- May 8, 2017
I present to you: Kali NetHunter for the Huawei Nexus 6P LOS17.1
Kali NetHunter is an Android ROM overlay that turns an ordinary phone into the ultimate Mobile Penetration Testing Platform.
The overlay includes a custom kernel, a Kali Linux chroot, an accompanying Android application, which allows for easier interaction with various security tools and attacks, as well as a client to the Kali NetHunter App Store.
Beyond the penetration testing tools arsenal within Kali Linux and the Kali NetHunter App Store, NetHunter also supports several additional classes, such as HID Keyboard Attacks, BadUSB attacks, Evil AP MANA attacks, and much more. For more information about the moving parts that make up NetHunter, check out our NetHunter Components page.
NetHunter is an open-source project developed by Offensive Security and the community.
~ Prerequisites ~
- TWRP - https://drive.google.com/open?id=1axm3GVbTKypUdQAuYubNknJX4wKRFIec
- Stock components - vendor, radio, & bootloader img's from the stock oreo 8.1 OPM7.181205.001 Dec 2018 factory image - https://androidfilehost.com/?w=files&flid=286833
- Magisk – https://forum.xda-developers.com/apps/magisk
~~ Downloads ~~
- NetHunter installer: https://www.androidfilehost.com/?fid=8889791610682950294
- fstab with disabled forceencrpyt - https://www.androidfilehost.com/?fid=4349826312261764572
- vendor image with patched fw for nexmon - https://www.androidfilehost.com/?fid=8889791610682949885
- nexmon zip with nexutil and libs - https://www.androidfilehost.com/?fid=8889791610682951480
- Bootanimation TWRP flasher - https://www.androidfilehost.com/?fid=10763459528675571003
~~ How to Install ~~
- Assuming you have flashed stock radio, vendor, bootloader, TWRP, and Lineage 17.1 (using the steps from https://forum.xda-developers.com/ne...t/rom-lineageos-17-0-nexus-6p-angler-t4012099)
- Copy Magisk, NetHunter image, bootanimation zip, and fstab to USB-C drive
- Plug in to PC if you haven't done that yet
- Reboot into bootloader and flash vendor which was unzipped from zip
fastboot flash vendor vendor.squashfs
- Copy fstab to /system_root/, and format data
adb push fstab.angler /sdcard/ adb shell "twrp mount /system_root && twrp remountrw /system_root && cp /sdcard/fstab.angler /system_root/"
- Reboot to system & do Android setup
- Reboot into TWRP
- Flash NetHunter image
- Flash bootanimation zip
#apps could not be flashed through TWRP, we have to do manually
- Download and install NetHunter Store from store.nethunter.com
- Install NH app, terminal, kex
- Run NetHunter app
~~~ Notes & Updates ~~~
Nexmon is finally working in Kali Chroot , although we're open to anything reported because we can't test everything.
- copy Nexmon libs over to /system/lib64/ from the nexmon.zip (not in TWRP):
adb push libnexmon* /sdcard/ && adb push nexutil /sdcard/
mount -o rw,remount / && cp /sdcard/libnexmonkali.so /system/lib64/kalilibnexmon.so && cp /sdcard/libnexmon.so /system/lib64/ && cp /sdcard/nexutil /system/xbin/ && chmod a+x /system/xbin/nexutil
For devices which have no space left on system: you need to copy those files before flashing NetHunter. I didn't have this problem, maybe due to GApps pico. Then use the following commands in TWRP:
twrp mount /system_root && twrp remountrw /system_root && cp /sdcard/libnexmonkali.so /system_root/system/lib64/kalilibnexmon.so && cp /sdcard/libnexmon.so /system_root/system/lib64/ && cp /sdcard/nexutil /system_root/system/xbin/ && chmod a+x /system_root/system/xbin/nexutil
Thanks @JaK3sT for discovering this!
You have to make sure that wifi is on but you're not connected to an AP.
Enable in AndroidSU terminal, I created a custom command with
Hijacker is not fully supported as I've built one with aarch64 tools, but it randomly stops airodump although it's working. Will give it a shot in the future.
- Mana is being replaced, for the time being you can downgrade iptables in chroot with the following :
wget http://old.kali.org/kali/pool/main/i/iptables/iptables_1.6.2-1.1_arm64.deb wget http://old.kali.org/kali/pool/main/i/iptables/libip4tc0_1.6.2-1.1_arm64.deb wget http://old.kali.org/kali/pool/main/i/iptables/libip6tc0_1.6.2-1.1_arm64.deb wget http://old.kali.org/kali/pool/main/i/iptables/libiptc0_1.6.2-1.1_arm64.deb wget http://old.kali.org/kali/pool/main/i/iptables/libxtables12_1.6.2-1.1_arm64.deb dpkg -i *.deb apt-mark hold iptables apt-mark hold libip4tc0 apt-mark hold libip6tc0 apt-mark hold libiptc0 apt-mark hold libxtables12
Credits: The Offensive Security Team and the NetHunter community, huge thanks to Re4son & kimocoder for patching the wlan1 insert reboot issue! Long time mystery.
Another extremely big thanks for @draco42 for patching libnexmon and kalilibnexmon!
Android Version: 10.0
XDA: DevDB Information
Kali Nethunter, Kernel & ROM for the Huawei Nexus 6P
@Re4son, @kimocoder, @yesimxev, @draco42
Source Code: https://gitlab.com/kalilinux/nethunter/
Kernel Source: https://github.com/Re4son/android_kernel_huawei_angler