OnePlus 2 Forums: Discuss Everything About The OP2!

Now that the OnePlus 2 has been officially unveiled and that we have had close-up … more

Intel & Micron Announce “Revolutionary” Storage Tech

Intel & Micron have announced 3D Xpoint technology—”the … more

Google Now Interfaces With Third-Party Messaging Apps

Google has announced that Ok Google voice commands can now be used to send … more

Make Your Lockscreen More Productive With Widgets

Are you running Android Lollipop? Do you miss the ability to add widgets to your lock … more

[DEV] Backtrack 5 on T-mobile SGS2 3/5/2012 (NEED KERNEL DEVS!!!)

350 posts
Thanks Meter: 640
Post Reply Subscribe to Thread Email Thread
I am not responsible for you bricking your device.


Ok ladies and gentlemen. I guess I should have started with this. But, as another poster stated, if you don't know what Backtrack is, then you don't need this. But, I have to clarify some misconceptions as well. No one has stated correctly what Backtrack is. Backtrack is more than a tool to crack wifi passwords. Its an entire security distro. It it literally packed with thousands of tools to do everything a security tester or "hacker" needs. It is packed with metasploit (google it), sslstrip, nmap,wireshark, just to name a few. Why would they make an entire linux distro just to hack wifi routers? If you have questions, just ask.

Now with that out of the way. Backtrack runs on an image that is never mounted to your system. Nothing is replaced. It is basically a side load which can be turned on or off whenever you want while the phone is on. There is no flashing involved what-so-ever. It is so easy a caveman can do it.

This is a persistant version.

Finally on our device. Everything is fully functional with the exception of using anything that involves packet injection and setting your adapter to monitor mode (yes, this means you cannot crack WEP/WPA yet). The concept is just that we have to modify the wifi adapter driver to accept monitor mode as well as allowing packet injection. Everything else works perfectly.

7zip PC ONLY

Terminal Emulator (Free)
AndroidVNC (Free)

Tasker (Paid)

NOTE: You will need approximately 3.5GB of free space on your internal SDcard (not the removable SD Card at /sdcard/external_sd/)


INITIAL SETUP (only needs to be completed once)

1. Create a folder called "bt" on the base of your Internal sdcard (directory should look like it does below:


2. Download the following scripts and put them directly to the new "bt" folder you just created. The directory should look like it does below:



3. Download this version of busybox for temp use and put it in the following directory shown below (you may need Root Explorer to change permissions to create the directory tree and upload the file):



NOTE: /data/local/ should already be there as well as tmp. You will have to create the "bt" folder in that tree. You must have the directory tree and file shown exactally as shown: /data/local/tmp/bt/busybox . If you don't, you can't complain to me why you are getting errors.

4. After you verify that those 5 files are in that directory, then you can proceed to downloading the bt.img file below and put it in the "bt" directory as shown below:

Download each of these and use 7zip to extract the bt.img from them.


NOTE: these files total approximately 3.3GB

Extract on your PC and upload to:


5. After you have completed the above steps, reboot your phone and re-verify all the above files are in their correct directories:


6. Open Terminal Emulator and type the following commands. If you recieve any errors then the above steps were not completed correctly, so go back to setp 1.

$ su
# cd sdcard
# cd bt
# sh
# startbt
# bt

7. At this point you have installed Backtrack and have a Backtrack 5 shell.

8. Now the good part. To open the GUI of Backtrack, enter the following command:

# ui

9. Nothing? Be patient. Look at the output and take note of the number "X" located at "localhost:X" from the X desktop line of the output. The VNC server is running at port 5900 so you must add "X" to get the new server port for Backtrack, ie. X=1, then 5900 + 1 would give you 5901 as the new server port.

10. Open AndroidVNC and enter the following info:

Nickname: whatever you want
Password: 12345678
Port: whatever you got from your little math problem above
Username: leave blank

Change Color Format to 24-bit color (4 bpp)

11. Now all you have to do is connect after you have created the connection.


1. Open Terminal Emulator and type the following commands.

$ su
# cd sdcard
# cd bt
# startbt
# bt
# ui

2. Open up AndroidVNC and connect to the privously created connection.


1. Tap the settings softkey and tap disconnect (to disconnect you from the VNC server).

2. In Terminal Emulator, type the following commands:

root@localhost: # killui
root@localhost: # exit
# stopbt
# exit
# exit

3. This will close it all out for you, but to ensure a full shutdown, reboot your phone.

Thats all!!!!

Optional Automation

If you have Tasker, then you can add some automation that will automatically execute the Terminal commands and open AndroidVNC.

Download the following file and put it in the following directory which should look like this after it is added:



Then open Tasker. Then go to Settings > Preferences > UI and uncheck "Beginner Mode" and touch the gree checkmark.

Now under the buttons across the top (Profiles, Tasks, Scenes, Variables), you will see a very faint arrow pointing down. Touch and drag down and a tab(s) will be seen across the top. touch and hole the tab with the house. Touch "Import". A "Project File Select" window will pop up. If the file does not show up, then touch the back arrow, and click on the "tasks" folder. Then click on the file "bt". Then a tab at the top will be created that is labled "bt". At the bottom right of the app, make sure that the button says "on". Now exit out of the app. Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt on" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.

Now you will have an icon on your screen that will automatically boot up backtrack and bring you straight to the UI. The next step you want to do is have an icon that will turn it off. To do this, Go to your favorite screen and long click the screen. Next, add a widget, the touch tasker. A window will pop up with alot of entries. Go to the bottom and find "bt off" and touch it. After that, another window will pop up. At this point you could just click the green checkmark and be done. But another thing you can do (optional) is touch the button to add an icon, then check the green checkmark.

Now you will have an on and off button for Backtrack!!!

Please thank me if you like this and donate if it helped you!!!

If you are also a DEV that would like to help on modifying the wifi drivers to allow injection and adding monitoring, please contact me ASAP.
Last edited by binarybishop; 6th March 2012 at 04:54 PM. Reason: Updated instructions and links
The Following 22 Users Say Thank You to binarybishop For This Useful Post: [ View ]
29th February 2012, 09:20 PM |#2  
Senior Member
Thanks Meter: 691
Very awesome !! Can't wait for monitor mode working !

Ty and im following this thread intently

Sent from my SGH-T989 using xda premium
29th February 2012, 09:24 PM |#3  
binarybishop's Avatar
OP Senior Member
Flag Killeen, TX
Thanks Meter: 640
Donate to Me
No problem. Im trying to work on it but honestly. I may need some serious DEV helpers to mod the drivers.
29th February 2012, 11:30 PM |#4  
bbobarino's Avatar
Senior Member
Flag pawtucket
Thanks Meter: 233
Good work man thank u

Sent from my SGH-T989 using Tapatalk
1st March 2012, 01:54 AM |#5  
Senior Member
Newport Beach, Ca
Thanks Meter: 40
Could this essentially help me in helping my neighbor remember his wifi password

Sent from my SGH-T989 using xda premium
1st March 2012, 01:58 AM |#6  
mightymike889's Avatar
Senior Member
Thanks Meter: 86
im rly sry but what is this for something for wifi?
1st March 2012, 01:59 AM |#7  
Senior Member
Thanks Meter: 45
Sorry I know this is going to sound noobish, what is this used for? Why would I want it?

1st March 2012, 02:03 AM |#8  
Senior Member
Flag Arlington, Tx
Thanks Meter: 74
If you don't know what this is for then you don't need it lol

Sent from my SGH-T989 using xda premium
1st March 2012, 04:04 AM |#9  
Senior Member
Thanks Meter: 45
Thank you, both of you. I admit after I hit submit I went and googled backtrack. While I guess its a cool party trick, in my opinion of course, I wouldn't have any use for this. Its cool that it is working and the effort the OP put into this, so I apologize if this is taken in the wrong context.

On the other hand, im looking to run Ubuntu on this phone and hook it up to my TV, using a Bluetooth keyboard and utilize the full functionality of this device.

1st March 2012, 11:10 AM |#10  
Xhyperion's Avatar
Senior Member
Flag Miami
Thanks Meter: 55
Donate to Me
slightly off topic but I have Back Track 5 and a wireless router capable of packet injection. I have no idea how to install the drivers for it on my computer. I read through the instructions but its very complicated anyone familiar with doing this could you pm me?
Last edited by Xhyperion; 1st March 2012 at 01:38 PM.
1st March 2012, 01:45 PM |#11  
Thanks Meter: 5
This is something I can use and appreciate your work. Unfortunately, the links are down.

Thanks in advance

Sent from my SGH-T989 using xda premium

Read More
Post Reply Subscribe to Thread

backtrack, hercules, sgh t-989, sgs2, t-mobile
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes