I do have Kali/CyanogenMod running on my phone right now, I can launch and use Metasploit but postgresql doesn't yet work so no database, it works just no db to store info thats all, maybe connecting to a db on laptop over network might work but I haven't tried it. This is not a chroot enviroment, /bin /sbin /usr /var /opt have all been added to Android's / directory and then the files that belong in them get --bind mounted, (right now I run a script when I turn on my phone for mounting, but it will be added to the init boot sequence when I get into it).
Apt-get works because the actual Linux-side directories exist on my external sdcard (a few permissions in Android's source had to be changed, then built into the rom) and then get mounted as I said before to Android's root.
The biggest issue of getting Linux binaries to run in Android's root is that, normally there is not a /lib directory with the proper /glibc (special gnu or gpl libc for embedded devices). Android uses a different clib called Bionic that gets linked to executables ( Bionic is in /system/lib I believe and linker is in /system/bin) so as I understand it, now that I have added /lib to Android, glibc based executables can now link with it via the linker in /usr/bin I believe, correct me if I am wrong).
Very few specific mods/hack to Android's source need to be done to accomplish this. I know the Kali docs have info on patching a Sumsung device with wireless injection drivers, though I am not sure if it will work with G S I/II/III. I own an S III. I need to look into this so thank you everyone for the links.
Py4A can also be extracted from its installation location (need root) to /system/xbin and if you put the libs in a good place and add PYTHON_HOME and all that, you can get python working on the command line like bash does on CM, not sure if other roms come with bash.
But as far as I know Metasploit uses Ruby, and Sl4A has JRuby and I am not sure if they are compatable. But I had to install Metasploit on my phone and the package wasnt available from Kali's repository for whatever reason, so what I did (remember I have a full distro running) was follow some instructions for compiling Ruby 1.9.3 (i think) and then using that to install Metasploit, yes, on my phone with no chroot. ( I didn't install any Desktop or gui apps for somewhat obvious reasons regarding X windows and Android's front "destop" on dalvik.) But, still no postgresql db, but u don't need a db to run Metasploit, you just can't save the nmap scans for automation, I am sure some modules require a db. As a note, Android does now have sqlite3 which I have heard is usable with Metasploit but not optimal for large scale testing, but I have yet to figure out how to use sqlite3 instead of postgresql.
In regards to getting postgresql and services like nfs-kernel-server, nfs-common, openssh, samba, cups, beef , etc etc. I think permissions for those services need to baked into Android ROMs, so I need to get off my ars and get to work.
Code:
localhost / # ls
acct init.target.rc
bin init.trace.rc
cache init.usb.rc
charger initlogo.rle
config lib
d lpm.rc
data media
default.prop mnt
dev opt
efs persist
etc proc
extSdCard res
firmware root
fstab.qcom run
home sbin
init sdcard
init.cm.rc selinux
init.goldfish.rc srv
init.qcom.class_core.sh storage
init.qcom.class_main.sh sys
init.qcom.early_boot.sh system
init.qcom.lpm_boot.sh tmp
init.qcom.rc tombstones
init.qcom.sh ueventd.goldfish.rc
init.qcom.syspart_fixup.sh ueventd.qcom.rc
init.qcom.usb.rc ueventd.rc
init.qcom.usb.sh usbdisk0
init.rc usr
init.recovery.qcom.rc var
init.superuser.rc vendor
localhost / # export HOME=/root
localhost / # cd
localhost ~ # ls
localhost ~ # which ruby
/usr/bin/ruby
localhost ~ # echo $PATH
/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
localhost ~ # which python
/usr/bin/python
localhost ~ # which gcc
/usr/bin/gcc
localhost ~ # which apt-get
/usr/bin/apt-get
localhost ~ # which msfconsole
/usr/bin/msfconsole
localhost ~ # which aircrack-ng
/usr/bin/aircrack-ng
localhost ~ # ifconfig wlan0 permisc
localhost ~ #
