• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[KERNEL] Nethunter for Galaxy S20 FE 5G r8q (Snapdragon)

Search This thread

chigz360

New member
Feb 15, 2021
3
0
any chance for doing it for the galaxy s20+ sm-g985F/DS or know how i can get to making the kernel as I've been trying for so long with no luck please and thank you
 

EDllT

Member
Oct 2, 2020
12
3
Hey, so recently I've rooted my phone s20 fe 5g snapdragon Model: SM-G781B/DS with magisk
Some software info:
Its android version is 11
One UI 3.0
Android Security patch level January 1 2021

Okay so, now to the problem part
First I install nethunter store then from there install nethunter and nethunter terminal

When I open the nethunter terminal it asks me to grant it root permissions in magisk, I grant it the root permissions
After that it asks for a lot of permissions that is location, storage, android shell, etc

But when I grant it all the permissions my phone freezes and then crashes
when I tried to not give nethunter all the permissions nethunter just says that it needs permissions
Thank you in advanced
 

bininga59

Senior Member
Jun 13, 2014
3,272
1,743
Böblingen
Hey, so recently I've rooted my phone s20 fe 5g snapdragon Model: SM-G781B/DS with magisk
Some software info:
Its android version is 11
One UI 3.0
Android Security patch level January 1 2021

Okay so, now to the problem part
First I install nethunter store then from there install nethunter and nethunter terminal

When I open the nethunter terminal it asks me to grant it root permissions in magisk, I grant it the root permissions
After that it asks for a lot of permissions that is location, storage, android shell, etc

But when I grant it all the permissions my phone freezes and then crashes
when I tried to not give nethunter all the permissions nethunter just says that it needs permissions
Thank you in advanced
Why are you still on One UI 3.0, - we're already on UI 3.1
 

bininga59

Senior Member
Jun 13, 2014
3,272
1,743
Böblingen
Does nethunter work properly on One UI 3.1?
With the HID, BadUSB and Injection attacks?
I didn't upgrade to One UI 3.1 because I was afraid that it wouldn't function properly as there wasn't any kernel for it in here
The kernel won't work on 3.1. But it could also be that the dev is not up to date with 3.0 with the souce code. Is the kernel identical to your firmware.
 

EDllT

Member
Oct 2, 2020
12
3
The kernel won't work on 3.1. But it could also be that the dev is not up to date with 3.0 with the souce code. Is the kernel identical to your firmware.
Im not quite sure what you mean by that, but my kernel's version is 4.19

It would be great if you could add me in discord so that I could ask you more directly
EDllT#3713
 
Last edited:

EDllT

Member
Oct 2, 2020
12
3
Hey so, quick update
Apparently my twrp thing didn't decrypt the phone so that's probably why I was crashing
I re-read the twrp installation guide and followed it properly this time and nethunter worked :D
 

EDllT

Member
Oct 2, 2020
12
3
Okay so, this is my last question hopefully
I didn't understand this step and beyond

7. Extract Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries to folders:
Android 11 = Firmwares: /vendor/firmware_mnt/image/
Android 10 = Firmwares: /vendor/etc/firmware_mnt/image/
Firmwares: Give permissions to every file rw-r--r-- (if they aren't set)
hid-keyboard binary: system/xbin/ and give permissions to it rwxr-xr-x
8. Reboot

I can't find any file named "Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries"
I know that X.X is for differing version numbers, yet I didn't find any with a suffix of _binaries.7z, now unless he meant the file named "Nethunter_WirusMOD_Binaries_Android_11.zip" which is possible but pretty far off with the name or the other file which I used to flash the kernel "Nethunter_WirusMOD_r8q_v2.3.zip" the thing is none of them end with .7z
Also after it what did he mean by giving write permissions to files? How do I do that? Using a text editor? terminal? or something else?
 

3mel

Senior Member
Aug 23, 2012
1,321
374
London
Okay so, this is my last question hopefully
I didn't understand this step and beyond

7. Extract Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries to folders:
Android 11 = Firmwares: /vendor/firmware_mnt/image/
Android 10 = Firmwares: /vendor/etc/firmware_mnt/image/
Firmwares: Give permissions to every file rw-r--r-- (if they aren't set)
hid-keyboard binary: system/xbin/ and give permissions to it rwxr-xr-x
8. Reboot

I can't find any file named "Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries"
I know that X.X is for differing version numbers, yet I didn't find any with a suffix of _binaries.7z, now unless he meant the file named "Nethunter_WirusMOD_Binaries_Android_11.zip" which is possible but pretty far off with the name or the other file which I used to flash the kernel "Nethunter_WirusMOD_r8q_v2.3.zip" the thing is none of them end with .7z
Also after it what did he mean by giving write permissions to files? How do I do that? Using a text editor? terminal? or something else?
I would say it's the 2nd zip file you linked to... Nethunter_WirusMOD_
r8q_v2.3.zip
it has a version number but the archive type is .zip instead of .7z (7zip). permissions can be fixed with a good root capable file manager or with TWRP.
the file manager might be easier, usually long press on the content of that archive once you've extracted and copied them into the location /vendor/firmware_mnt/image/
permissions should be an option that comes up with a long press. it is expressed either in letters or numbers rw-r--r-- if it's numbers you'd need to enter 644 then OK it.
using TWRP and it's Chmod command might be safer as the folder you are being told to write to needs to be ''mounted'' as writable before you can put files there (I don't know if we'd have that these days just using a file manager, someone else will need to confirm that). TWRP should be able to mount system for you hopefully so that's the better option to try. extract that zip file with the phone turned on, boot to recovery, try mounting system, use TWRP's file manager to move the extracted binaries then use Chmod to fix the permissions to 644.

permissions explained https://its.unc.edu/research-computing/techdocs/how-to-use-unix-and-linux-file-permissions/
 
  • Like
Reactions: Svirusx
Wow, I scrolled passed this thread for a while now without realizing I have the Nethunter boot animation in .qmg. I converted it myself 😁. No one seems to care about boot animations anymore but I still do. Enough to stop searching for them and to make them myself. Here you guys go.
 

anastasiszn

Senior Member
May 3, 2012
1,185
263
33
Thessaloniki
octagonsec.gr
can you make nethunter kernel for Samsung a30s sm-a307fn
it's about hid function, that i face errors when enable it
and didn't face anything when left it

i can build the kernel and currently i have one of my own in my aforementioned device
but the problem that i don't have enough experience in C language to fix this annoying problem
so it would be great, if you fired an official nehtunter kernel for this device:)

open su terminal and give this command:

mknod --mode=666 /dev/hidg0 c 240 0 && mknod --mode=666 /dev/hidg1 c 240 1 && dmesg | grep hidg

Then set functions on usb arsenal.
 

kprasadrao

New member
Sep 8, 2021
1
0
Screenshot_20210917-122801.jpg

This kernel passing safetynet of magisk ? , payment system and secure folder working or not
 

0ptix

New member
Sep 14, 2016
3
0
I've run into problems with NetHunter and can't seem to make progress. Here are some symptoms:

- In the Nethunter term window "ping 127.0.0.1" and even "sudo ping 127.0.0.1" get me "ping: socket: Permission denied". (A Termux terminal has no such problem.)

- In the Nethunter app:
= Kali Services, starting a service (e.g. SSH) using a radio button doesnt seem to start the service. (Hitting Refresh puts the radio button back to the greyed out off position.)
= Home screen shows "HID interface not found." in the HID status section.
= Bluetooth Arsenal I cant get any other option than "None" for the Bluetooth interface. E.g. In the Services section, using the radio buttons I can start Dbus & Bluetooth Serivces and bring Interface up. But if I hit the refresh button only Dbus radio button stays "on".

I'm sure there are more symptoms but at this point its pretty clear something basic is broken.

Here's what I've done so far: I've installed everything as per instructions in first post. Only exception is that I couldnt set the permissions to rw-r--r-- for the firmware_mnt/image files because /vendor/firmware_mnt is mounted as vfat. Defualt perms in that directory are set to r--r-----. But TBH I dont think thats the issue.

What does work is TWRP, Magisk, su, Busybox (at least in a Termux term). I've also got Kali's chroot set up and installed. Kali Chroot starts up without complaining. (only green & blue lines, no red ones). But clearly something is definitely wrong.

Any input on what could be wrong and/or what to do to figure out the root cause of all this would be really nice!
 

Top Liked Posts

  • There are no posts matching your filters.
  • 7


    WirusMOD Nethunter Kernel for Samsung Galaxy S20 FE 5G (Snapdragon) - Stock Android 10 & 11
    Code:
    I am not responsible for bricked devices.
    If you going to flash it, you accepted it.
    Of course your warranty is void.

    Nethunter Features:
    • BadUSB
    • HID gadget keyboard/mouse
    • DriveDroid
    • USB WiFi, mac80211 (Monitor mode, packet capture, packet injection) [Compatibility List]
    • support rtl88xxau USB WiFi
    • support rtl8188eus USB WiFi
    • Ethernet
    • Bluetooth HCI USB support
    • RTL-SDR DVB support
    • Monitor mode for buildin wifi card ( Qcacld-3.0 ) (No frame injection)
    • Enabled BT_RFCOMM
    • Support for extra file systems like CIFS, NFS, NTFS, F2FS
    Extra:
    • Boeffla wakelock blocker v1.10
    • Wireguard
    • Docker support

    Download: Android 11 releases start with v2.x
    Latest version SM-G781X here.

    Installation:
    1. TWRP Backup your ROM
    2. Flash Nethunter Kernel
    3. Flash latest Magisk
    4. Install busybox can be one from Magisk repository
    5. Install Nethunter Store
    6. Install NetHunter apk, NetHunter Terminal, NetHunter KeX from Nethunter Store
    7. In NetHunter apk go to Kali Chroot Manager and install chroot.
    7. Extract Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries to folders:
    Android 11 = Firmwares: /vendor/firmware_mnt/image/
    Android 10 = Firmwares: /vendor/etc/firmware_mnt/image/
    Firmwares: Give permissions to every file rw-r--r-- (if they aren't set)
    hid-keyboard binary: system/xbin/ and give permissions to it rwxr-xr-x
    8. Reboot


    OLD: Loadable modules only for version 1.0:

    Most of modules are integrated in kernel. Here are only two modules to load. Use they only if you need they.
    Modules_Nethunter_WirusMOD_vX.X.7z

    insmod 8188eu.ko - load module
    rmmod 8188eu.ko - unload module
    lsmod - list loaded modules

    Another way to load modules is Module Loader
    Copy modules to storage and choose modules which you want to load.


    BUGs / Informations:
    -If Safetynet Fix is installed can cause freeze at samsung flashy logo.
    -If USB Arsenal setting HID function doesn't work try set it without ADB.
    -In kernel are added binaries from Nethunter_WirusMOD_r8q_vX.X_binaries.7z(without modules) but they aren't copied automatically.
    -airodump-ng can't self change channels for wlan0.
    -If monitor mode for wlan0 doesn't work. Enable wifi connection > disable it -> enable monitor mode with Nethunter apk and try airodump wlan0
    -Change channel in wlan0 monitor mode and frame capture:
    iwpriv wlan0 setMonChan 36 2 - Setting channel 36
    tcpdump -i wlan0 -w <tcpdump.pcap>

    Docker Installation:

    Every Commando execute in Termux app! More info here

    pkg install root-repo
    pkg install golang make cmake ndk-multilib tsu tmux docker

    mkdir $TMPDIR/docker-build
    cd $TMPDIR/docker-build
    wget https://github.com/krallin/tini/archive/v0.19.0.tar.gz
    tar xf v0.19.0.tar.gz
    cd tini-0.19.0
    mkdir build
    cd build
    cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=$PREFIX ..
    make -j8
    make install
    ln -s $PREFIX/bin/tini-static $PREFIX/bin/docker-init

    1. Run docker server
    sudo dockerd --iptables=false

    2. Test of those two containers work
    sudo docker run hello-world
    sudo docker run --network host --name nginx nginx:latest
    #Go with browser to IP address of your smartphone with port 80. If you get nginx default page it works!

    #Internet in docker containers
    sudo ip route add default via <Gateway> dev wlan0
    sudo ip rule add from all lookup main pref 30000


    BUGs / Informations:
    - option to forward ports from docker network to host does not work ( e.q. -p 0.0.0.0:80:3000) you need to use Host mode "--network host"
    - Not every container for arm64 works with android. e.q official gitea can not bind port 3000. (I made special version of gitea with fix more info here)

    Docker Screens:

    docker containers.jpg
    Gitea.jpg
    Nginx.jpg



    Screens:

    NetHunter.jpg
    NetHunter Terminal.jpg




    Credits:
    Samsung for Kernel Source
    Nethunter creators for the best portable penetration testing tool.
    afaneh92 for TWRP and multidisabler
    jesec for unlock guide



    XDA:DevDB Information
    [KERNEL] Nethunter for Galaxy S20 FE 5G (Snapdragon)

    Contributors

    Svirusx
    Source Code: https://github.com/Svirusx/Nethunter-Kernel-S20_FE_5G

    Kernel Special Features:

    Version Information
    Status:
    Beta

    Created 2020-12-21
    Last Updated 2021-09-11
    1
    Hello. Is Qualcomm wifi firmwares supports injections ? (deauth, attacks...) Needs patch for injections ?
    I am using Sony Xperia Z5 Compact and it uses Broadcomm 43455 firmware. I patched via NexMon, and monitor mode injections works well.
    This depends which version of driver "Qcacld" is installed in kernel. Qcacld-2.0 support injections, Qcacld-3.0 does not support. Qcacld driver is open source there is possible to get injection with Qcacld-3.0 when someone make patch for it or codeaurora release support for injection.
    1
    Is your applied wlan0 (internal) injection patch this right:
    This injection patch is for USB wifi cards not for wlan0
    1
    Okay so, this is my last question hopefully
    I didn't understand this step and beyond

    7. Extract Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries to folders:
    Android 11 = Firmwares: /vendor/firmware_mnt/image/
    Android 10 = Firmwares: /vendor/etc/firmware_mnt/image/
    Firmwares: Give permissions to every file rw-r--r-- (if they aren't set)
    hid-keyboard binary: system/xbin/ and give permissions to it rwxr-xr-x
    8. Reboot

    I can't find any file named "Nethunter_WirusMOD_r8q_vX.X_binaries.7z and binaries"
    I know that X.X is for differing version numbers, yet I didn't find any with a suffix of _binaries.7z, now unless he meant the file named "Nethunter_WirusMOD_Binaries_Android_11.zip" which is possible but pretty far off with the name or the other file which I used to flash the kernel "Nethunter_WirusMOD_r8q_v2.3.zip" the thing is none of them end with .7z
    Also after it what did he mean by giving write permissions to files? How do I do that? Using a text editor? terminal? or something else?
    I would say it's the 2nd zip file you linked to... Nethunter_WirusMOD_
    r8q_v2.3.zip
    it has a version number but the archive type is .zip instead of .7z (7zip). permissions can be fixed with a good root capable file manager or with TWRP.
    the file manager might be easier, usually long press on the content of that archive once you've extracted and copied them into the location /vendor/firmware_mnt/image/
    permissions should be an option that comes up with a long press. it is expressed either in letters or numbers rw-r--r-- if it's numbers you'd need to enter 644 then OK it.
    using TWRP and it's Chmod command might be safer as the folder you are being told to write to needs to be ''mounted'' as writable before you can put files there (I don't know if we'd have that these days just using a file manager, someone else will need to confirm that). TWRP should be able to mount system for you hopefully so that's the better option to try. extract that zip file with the phone turned on, boot to recovery, try mounting system, use TWRP's file manager to move the extracted binaries then use Chmod to fix the permissions to 644.

    permissions explained https://its.unc.edu/research-computing/techdocs/how-to-use-unix-and-linux-file-permissions/
    1
    open su terminal and give this command:

    mknod --mode=666 /dev/hidg0 c 240 0 && mknod --mode=666 /dev/hidg1 c 240 1 && dmesg | grep hidg

    Then set functions on usb arsenal.
    ignore this topic, long time for that😂