16.0-20190620-nightly-bacon-signed = Success
lineage-16.0-20190701-nightly-bacon-signed = Success
lineage-16.0-20191130-nightly-bacon-signed = Failed
[ROM][9][Pie][Bacon][UNOFFICIAL] crDroid 5.5 (6/16/2019)
crDroidAndroid-9.0-20190616-bacon-v5.5 = Pending
[ROM][9.0.0][PIE] ViperOS 6.1 [BACON][UNOFFICIAL]
Viper-bacon-20190219-v6.1-UNOFFICIAL = Pending
[ROM][9.0.0][WEEKLIES] CarbonROM | cr-7.0 [bacon]
CARBON-CR-7.0-OPAL-RELEASE-bacon-20191120-0302 = Pending
[ROM] [OFFICIAL] [AOSP] Arrow OS [Pie] [9.0.0_r44] | Bacon [2019-07-21]
Arrow-v9.0-bacon-OFFICIAL-20190613 = Pending
Arrow-v9.0-bacon-OFFICIAL-20191016 = Pending
[ROM][9.0][OFFICIAL]Superior OS Nemesis[Bacon][16-09-2019]
SuperiorOS-Nemesis-bacon-OFFICIAL-20190630-0838 = Failed
SuperiorOS-Nemesis-bacon-OFFICIAL-20191012-0637 = Failed
Will do 2nd test for SuperiorOS
[ROM]-[bacon]-[OFFICIAL]-Havoc-OS-[9.0.0]
Havoc-OS-v2.6-20190626-bacon-Official = Success
Havoc-OS-v2.9-20190912-bacon-Official = Success
[ROM][9.0.0_r37] POSP v2.3 - bacon [OFFICIAL][WEEKLIES]
potato_bacon-9-20190719.Baked-v2.3.WEEKLY = Pending
[ROM][LineageOS][Android 9.0.0r40][OMS]TugaPower™ 19.0
TugaPowerP21_OP1 = Failed
TugaPowerP22_OP1 = Failed
TugaPowerP23_OP1 = Failed
Result on TWRP
twrp-3.3.1-0-bacon = Nethunter Flashable
TWRP 3.3.1-K1 = Nethunter Unflashable
Unofficial TWRP 3.2.1-1 by TugaPower = Nethunter Flashable(Stable)
Click to expand...
Click to collapse
SELinux Issues
SELinux will effect HID Interface functionality as well as SafetyNet, please download SELinux mod changer to solve this problem.
Click to expand...
Click to collapse
Download
NetHunter
Nethunter 2020.1 Stable
NetHunter Lite
Nethunter Lite 2020.1 Stable
Gapps
MindTheGapps
F-Droid Store
F-Droid
Click to expand...
Click to collapse
NetHunter Rootless Editions
Maximum flexibility with no commitment
Usage
Note: The command nethunter can be abbreviated to nh.
Tip: If you run kex in the background (&) without having set a password, bring it back to the foreground first when prompted to enter the password, i.e. via fg <job id> - you can later send it to the background again via Ctrl + z and bg <job id>
To use KeX, start the KeX client, enter your password and click connect
Tip: For a better viewing experience, enter a custom resolution under “Advanced Settings” in the KeX Client
Tips
Run apt update && apt full-upgrade first thing after installation. If you have plenty of storage space available you might want to run apt install kali-linux-full as well.
Firefox won’t work on unrooted devices. Just replace it with Chromium via: apt remove firefox-esr apt install chromium Next: ~ Find the “Chromium Web Browser” item in the application menu ~ right click and select “Edit Application” ~ Change the “Command” to /usr/bin/chromium --no-sandbox %U
All of the penetration testing tools should work but some might have restrictions, e.g. metasploit works but doesn’t have database support. If you discover any tools that don’t work, please post it in our forums.
Some utilities like “top” won’t run on unrooted phones.
Non-root users still have root access in the chroot. That’s a proot thing. Just be aware of that.
Galaxy phone’s may prevent non-root users from using sudo. Just use “su -c” instead.
Perform regular backups of your rootfs by stopping all nethunter sessions and typing the following in a termux session: tar -cJf kali-arm64.tar.xz kali-arm64 && mv kali-arm64.tar.xz storage/downloads That will put the backup in your Android download folder. Note: on older devices, change “arm64” to “armhf”
Please join us in our forums to exchange tips and ideas and be part of a community that strives to make NetHunter even better.
Click to expand...
Click to collapse
Instructions
NetHunter & NetHunter Lite
Skip this step if device already rooted
Preparation
Backup everything including internal storage.
Download Bacon Root Toolkit
Unlock bootloader and root(+flash custom recovery) your device.
Reboot to recovery
Flash TWRP use TugaPower
Reboot back to recovery and continue with flashing instruction
Flashing
Please make sure batteries are above 90%
Backup everything including internal storage,
Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES.
(you can proceed without wiping internal storage but it can cause unknown problem)
Reboot back to TWRP
Flash ROMs
(Please choose ROM that already tested if possible)
Flash Magisk 20.3
Flash Gapps
(Please use MindTheGappps version instead of OpenGapps since it's has BusyBox pre install that could cause problems after flashing)
Reboot System and proceed with the start-up, after start-up completed, enable developer’s mode.
Reboot back to TWRP and flash Nethunter 2020.1
Reboot back to system.
NetHunter Rootless
Android Device (Stock unmodified device, no root or custom recovery required)
Installation
Install the NetHunter-Store app from https://store.nethunter.com
From the NetHunter Store, install Termux, NetHunter-KeX client, and Hacker’s keyboard
Note: The button “install” may not change to “installed” in the store client after installation - just ignore it. Starting termux for the first time may seem stuck while displaying “installing” on some devices - just hit enter.
Open Termux and type:
Code:
[LIST=1]
[*]termux-setup-storage pkg
[*]install wget
[*]wget -O install-nethunter-termux https://offs.ec/2MceZWr
[*]chmod +x install-nethunter-termux
[*]./install-nethunter-termux
[/LIST]
Happy Hunting
Click to expand...
Click to collapse
Post Installation Setup
Open the NetHunter App and start the Kali Chroot Manager.
Install the Hacker Keyboard from the NetHunter Store using the NetHunter Store app.
Install any other apps from the NetHunter app store as required.
Configure Kali Services, such as SSH.
Set up custom commands.
Initialize the Exploit Database.
Click to expand...
Click to collapse
Frequently Asked Questions
Q - Documentation and Attack Descriptions
A- Attack descriptions as well as some documentation to get you started with the installation and setup of Kali NetHunter can be found at Nethunter Wiki
Q - Is Kali NetHunter an Android ROM?
A- Kali Linux NetHunter is not a ROM but is meant to be installed over an existing stock factory image of Android. It can also be installed over some Cyanogenmod based ROMs depending on device support. It is heavily based on using custom kernels and only supports a select number of devices. We're relying on you, the community, to port your devices for the full Kali NetHunter experience.
Q - Does NetHunter support Marshmallow, or Nexus 9 devices?
A - Yes, check our wiki for more information on supported devices and ROMs wiki
Q - What kind of attacks does NetHunter support?
A - Our wiki has a list of included attack tools wiki
Q - NetHunter is awesome! How do I install it?
A - Follow the instructions on the Installation wiki
Q - What is the best wireless card for NetHunter?
A - A list of supported devices and chipsets wiki
Click to expand...
Click to collapse
Thanks To/Credits/Source Code
Code:
[FONT="Franklin Gothic Medium"]# [URL="https://www.gsmarena.com/oneplus_one-6327.php"]OnePlusOne[/URL]
[oneplus1]
author = "[URL="https://twitter.com/_binkybear?lang=en"]binkybear[/URL] & [URL="https://twitter.com/yesimxev/with_replies"]yesimxev[/URL]" for the [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-devices/tree/master/pie/oneplus1"]zImage-dtb and Module[/URL]
version = "2.2"
devicenames = bacon A0001 one OnePlus
block = /dev/block/platform/msm_sdcc.1/by-name/boot
[URL="https://forum.xda-developers.com/member.php?u=4544860"]osm0sis [/URL]for the [URL="https://github.com/osm0sis/AnyKernel3/"]AnyKernel3 Ramdisk Mod Script [/URL]Customized for NetHunter
[URL="https://forum.xda-developers.com/member.php?u=5672995"]jcadduono [/URL]for the [URL="https://github.com/jcadduono/lazyflasher"]lazyflasher[/URL]
[URL="https://twitter.com/re4sonkernel?lang=en"]re4son [/URL]for the [URL="https://gitlab.com/kalilinux/nethunter/apps/kali-nethunter-app"]Nethunter App[/URL], [URL="https://www.kali.org/docs/nethunter/"]Documentation[/URL] and [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project/-/tree/master/nethunter-rootless"]NetHunter Rootless[/URL]
[URL="https://www.kali.org/"]Kali Linux[/URL] for the [URL="https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project"]Nethunter Project[/URL]
[URL="https://lineageos.org/"]LineageOS[/URL] for the [URL="https://github.com/LineageOS/android_kernel_oppo_msm8974"]Kernel Source Code[/URL]
[URL="https://forum.xda-developers.com/member.php?u=4841620"]Timmmmaaahh[/URL] for Proofreading[/FONT]
Hello XDA Members,
This is Official Nethunter 2019.4 Originally for OnePlus One Android Marshmallow that i port with Android PIE Boot-Patcher.
It's a stable build if you flash with a suitable ROM, so please check the Test Results before flashing,
The ROM compatibility test is still ongoing, and i will update it regularly.
Nethunter 2019 has some issue with Older Devices on latest ROM build, For example on Lineage 16, Nethunter will not work after July build, it will cause boot loop or error on Lineage newer build,
but this problem is not the same with all ROM,
example Havoc-OS work with Nethunter 2019 without any issues, even with September build.
I still finding a way to fix this issues, and i intend to solve this before i release Nethunter 2020.1 next year.
That all update i have for now.
Thank You for participating, have a great day.
Sent from my OnePlus One using XDA Labs
Heck yeah, nice to see seething like this finally ported to pie
Glad to see you finally releasing! Looking forward to testing it on my sweet old Bacon (when I ever find some time, lol)!
wow really nice, any idea why Kex only show blue screen with pointer? now menu or something else? sorry its been a year since lastime im try kali net hunter/
ender1324 said:
Heck yeah, nice to see seething like this finally ported to pie
Click to expand...
Click to collapse
Thanks, I'm happy to see you like it.
Timmmmaaahh said:
Glad to see you finally releasing! Looking forward to testing it on my sweet old Bacon (when I ever find some time, lol)!
Click to expand...
Click to collapse
Thank you Timmy and thanks for all the help too, hope you do find some time to try it:good:.
xsetiadi said:
wow really nice, any idea why Kex only show blue screen with pointer? now menu or something else? sorry its been a year since lastime im try kali net hunter/
Click to expand...
Click to collapse
If this what you meant(refer attachment) then it's the new Kali Desktop Xfce user interface.
Not like that. There's no start menu. Only blank screen with pointer like this
Installation tips.
Hello FairuzOnn and thank you very much for your hard work, it is appreciated.
I like the way your post is written, it's easy to read.
I am preparing my OPO for Nethunter install over a new ROM (lineage-16.0-20190701-nightly-bacon-signed) and I have a question for you. You mentionned at point #2:
"Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES".
That means there will nothing left on the OPO except TWRP. So my understanding is that I should use adb sideload to install the ROM.ZIP from my computer. If not, can you tell me more about this?
Normally, I download the ROM to my OPO and then flash it with TWRP but I think it's better to "clean" the phone and start fresh.
Can you run EDXposed and Multirom? If not, I'll backup after the ROM/Nethunter install before I install those.
Again, thank you very much.
xsetiadi said:
Not like that. There's no start menu. Only blank screen with pointer like this
Click to expand...
Click to collapse
Hi xsetiadi sorry for the very late reply.
Try update chroot
on nethunter terminal
Code:
apt-get update
apt-get dist-upgrade
That should solve the problem.
2643625 said:
Hello FairuzOnn and thank you very much for your hard work, it is appreciated.
I like the way your post is written, it's easy to read.
I am preparing my OPO for Nethunter install over a new ROM (lineage-16.0-20190701-nightly-bacon-signed) and I have a question for you. You mentionned at point #2:
"Erase everything, Advance Wipe tick on cache, dalvik, system, data and internal storage, after that Format Data type YES".
That means there will nothing left on the OPO except TWRP. So my understanding is that I should use adb sideload to install the ROM.ZIP from my computer. If not, can you tell me more about this?
Normally, I download the ROM to my OPO and then flash it with TWRP but I think it's better to "clean" the phone and start fresh.
Can you run EDXposed and Multirom? If not, I'll backup after the ROM/Nethunter install before I install those.
Again, thank you very much.
Click to expand...
Click to collapse
Hello
Thank you for the compliment
You can use adb sideload or adb push, but the best way to flash ROM is by using USB Pendrive or USB OTG.
By the way I recommend using Havoc ROM, it's currently the most stable for nethunter.
You can use EDXposed but it will break safety net,
As for Multirom, I'm still working on it, the current build i made for android pie has lot of issues and can cause hard brick.
I will update you if Multirom android pie build stable to use.
This looks so impressive. Wish I were smart enough to find use for it lol
Hi! How to fix? I'm using I am using TWRP from the developer Kutep0v. (TWRP 3.2.1-K2).
thoiloidainhan said:
This looks so impressive. Wish I were smart enough to find use for it lol
Click to expand...
Click to collapse
Hi thoiloidainhan,
You can visit offensive security to learn about ethical hacking, please try it if you got the time.
Бахрам Байрамза said:
Hi! How to fix? I'm using I am using TWRP from the developer Kutep0v. (TWRP 3.2.1-K2).
Click to expand...
Click to collapse
Hello Бахрам Байрамза,
You can solve this problem, by using stock TWRP or Unofficial TWRP 3.2.1-1 by TugaPower.
For some reason all KutepOv TWRP not compatible to flash NetHunter.
HAPPY HUNTING
FairuzOnn said:
Hi thoiloidainhan,
You can visit offensive security to learn about ethical hacking, please try it if you got the time.
Hello Бахрам Байрамза,
You can solve this problem, by using stock TWRP or Unofficial TWRP 3.2.1-1 by TugaPower.
For some reason all KutepOv TWRP not compatible to flash NetHunter.
HAPPY HUNTING
Click to expand...
Click to collapse
Thanks!
Бахрам Байрамза said:
Thanks!
Click to expand...
Click to collapse
Your Welcome:good:
Hi there, thanks for all your hard work. I'm about to install but which base rom would you recommend as some time has passed.
amd-dude said:
Hi there, thanks for all your hard work. I'm about to install but which base rom would you recommend as some time has passed.
Click to expand...
Click to collapse
Hi sorry for the late reply,
Right now I recommend HACOV ROM,
anyway I currently compile new update, version 2020.1,
I'm planing to finish it and upload it the latest by tomorrow,
batter wait for this update.
FairuzOnn said:
Hi sorry for the late reply,
Right now I recommend HACOV ROM,
anyway I currently compile new update, version 2020.1,
I'm planing to finish it and upload it the latest by tomorrow,
batter wait for this update.
Click to expand...
Click to collapse
Will do, I'll download all the other files in the meantime.
FairuzOnn, wondering if you completed the new version yet?
nickkilla said:
FairuzOnn, wondering if you completed the new version yet?
Click to expand...
Click to collapse
Hi sorry for the late reply, i Have finish most of it, got some problem with NetHunter App I'm working on it, I'm really sorry for the delay. I'm at Gaylord California right now, i have to attend a conference here, i think i will post the new update in 2 or 3 days time.
Sent from my OnePlus One using XDA Labs
FairuzOnn said:
Hi sorry for the late reply, i Have finish most of it, got some problem with NetHunter App I'm working on it, I'm really sorry for the delay. I'm at Gaylord California right now, i have to attend a conference here, i think i will post the new update in 2 or 3 days time.
Sent from my OnePlus One using XDA Labs
Click to expand...
Click to collapse
No worries. Thanks for the update.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I present to you: Kali NetHunter for the OnePlus One LineageOS 17.1 Q
This is the latest (experimental) version for the OnePlus One.
Kali NetHunter is an Android ROM overlay that turns an ordinary phone into the ultimate Mobile Penetration Testing Platform.
The overlay includes a custom kernel, a Kali Linux chroot, an accompanying Android application, which allows for easier interaction with various security tools and attacks, as well as a client to the Kali NetHunter App Store.
Beyond the penetration testing tools arsenal within Kali Linux and the Kali NetHunter App Store, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, Evil AP MANA attacks, and much more. For more information about the moving parts that make up NetHunter, check out our NetHunter Components page.
NetHunter is an open-source project developed by Offensive Security and the community.
~ Prerequisites ~
- Lineage 17.1 - https://download.lineageos.org/bacon
- Gapps if needed - https://opengapps.org
- TWRP - https://twrp.me/oneplus/oneplusone.html
- Magisk – https://forum.xda-developers.com/apps/magisk
~~ Downloads ~~
- NetHunter: https://www.androidfilehost.com/?fid=17248734326145736621
~~ How to Install ~~
Assuming you have unlocked bootloader
- Flash TWRP
- Copy Lineage, Magisk and NetHunter image to USB drive
- Boot into TWRP, insert USB drive.
- Flash Lineage, and Gapps if needed, reboot and do initial setup
- Reboot into TWRP
- Some old devices with new ROMs doesn't have a TWRP with system_root prop set, therefore do
Code:
adb shell setprop ro.build.system_root_image true
- Flash Magisk, NetHunter
- Reboot
- Run NetHunter app
- Reboot
~~~ Notes & Updates ~~~
- wlan1 unplug reboot is solved
- Y-cable is still supported, just need to have it as a Custom Command or in a script (AndroidSU)
Code:
bootkali ycable start
To stop:
Code:
bootkali ycable stop
- Bluetooth Arsenal is supported, but you need to downgrade Bluez to 4.101 by compiling it in Kali chroot and installing "on top of" current Bluez so the bluetooth service will be able to run
- Mana is being replaced, for the time being you can downgrade iptables with the following :
Code:
wget http://old.kali.org/kali/pool/main/i/iptables/iptables_1.6.2-1.1_armhf.deb
wget http://old.kali.org/kali/pool/main/i/iptables/libip4tc0_1.6.2-1.1_armhf.deb
wget http://old.kali.org/kali/pool/main/i/iptables/libip6tc0_1.6.2-1.1_armhf.deb
wget http://old.kali.org/kali/pool/main/i/iptables/libiptc0_1.6.2-1.1_armhf.deb
wget http://old.kali.org/kali/pool/main/i/iptables/libxtables12_1.6.2-1.1_armhf.deb
dpkg -i *.deb
apt-mark hold iptables
apt-mark hold libip4tc0
apt-mark hold libip6tc0
apt-mark hold libiptc0
apt-mark hold libxtables12
- To downgrade to bluez-4.101:
Code:
apt-get update && apt-get install libdbus-1-dev libglib2.0-dev
apt-mark hold bluez
wget http://www.kernel.org/pub/linux/bluetooth/bluez-4.101.tar.gz
tar xvf bluez-4.101.tar.gz && cd bluez-4.101
./configure --prefix=/usr --mandir=/usr/share/man --sysconfdir=/etc --localstatedir=/var --libexecdir=/lib --build=arm
make && make install
Please not that BLE is not supported in bluez-4.x. If you prefer to use that, keep bluez-5.x
Credits: The Offensive Security Team and the NetHunter community
Android Version: 10.0
XDA: DevDB Information
Kali Nethunter, Kernel & ROM for the OnePlus One
Contributors
@yesimxev
Source Code: https://gitlab.com/kalilinux/nethunter/
Kernel Source: https://github.com/yesimxev/android_kernel_oppo_msm8974
Follow me on Twitter!
Well done! I'm personally not interested in NetHunter but it's nice to see some development still happening for our good old Oneplus One
Thank you very much for keeping up with new Releases for our beloved OPO...
I wiped up my OPO completely and started from scratch...
But after sticking to your tutorial and setting up chroot I get the following:
Code:
[-] sdcard /lib/modules/3.4.113-yesimxev-g4885cdc67a2 doesn't exist or isn't mounted. .
Is this related to the new kernel?
JERKBALL said:
Thank you very much for keeping up with new Releases for our beloved OPO...
I wiped up my OPO completely and started from scratch...
But after sticking to your tutorial and setting up chroot I get the following:
Code:
[-] sdcard /lib/modules/3.4.113-yesimxev-g4885cdc67a2 doesn't exist or isn't mounted. .
Is this related to the new kernel?
Click to expand...
Click to collapse
Thanks for mentioning, the modules dir wasn't in the correct place in the zip. It will be fine in the next release. I'll update the links once they are released.
For now, update to the latest app and you can ignore that message, it will remain as a warning only.
Didn't work for me at all. Back to LOS 16.0.
Ween Dwijler said:
Didn't work for me at all. Back to LOS 16.0.
Click to expand...
Click to collapse
Have you updated the NH ap from the store? I'll build a kernel flasher so you have it before release
yesimxev said:
Have you updated the NH ap from the store? I'll build a kernel flasher so you have it before release
Click to expand...
Click to collapse
Hmmm...... I just spent about a full week to get Nethunter functional on an Oneplus One. It was a very revealing journey, lots of flashing, bricking, flashing, upgrading, downgrading,I've learned a lot.
Tried CM and LOS 16 and 17 with NH for Marshmallow and for Pie. Used the ones from Kali's download site and the ones you linked above. Followed all instructions to the letter and comma, and all variations on it that I could imagine.
The end result is always the samel No bluetooth, no usb.
And since the whole idea is to have a compact mobile to do pentesting on wireless setups and devices in the field, for which we need usb and bluetooth, it seems to be pretty useless. It really puzzles me why the Oneplus One is the preferred device, other than it is a nice Mr. Robot gadget to show of in the bar?
However, I truly want to be proven wrong in my conclusion and work with you to get this sorted out. If you like. I get the idea there are many with similar problems that never got solved and they might have given up and moved on to another device. But I am not afraid of a good challenge, so....... lets do it.
This is what I have:
Oneplus One 16GB
Alfa AWUS036ACH with Realtek rtl8812au chip (have the latest drivers)
Can we make it really work?
(mind you, pentesters at $ 200K a year are probably not willing to spent so much time on getting a tool to work. I'm just a student in pentesting and still learning, so economics are not that much of an issue, yet).
I realise this is all free, open source software. But that doesn't mean it shouldn't be working perfect after proper installing everything.
I hope I can help to make it better.
I have a OPO with the above install but an updated kernel which not released yet. But I'll provide you tonigh for testing. Although the above should be fully functional other than the modules dir (which is ignored by the latest NH app).
I'm happy to help you as I know how frustrating is to get used to this kind of version vs device specific fight
Just to confirm:
No usb or bluetooth? usb hid? Or wlan1? What's your busybox version? Internal or external bluetooth?
JERKBALL said:
Thank you very much for keeping up with new Releases for our beloved OPO...
I wiped up my OPO completely and started from scratch...
But after sticking to your tutorial and setting up chroot I get the following:
Code:
[-] sdcard /lib/modules/3.4.113-yesimxev-g4885cdc67a2 doesn't exist or isn't mounted. .
Is this related to the new kernel?
Click to expand...
Click to collapse
I got that, too. But did the whole thing again and than it was gone.
I noticed that a good way to make sure all reinstalling happens in a "clean" way is to follow this method of working:
1.
TWRP recovery - Wipe all, except USB-OTG. ---> Reboot.
2.
Repeat that 1 more time!!! (counting for residual voltage, causing bits to be persistent in memory, contaminating new install)
3.
Flash LOS 16 or 17 with TWRP from attached USB stick. (If data doesn't show up on USB-OTG, touch it for 5 seconds, release, phone vibrates and the data will be visible. If that doesn't work, unplug the OTG cable, wait 5 seconds and replug it. Repeat previous touch, vibrate etc. If that doesn't work, unplug USB, 5 seconds wait, replug, go to mount and try to mount USB-OTG, return to Install, select Storage and repeat the first step of this no.3 part)
4.
After flash is complete, reboot, setup CM or LOS, activate Developers options by tapping 7x on Build number (you can find that under Settings/about phone). One step back, under settings you find Developer options. Go in there, check Advanced reboot, uncheck Update Cyanogen recovery, check Android debugging. Press right power button shortly, Power options pops up. Choose Reboot, next screen pops up, choose Recovery, confirm with tapping ok.
5.
Back in TWRP, unplug the USB, wait 5 seconds and replug the USB in. Follow the steps I described in 3. to get the data visible. Choose to install Magisk or SuperSU (whatever you like and have). Let it run, when finished reboot again. After reboot is completed, reboot again from LOS to make sure Magisk or SuperSU are completely installed and ready.
6.
Reboot into TWRP Recovery again, do the USB mount trick thing, choose the right version NH zip (you might have, like me, different versions on it) and install NH. When finished, reboot.
7.
Pay attention here!
Back in LOS, check that Magisk or SuperSU are properly installed and working.
Start NH Terminal, popup asks for Superuser rights. You have 10 seconds to grant them! Do it! Follow the further screen instructions, allow for all.
Next, start up NH itself, 10 seconds only for granting SU right!!! Allow all. After this, reboot system.
8.
Start NH terminal, command sudo apt update && sudo apt full-upgrade. Follow the instructions. During that, you get a white window asking for yes or no. Chose Yes and confirm with enter. Another one like that will pop up again a little later, choose the second line (keep present config etc.) and confim with yes and enter.
Let the process run its course. When finished, reboot system again.
9.
Start up NH (if it is not already started), go to Kali Chroot Manager and start it. All should be green now and ready to go.
Happy Hunting!
yesimxev said:
I have a OPO with the above install but an updated kernel which not released yet. But I'll provide you tonigh for testing. Although the above should be fully functional other than the modules dir (which is ignored by the latest NH app).
I'm happy to help you as I know how frustrating is to get used to this kind of version vs device specific fight
Just to confirm:
No usb or bluetooth? usb hid? Or wlan1? What's your busybox version? Internal or external bluetooth?
Click to expand...
Click to collapse
After trying to install above twice, with red warning in TWRP that something failed to mount, I abandoned it and switched back to CM and the Marshmallow NH. But that doesn't work either.
At least I got to see lsusb in LOS 16 with NH and your kernel update ten. Before I updated your kernel, lsusb didn't show anything in LOS 16 NH.
Here goes:
Installed 2020.4 Pie. No lsusb readout, no bluetooth.
Next:
TWRP installed your ...ten.zip, rebooted and after 2 attempts (unplug and plug in again) lsusb in NH terminal registered the OTG as hub, on 001.002 was my USB stick. Unplugged the stick, plugged in the AWUS036ACH, and 001.002 became 0bda Realtek 802.11.
Checked in terminal of Android, got the same reading.
So Android sees it on the USB, NH sees it too. However, no wlan1 shows up when I do iwconfig, ifconfig or run airmon-ng.
Are the Realtek rtl8812au drivers already patched into the kernel? (Do I say that right?).
If yes, what prevents NH from getting wlan1?
The wifi adapter is not powered (I thought it could get power from the OPO?). Has that anything to do with it?
Bluetooth is the internal one from OPO. Busybox was installed with the NH version. I'm now back at CM 13 again, so I donno which version in the LOS install I had. I will go back to the machines and get the LOS 16 installed.
Or do you prefer LOS 17?
yesimxev said:
I have a OPO with the above install but an updated kernel which not released yet. But I'll provide you tonigh for testing. Although the above should be fully functional other than the modules dir (which is ignored by the latest NH app).
I'm happy to help you as I know how frustrating is to get used to this kind of version vs device specific fight
Just to confirm:
No usb or bluetooth? usb hid? Or wlan1? What's your busybox version? Internal or external bluetooth?
Click to expand...
Click to collapse
Ok, I am ready to go.
- Wiped the OPO completely
- Flashed and installed lineage-17.1-20210128-nightly-bacon-signed.zip
- Did the setup, developers options etc.
- flashed and checked proper install of Magisk
Next step?
NB. I have 2 hours more today. After that it is bedtime for me. We probably have a time difference. For me it will be 3AM in 2 hours.
yesimxev said:
I have a OPO with the above install but an updated kernel which not released yet. But I'll provide you tonigh for testing. Although the above should be fully functional other than the modules dir (which is ignored by the latest NH app).
I'm happy to help you as I know how frustrating is to get used to this kind of version vs device specific fight
Just to confirm:
No usb or bluetooth? usb hid? Or wlan1? What's your busybox version? Internal or external bluetooth?
Click to expand...
Click to collapse
Ok, I thought to go on with installing the NH fs from your link. Got the same error:1 again. Error installing zip file 'usb_otg/nethunter-2020.4-generic-armhf-kalifs-full.zip'.
Get the same message for the other one.
Ween Dwijler said:
Ok, I thought to go on with installing the NH fs from your link. Got the same error:1 again. Error installing zip file 'usb_otg/nethunter-2020.4-generic-armhf-kalifs-full.zip'.
Get the same message for the other one.
Click to expand...
Click to collapse
Seems like you haven't done the
Code:
adb shell setprop ro.build.system_root_image true
Haven't you flashed the zips from here yet? What did you use? This version is not released yet anywhere, it's here for testing.
yesimxev said:
Seems like you haven't done the
Code:
adb shell setprop ro.build.system_root_image true
Haven't you flashed the zips from here yet? What did you use? This version is not released yet anywhere, it's here for testing.
Click to expand...
Click to collapse
I used the zips you provided in the links above. But, indeed, I didn't do the setprop. Busy getting it back up again....hahaha. Next install will be after the setprop command. Try to do it now. Stay tuned.
A 5 years old phone is NOT going to beat a 60 year old man.
Ween Dwijler said:
After trying to install above twice, with red warning in TWRP that something failed to mount, I abandoned it and switched back to CM and the Marshmallow NH. But that doesn't work either.
At least I got to see lsusb in LOS 16 with NH and your kernel update ten. Before I updated your kernel, lsusb didn't show anything in LOS 16 NH.
Here goes:
Installed 2020.4 Pie. No lsusb readout, no bluetooth.
Next:
TWRP installed your ...ten.zip, rebooted and after 2 attempts (unplug and plug in again) lsusb in NH terminal registered the OTG as hub, on 001.002 was my USB stick. Unplugged the stick, plugged in the AWUS036ACH, and 001.002 became 0bda Realtek 802.11.
Checked in terminal of Android, got the same reading.
So Android sees it on the USB, NH sees it too. However, no wlan1 shows up when I do iwconfig, ifconfig or run airmon-ng.
Are the Realtek rtl8812au drivers already patched into the kernel? (Do I say that right?).
If yes, what prevents NH from getting wlan1?
The wifi adapter is not powered (I thought it could get power from the OPO?). Has that anything to do with it?
Bluetooth is the internal one from OPO. Busybox was installed with the NH version. I'm now back at CM 13 again, so I donno which version in the LOS install I had. I will go back to the machines and get the LOS 16 installed.
Or do you prefer LOS 17?
Click to expand...
Click to collapse
8812au is not supported on this device.
Btw are you trying both pie and ten zips on lineage-17.1 rom?
Ween Dwijler said:
A 5 years old phone is NOT going to beat a 60 year old man.
Click to expand...
Click to collapse
Keep it up! Flash this kernel https://www.androidfilehost.com/?fid=17248734326145730243
Ok, used setprop ro.build.system_root_image true, got message "failed to map file and error installing.
This is a new one for me!!
I think TWRP is somehow damaged. Will brick it now and do a full setup again, starting with Color. Tomorrow more about this saga.
Ween Dwijler said:
Ok, used setprop ro.build.system_root_image true, got message "failed to map file and error installing.
This is a new one for me!!
I think TWRP is somehow damaged. Will brick it now and do a full setup again, starting with Color. Tomorrow more about this saga.
Click to expand...
Click to collapse
I went back to TWRP 3.4 but 3.5 also flashed everything. The zip might got corrupted? Installs for me fine. I'll make the revert to bluez-4.101 because bluez 5.x is not working on this device
yesimxev said:
I went back to TWRP 3.4 but 3.5 also flashed everything. The zip might got corrupted? Installs for me fine. I'll make the revert to bluez-4.101 because bluez 5.x is not working on this device
Click to expand...
Click to collapse
I used both TWRP 3.4 and 3.5, same result. Sideload didn't work either. Managed to get Magisk flashed. That first had the same error as the rest. Last it went well. So, I thought, lets go for NH too. Nope. Error again.
Tomorrow I will download everything fresh again from the web, and see if it works. Maybe the USB stick got corrupted somehow? Got another one to try.
Which chipset is supported on the OPO, if not 8812au?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I present to you: Kali NetHunter for the TicWatch Pro 3 WearOS
Kali NetHunter is an Android ROM overlay that turns an ordinary phone into the ultimate Mobile Penetration Testing Platform. Now it's available for your smartwatch with some limitations.
The overlay includes a custom kernel, a Kali Linux chroot, an accompanying Android application, which allows for easier interaction with various security tools and attacks.
Beyond the penetration testing tools arsenal within Kali Linux, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, WPS attacks, and much more. For more information about the moving parts that make up NetHunter, check out our NetHunter Components page.
NetHunter is an open-source project developed by Offensive Security and the community.
All variants are supported (TicWatch Pro 3 GPS/LTE/Ultra GPS/Ultra LTE) with a generic installer as of now. This means there's no custom kernel yet, however all the features work from the TicWatch Pro, except BadUSB.
## 1. Unlock the bootloader
- Connect your watch to your PC with a DIY USB cable or a 3D printed data dock, and fire up a terminal.
- If you have set up your watch on the phone you can access settings, otherwise hold both buttons for a few seconds on the welcome screen.
- Enable developer settings by going to System -> About -> tap Build number 10 times
- Enable ADB, re-plug USB and accept debug from PC
- Reboot into bootloader with `adb reboot bootloader` from the terminal
- Unlock bootloader with `fastboot oem unlock`
## 2. Flash TWRP, WearOS image, Magisk, dm-verity disabler
Please note Magisk 24.3 is recommended.
- Again enable ADB, and reboot to bootloader with `adb reboot bootloader`
- Disable vbmeta verification: `fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img`
- Flash recovery `fastboot flash recovery recovery.img`
- Boot into recovery by selecting it with the side buttons (switch with bottom one, select with upper button)
- Select Wipe -> Advanced Wipe -> select Format Data
- Reboot to recovery
- Select "Install -> ADB Sideload"
- Flash OneOS with `adb sideload`
- Flash Ultra addon with `adb sideload` only if you have an Ultra watch
- Flash Mobvoi Apps with `adb sideload`
- Make a copy of your Magisk apk file to Magisk-v24.3.zip
- Flash Magisk with `adb sideload`
- Flash Disabler with `adb push Disable_Dm-Verity_ForceEncrypt_11.02.2020.zip /sdcard/` and Install via TWRP
- Reboot & do initial setup (pair with your phone through WearOS app)
## 3. Finalise Magisk app to finish the rooting process
- Finalise Magisk installation with app `adb install Magisk-v24.3.apk`
- Launch Magisk Manager
- You might want to disable auto-update, set grant access in auto response, and disable toast notifications for easier navigation in the future
## 4. Install NetHunter
- Reboot to recovery
- Select Install -> ADB Sideload
- Flash NetHunter image with `adb sideload`
- Reboot
- Start NetHunter app & chroot
- Reboot
## 5. Set NetHunter watch face
- Install Facer onto your phone and watch from Play Store
- Search for NetHunter
- Select & Sync
### Enjoy Kali NetHunter on the TicWatch Pro 3
## Downloads
- Magisk
- TWRP images
- OneOS ROM, Mobvoi apps, Ultra addon
- vbmeta image
- dm-verity and forceencrypt disabler
- NetHunter zip
## Additional recommended apps
- TotalCommander: useful for selecting eg. a Ducky script, use "adb install" method
Download link: https://www.totalcommander.ch/android/tcandroid323-armeabi.apk
## Supported features
- Kali services
- Custom Commands
- MAC Changer
- HID Attacks
- DuckHunter
- Nmap Scan
- WPS Attacks
## Upcoming features (not guaranteed)
- Nexmon, as the chipset is supported, needs some time
- Bluetooth Arsenal (internal bluetooth via blueblinder, as carwhisperer fails to r/w when SCO channel is connected)
- Router Keygen (to be optimised)
- Hijacker (if nexmon succeeds)
- Mifare Classic Tool (need to build OS with android.hardware.nfc enabled)
## Hardware limitations
- Power resource is not enough for any external adapters, although this kernel might support Y cable in the future!
WearOS version:
XDA: DevDB Information
Kali Nethunter, Kernel & ROM for the TicWatch Pro 3
Contributors
@yesimxev
Source Code: https://gitlab.com/kalilinux/nethunter/
Reserved
Thank you so much for this
Is it working on twp3ultra?
And which stockrom img incase anything went wrong.
Thank you in advance
nelikp said:
Thank you so much for this
Is it working on twp3ultra?
And which stockrom img incase anything went wrong.
Thank you in advance
Click to expand...
Click to collapse
Yes it is, use rover for Ultra LTE and rubyfish for Ultra GPS. Link for stock ROMs is above in the OneOS dowbload page, scroll down for stock
yesimxev said:
Yes it is, use rover for Ultra LTE and rubyfish for Ultra GPS. Link for stock ROMs is above in the OneOS dowbload page, scroll down for stock
Click to expand...
Click to collapse
Thank you so much
Waiting my cable from alixpress
May i have the oneos download page sir
nelikp said:
Thank you so much
Waiting my cable from alixpress
May i have the oneos download page sir
Click to expand...
Click to collapse
Everything is there. Just scroll
Achi Shukuteki said:
Everything is there. Just scroll
Click to expand...
Click to collapse
Thanks sir
I found it
Here
Download •OneOS Wear•
wear.revtechs.me
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
kerode said:
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
Click to expand...
Click to collapse
I think the general forum would be more appropriate for that question. I was interested in the same thing, though.
kerode said:
any chance we’ll see a more vanilla rom for those of us that aren’t interested in network penetration etc, would be awesome to see a rom that could re-enable the compass in the ticwatch pro 3 ultra for example
Click to expand...
Click to collapse
Well that goes onto my list next to the enable android.hardware.nfc + android.hardware.sensor.compass in the ROM for building OneOS if it's not disabled in kernel
Edited:
My bad, kali chroot needs to be run first. Succes now
Just flashed nethunter to my twp3 but when i start nethunter app somehow there was a pop up saying "chroot is not yet installed".
Should i sideload nethunter zip again?
Can i flash zip file via twrp after push the file to the watch?.
Thanks
enter2explore said:
Edited:
My bad, kali chroot needs to be run first. Succes now
Just flashed nethunter to my twp3 but when i start nethunter app somehow there was a pop up saying "chroot is not yet installed".
Should i sideload nethunter zip again?
Can i flash zip file via twrp after push the file to the watch?.
Thanks
Click to expand...
Click to collapse
If all the steps were followed correctly, then show me /tmp/recovery.log after flashing again. Use pastebin please
yesimxev said:
If all the steps were followed correctly, then show me /tmp/recovery.log after flashing again. Use pastebin please
Click to expand...
Click to collapse
Hi @yesimxev
Already solved, it just the matter i forgot to start chroot. Work normally now.
Thanks
yesimxev said:
Well that goes onto my list next to the enable android.hardware.nfc + android.hardware.sensor.compass in the ROM for building OneOS if it's not disabled in kernel
Click to expand...
Click to collapse
awesome mate, looking forward to it!!
managed to install and chroot
but how to wps attack?
any guide would appreciate
TIA
Im stuck when running command fastboot oem unlock all I get it waiting for any device and thats it.
nemzzy668 said:
Im stuck when running command fastboot oem unlock all I get it waiting for any device and thats it.
Click to expand...
Click to collapse
Check the connection.
Achi Shukuteki said:
Check the connection.
Click to expand...
Click to collapse
Connewction is fine, ADB works, windows then also detects it when it reboots. Just fastboot that sticks. Using Windows 11
nemzzy668 said:
Connewction is fine, ADB works, windows then also detects it when it reboots. Just fastboot that sticks. Using Windows 11
Click to expand...
Click to collapse
Oh hmmm. Im on Win10. I'll leave it to the forum with that one. Unless you want to use a live Linux distro, grab the tools, you already have the files, and try that way.
Run fastboot devices first after reboot to bootloader..make sure ur watch detected.
Otherwise check ur driver
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
With Great power comes great responsibility.
Disclaimer::
Please use this Kernel in accordance with local law and with the privacy of yourself and others in mind. Not responsible for any charges you might accrue, bail money or fines if you choose to use it for unlawful reasons
Warning your warranty is now void. Do this at your own risk. The mad clown is in no way responsible for the chaos, worldwide disease, nuclear destruction, laughing fish, costumed caped crusaders or damage caused to your device by performing the steps involved.
The mad tech clown is back with another Kernel for all of the Kali-linux-nethunter users wanting the portability of kali-nethunter for their Pixel 6 and 6Pro devices codenamed Oriole and Raven .
I now bring you the
Mad-Kali-Maxhunter kernel for raviole
Some of the features include:
-power efficient workqueues
-fsync switch
-boeffla wake lock blocker
-force usb fastcharge
-mm: oom_kill: Reduce some verbose logging
-cpufreq: add cleanslate battery optimizer feature
-/dev/tmp and /dev/tmp/ mount
-full bluetooth support
-Wifi injection
-dvb / sdr support
Plus:
-Everything neeeded to use kali properly on your device plus some systemd stuff
-dns resolver support
-full usb/otg support
See source commits for more
This is not a super fancy pot luck kernel with every allowable feature. This is tuned out quite effeciently and ive found that adding certain features or too many causes heat to rise and we all know thats not good with this device.
Source
GitHub - Biohazardousrom/android_kernel_google_raviole
Contribute to Biohazardousrom/android_kernel_google_raviole development by creating an account on GitHub.
github.com
Download
16.68 GB folder on MEGA
74 files and 20 subfolders
mega.nz
How to Flash:
pre-requisites:
Franco Kernel Manager & root
Download zip to the internal storage of your device.
Open FKM and tap 3 line menu and choose flasher.
Choose manual flash and navigate to the zip file, select it and choose reboot after flash.
Enjoy
For more support
gs101 and gs201 development/support
Pixel 6/pro & 7/pro discussion group for general support and development
t.me
Thanks to
acuicultor
freak07
tbalden
arter97
andip71
for all your development
reserved
Some notes to help you get the Kali-nethunter system set up on your device.
1. Please install the Kali-nethunter magisk modules. These will have the firmwares needed to use the various USB dongles for wifi/bluetooth.
2. Visit this site to download and install the Kali-nethunter store https://store.nethunter.com/en/
3. After installing the store app let it update and then install these 3 apps
-Kali-nethunter installer updater and interface (aka kali-nethunter gui)
-Kali-nethunter terminal
-Kali-nethunter bvnc and kex manager
once installed open the kali gui app and ok any permissions it asks for. it will then force close.
Note:: Since android 12 the gui quit asking for several permissions needed for running scripts in the terminal so you will need to download the attached file kadb.sh to your pc then connect your device to the pc and open a command prompt and run
./kadb.sh
this will grant the missing permissions and allow the gui to open again without it force closing. script was written for linuxed based pc's. if you use windows just open it up and copy and paste the comnands one by one.
or if you have another rooted device you can connect the two via otg and run from the extra rooted device
4. open the gui app once more and navigate to install and start chroot. if you have your own just add the location to the given box when you choose install. for everyone else let the app download it and install from the Kali repository.
Note:: this will take some time please do not exit the app while in the process of downloading or installing
5. to make it easier to enter the kali nethunter terminal app create a custom comnand in the gui. it can be anuthing ls, apt-get update just what ever. then save it to kali and use it when ever you want to use the terminal
Note:: If you want to use the Kex manager/vnc you will need the root password to run programs as root. That password is toor.
Also you can activate wlan0 and wlan1 without a usb dongle. But for some reason it wont allow use of bluetooth without a dongle. i never could find a rhyme or reason for this but i have found when using bluetooth on my pc that kali would not use the built in bluetooth either and i would have to use a dongle. this is probably by design for stealth reasons but dont quote me.
I have found dual wifi and bluetooth adapters in the past and they work simultaneously
This is great! Will it be possible for you to share the kernel build instructions here? I cloned you repo into private/gs-google and ran BUILD_KERNEL=1 ./build_slider.sh -j$(nproc) after that. I do see the kernel files in out/mixed/dist. I flashed them, and it gave me boot loops.
It would be awesome if you could share some build instructions as well.
you can find more info on building kernels here....
Building Kernels | Android Open Source Project
source.android.com
but the steps i took were to initialize and sync the repo listed in the link above. then from there i made my cherry picks. next i went to /arch/arm64/configs and edited the gki_defconfig to match the needed configs i needed for kali linux. after that i ran build/build.sh.
it will error after that because the abi_symbol_allowlist in /android/abi_gki_aarch64_generic file will need updated with the new symbols now compiled in the newly customized kernel.
then after you have corrected all the errors and its built a kernel you will have 4 items to flash..
boot.img
dtbo.img
vendor_boot.img
vendor_dlkm.img
dtbo and boot are flashed in fastboot while vendor_boot and vendor_dlkm are flashed in fastbootd.
but the easiest way to flash is by making an anykernel.zip
also need to point out that some custom roms will not allow you to flash custom kernels so i would hop on tg and ask the maintainer if that rom permits flashing kernels else your gonna have a hard time
thanks for the build @Duhjoker. I managed to flash it on a Pixel 6 and install NetHunter but wifi monitoring mode doesn't work. This is the output from `airmon --debug`
Hey Duhjoker! Thanks for your work on this! Its a dream come true! I just have one question. Is there any chance we will see a pixel 6a version of this kernel with wifi injection? Or is this a pipedream?
evansfromza said:
thanks for the build @Duhjoker. I managed to flash it on a Pixel 6 and install NetHunter but wifi monitoring mode doesn't work. This is the output from `airmon --debug`
View attachment 5705665
Click to expand...
Click to collapse
i am aware of the problem and im looking into it. to be honest i never could get airmon-ng to work on any android.
im thinking monitor mode may need to be enabled first through /sys/ like qualcomm but i could be wrong. this is my first exynos kernel and im having to relearn stuff.
gahndii said:
Hey Duhjoker! Thanks for your work on this! Its a dream come true! I just have one question. Is there any chance we will see a pixel 6a version of this kernel with wifi injection? Or is this a pipedream?
Click to expand...
Click to collapse
I can but i dont own a pixel 6a. The build would have to completely blind but if your willing to test i can try. i did the same for the pixel 3 so it shouldnt be a problem but read next post to see whats up on the current state of building
ok so i dont know whats up with android 13 kernel source but so far none of the builds are booting. ive been at it since release and no go.
but be assured i am working on stuff
Duhjoker said:
I can but i dont own a pixel 6a. The build would have to completely blind but if your willing to test i can try. i did the same for the pixel 3 so it shouldnt be a problem but read next post to see whats up on the current state of building
Click to expand...
Click to collapse
Though I wouldn't mind testing something like that, however would not consider myself a reliable tester. I'm more of a tinkerer honestly. I haven't flashed a rom in 4-5 years haha I gave up years ago on a kernel with wifi packet injection drivers baked in. (for a model I owned) I would not be able to give you solid reliable feedback but id happily try it out for fun. From what ive been reading looks like im staying on Android 12 for a bit longer.
The ramdisk provided by Google for A13 is the issue, you must extract it from vendor_boot and replace it inside prebuilts folder, thanks to freak07 for the solution.
Here's the commit from him.
acuicultor said:
The ramdisk provided by Google for A13 is the issue, you must extract it from vendor_boot and replace it inside prebuilts folder, thanks to freak07 for the solution.
Here's the commit from him.
Click to expand...
Click to collapse
Thank you so much for that. it was driving me crazy and couldnt understand what the problem was.
so now we have kali coming for a13 in a couple days
ok guys Mad-Kali-MaxHunter-Raviole-T for android 13 is now live and linked in op.
I have been researching the wifi monitor mode and packet injection properties on the wlan and heres the state of the driver from my google searches
The bcm4389 wifi 6e client set of chips was announced in 2020 by broadcom and can be found in the Samsung galaxy s21 and google pixel 6, 6pro and 6a models along with some xiaome phones.
For us that means that the drivers and firmware are so new that theres been very little development for it. i myself was only able to find a bluetooth patch that im sure has already been picked up by the google source kernel devs.
from what i can tell of the other drivers by looking at the nexmon github page and further reading the previous wlan modules needed patched firmware to enable airmon-ng.
im still doing research into how to fix this but if anyone has any clues please speak up.
but for now if you should be able to get by using a usb wifi dongle.
Hi, @Duhjoker I was able to install everything successfuly but it seems like the kernel is missing some features not directly related to Kali but that would be nice to add.
HID attack support from Rucky, and ISO usb host from DriveDroid.
I'm using a Pixel 6 Pro on A13
Thanks for your work
Unfortunately, usb wifi dongles aren't working even if they're supported, even after installing their firmwares. Something's wrong with the kernel.
I have good news. Seems google did the hard work for us on hacking the firmware for monitor mode and it looks like we can now use monitor mode to catch packets "NATIVELY".
please read here for the details.
Get BCM4389 into monitor mode for WIFI sniffing
Hey all, I was trying to watch beacon frames transmitted by my access point, but had no capable hardware in my house to sniff it. Or did I? Turns out, Pixel 6 / Pixel 6 Pro can do it. Here's my howto...
forum.xda-developers.com
i havent tested this fully yet but a friend in my tg chat helped me snag the binaries rc files and best of all the firmware.
i dont currently have a magisk module yet but with root copy the vendor folder in the zip to /data/adb/modules pick any module for example
/data/adb/modules/busybox-ndk/system
reboot and enjoy
edit: you made need to chmod the binaries after placing them
deleted
tried that, it doesn't work.
also, wifi dongles are recognized by lsusb but not mounted (airmon-ng only shows phy0 - internal wlan interfaces)