DISCLAIMER:
I am not responsible for you bricking your device.
BOTTOM LINE
WHAT IS BACKTRACK?
Ok ladies and gentlemen. I guess I should have started with this. But, as another poster stated, if you don't know what Backtrack is, then you don't need this. But, I have to clarify some misconceptions as well. No one has stated correctly what Backtrack is. Backtrack is more than a tool to crack wifi passwords. Its an entire security distro. It it literally packed with thousands of tools to do everything a security tester or "hacker" needs. It is packed with metasploit (google it), sslstrip, nmap,wireshark, just to name a few. Why would they make an entire linux distro just to hack wifi routers? If you have questions, just ask.
Now with that out of the way. Backtrack runs on an image that is never mounted to your system. Nothing is replaced. It is basically a side load which can be turned on or off whenever you want while the phone is on. There is no flashing involved what-so-ever. It is so easy a caveman can do it.
This is a persistant version.
Finally on our device. Everything is fully functional with the exception of using anything that involves packet injection and setting your adapter to monitor mode (yes, this means you cannot crack WEP/WPA yet). The concept is just that we have to modify the wifi adapter driver to accept monitor mode as well as allowing packet injection. Everything else works perfectly.
NEEDED APPS
7zip PC ONLY
Terminal Emulator (Free)
AndroidVNC (Free)
(Optional)
Tasker (Paid)
NOTE: You will need approximately 3.5GB of free space on your internal SDcard (not the removable SD Card at /sdcard/external_sd/)
FOLLOW THESE DIRECTIONS SPECIFICALLY
INITIAL SETUP (only needs to be completed once)
1. Create a folder called "bt" on the base of your Internal sdcard (directory should look like it does below:
/sdcard/bt
2. Download the following scripts and put them directly to the new "bt" folder you just created. The directory should look like it does below:
bt
installbt.sh
startbt
stopbt
/sdcard/bt/bt
/sdcard/bt/installbt.sh
/sdcard/bt/startbt
/sdcard/bt/stopbt
3. Download this version of busybox for temp use and put it in the following directory shown below (you may need Root Explorer to change permissions to create the directory tree and upload the file):
busybox
/data/local/tmp/bt/busybox
NOTE: /data/local/ should already be there as well as tmp. You will have to create the "bt" folder in that tree. You must have the directory tree and file shown exactally as shown: /data/local/tmp/bt/busybox . If you don't, you can't complain to me why you are getting errors.
4. After you verify that those 5 files are in that directory, then you can proceed to downloading the bt.img file below and put it in the "bt" directory as shown below:
Update
Download each of these and use 7zip to extract the bt.img from them.
bt.7z.001
bt.7z.002
bt.7z.003
bt.7z.004
bt.7z.005
bt.7z.006
bt.7z.007
bt.7z.008
bt.7z.009
bt.7z.010
NOTE: these files total approximately 3.3GB
Extract on your PC and upload to:
/sdcard/bt/bt.img
5. After you have completed the above steps, reboot your phone and re-verify all the above files are in their correct directories:
/sdcard/bt/bt.img
/sdcard/bt/bt
/sdcard/bt/installbt.sh
/sdcard/bt/startbt
/sdcard/bt/stopbt
/data/local/tmp/bt/busybox
6. Open Terminal Emulator and type the following commands. If you recieve any errors then the above steps were not completed correctly, so go back to setp 1.
$ su
# cd sdcard
# cd bt
# sh installbt.sh
# startbt
# bt
7. At this point you have installed Backtrack and have a Backtrack 5 shell.
8. Now the good part. To open the GUI of Backtrack, enter the following command:
# ui
9. Nothing? Be patient. Look at the output and take note of the number "X" located at "localhost:X" from the X desktop line of the output. The VNC server is running at port 5900 so you must add "X" to get the new server port for Backtrack, ie. X=1, then 5900 + 1 would give you 5901 as the new server port.
10. Open AndroidVNC and enter the following info:
Nickname: whatever you want
Password: 12345678
Address: 127.0.0.1
Port: whatever you got from your little math problem above
Username: leave blank
Change Color Format to 24-bit color (4 bpp)
11. Now all you have to do is connect after you have created the connection.
START EACH TIME
1. Open Terminal Emulator and type the following commands.
$ su
# cd sdcard
# cd bt
# startbt
# bt
# ui
2. Open up AndroidVNC and connect to the privously created connection.
SHUTDOWN
1. Tap the settings softkey and tap disconnect (to disconnect you from the VNC server).
2. In Terminal Emulator, type the following commands:
root@localhost: # killui
root@localhost: # exit
# stopbt
# exit
# exit
3. This will close it all out for you, but to ensure a full shutdown, reboot your phone.
Thats all!!!!
Optional Automation
If you have Tasker, then you can add some automation that will automatically execute the Terminal commands and open AndroidVNC.
Download the following file and put it in the following directory which should look like this after it is added:
bt.prj.xml
/sdcard/Tasker/tasks/bt.prj.xml
Then open Tasker. Then go to Settings > Preferences > UI and uncheck "Beginner Mode" and touch the gree checkmark.
Now under the buttons across the top (Profiles, Tasks, Scenes, Variables), you will see a very faint arrow pointing down. Touch and drag down and a tab(s) will be seen across the top. touch and hole the tab with the house. Touch "Import". A "Project File Select" window will pop up. If the file does not show up, then touch the back arrow, and click on the "tasks" folder. Then click on the file "bt". Then a tab at the top will be created that is labled "bt". At the bottom right of the app, make sure that the button says "on". Now exit out of the app. Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt on" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.
Now you will have an icon on your screen that will automatically boot up backtrack and bring you straight to the UI. The next step you want to do is have an icon that will turn it off. To do this, Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt off" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.
Now you will have an on and off button for Backtrack!!!
Please thank me if you like this and donate if it helped you!!!
If you are also a DEV that would like to help on modifying the wifi drivers to allow injection and adding monitoring, please contact me ASAP.
I am not responsible for you bricking your device.
BOTTOM LINE
WHAT IS BACKTRACK?
Ok ladies and gentlemen. I guess I should have started with this. But, as another poster stated, if you don't know what Backtrack is, then you don't need this. But, I have to clarify some misconceptions as well. No one has stated correctly what Backtrack is. Backtrack is more than a tool to crack wifi passwords. Its an entire security distro. It it literally packed with thousands of tools to do everything a security tester or "hacker" needs. It is packed with metasploit (google it), sslstrip, nmap,wireshark, just to name a few. Why would they make an entire linux distro just to hack wifi routers? If you have questions, just ask.
Now with that out of the way. Backtrack runs on an image that is never mounted to your system. Nothing is replaced. It is basically a side load which can be turned on or off whenever you want while the phone is on. There is no flashing involved what-so-ever. It is so easy a caveman can do it.
This is a persistant version.
Finally on our device. Everything is fully functional with the exception of using anything that involves packet injection and setting your adapter to monitor mode (yes, this means you cannot crack WEP/WPA yet). The concept is just that we have to modify the wifi adapter driver to accept monitor mode as well as allowing packet injection. Everything else works perfectly.
NEEDED APPS
7zip PC ONLY
Terminal Emulator (Free)
AndroidVNC (Free)
(Optional)
Tasker (Paid)
NOTE: You will need approximately 3.5GB of free space on your internal SDcard (not the removable SD Card at /sdcard/external_sd/)
FOLLOW THESE DIRECTIONS SPECIFICALLY
INITIAL SETUP (only needs to be completed once)
1. Create a folder called "bt" on the base of your Internal sdcard (directory should look like it does below:
/sdcard/bt
2. Download the following scripts and put them directly to the new "bt" folder you just created. The directory should look like it does below:
bt
installbt.sh
startbt
stopbt
/sdcard/bt/bt
/sdcard/bt/installbt.sh
/sdcard/bt/startbt
/sdcard/bt/stopbt
3. Download this version of busybox for temp use and put it in the following directory shown below (you may need Root Explorer to change permissions to create the directory tree and upload the file):
busybox
/data/local/tmp/bt/busybox
NOTE: /data/local/ should already be there as well as tmp. You will have to create the "bt" folder in that tree. You must have the directory tree and file shown exactally as shown: /data/local/tmp/bt/busybox . If you don't, you can't complain to me why you are getting errors.
4. After you verify that those 5 files are in that directory, then you can proceed to downloading the bt.img file below and put it in the "bt" directory as shown below:
Update
Download each of these and use 7zip to extract the bt.img from them.
bt.7z.001
bt.7z.002
bt.7z.003
bt.7z.004
bt.7z.005
bt.7z.006
bt.7z.007
bt.7z.008
bt.7z.009
bt.7z.010
NOTE: these files total approximately 3.3GB
Extract on your PC and upload to:
/sdcard/bt/bt.img
5. After you have completed the above steps, reboot your phone and re-verify all the above files are in their correct directories:
/sdcard/bt/bt.img
/sdcard/bt/bt
/sdcard/bt/installbt.sh
/sdcard/bt/startbt
/sdcard/bt/stopbt
/data/local/tmp/bt/busybox
6. Open Terminal Emulator and type the following commands. If you recieve any errors then the above steps were not completed correctly, so go back to setp 1.
$ su
# cd sdcard
# cd bt
# sh installbt.sh
# startbt
# bt
7. At this point you have installed Backtrack and have a Backtrack 5 shell.
8. Now the good part. To open the GUI of Backtrack, enter the following command:
# ui
9. Nothing? Be patient. Look at the output and take note of the number "X" located at "localhost:X" from the X desktop line of the output. The VNC server is running at port 5900 so you must add "X" to get the new server port for Backtrack, ie. X=1, then 5900 + 1 would give you 5901 as the new server port.
10. Open AndroidVNC and enter the following info:
Nickname: whatever you want
Password: 12345678
Address: 127.0.0.1
Port: whatever you got from your little math problem above
Username: leave blank
Change Color Format to 24-bit color (4 bpp)
11. Now all you have to do is connect after you have created the connection.
START EACH TIME
1. Open Terminal Emulator and type the following commands.
$ su
# cd sdcard
# cd bt
# startbt
# bt
# ui
2. Open up AndroidVNC and connect to the privously created connection.
SHUTDOWN
1. Tap the settings softkey and tap disconnect (to disconnect you from the VNC server).
2. In Terminal Emulator, type the following commands:
root@localhost: # killui
root@localhost: # exit
# stopbt
# exit
# exit
3. This will close it all out for you, but to ensure a full shutdown, reboot your phone.
Thats all!!!!
Optional Automation
If you have Tasker, then you can add some automation that will automatically execute the Terminal commands and open AndroidVNC.
Download the following file and put it in the following directory which should look like this after it is added:
bt.prj.xml
/sdcard/Tasker/tasks/bt.prj.xml
Then open Tasker. Then go to Settings > Preferences > UI and uncheck "Beginner Mode" and touch the gree checkmark.
Now under the buttons across the top (Profiles, Tasks, Scenes, Variables), you will see a very faint arrow pointing down. Touch and drag down and a tab(s) will be seen across the top. touch and hole the tab with the house. Touch "Import". A "Project File Select" window will pop up. If the file does not show up, then touch the back arrow, and click on the "tasks" folder. Then click on the file "bt". Then a tab at the top will be created that is labled "bt". At the bottom right of the app, make sure that the button says "on". Now exit out of the app. Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt on" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.
Now you will have an icon on your screen that will automatically boot up backtrack and bring you straight to the UI. The next step you want to do is have an icon that will turn it off. To do this, Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt off" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.
Now you will have an on and off button for Backtrack!!!
Please thank me if you like this and donate if it helped you!!!
If you are also a DEV that would like to help on modifying the wifi drivers to allow injection and adding monitoring, please contact me ASAP.
Last edited:
