├── META-INF └── com │ └── google │ └── android │ └── update-binary ├── Makefile ├── scripts ├── bootkali ├── bootkali_bash ├── bootkali_env ├── bootkali_init ├── bootkali_login └── killkali └── tools ├── busybox ├── installbusybox.sh └── installchroot.sh /META-INF/com/google/android/update-binary: -------------------------------------------------------------------------------- 1 | #!/sbin/sh 2 | # Kali Linux chroot installer 3 | 4 | [ "$3" ] && { 5 | zip=$3 6 | console=/proc/$$/fd/$2 7 | # write the location of the console buffer to /tmp/console for other scripts to use 8 | echo "$console" > /tmp/console 9 | } || { 10 | console=$(cat /tmp/console) 11 | [ "$console" ] || console=/proc/$$/fd/1 12 | } 13 | 14 | tmp=/tmp/kali-chroot 15 | 16 | progress() { 17 | echo "set_progress $1" > $console 18 | } 19 | 20 | print() { 21 | echo "ui_print $1" > $console 22 | echo 23 | } 24 | 25 | abort() { 26 | [ "$1" ] && { 27 | print "Error: $1" 28 | print "Aborting..." 29 | } 30 | cleanup 31 | print "Failed to install Kali Linux chroot!" 32 | exit 1 33 | } 34 | 35 | cleanup() { 36 | rm /system/.rw 37 | rm /data/.rw 38 | 39 | umount /system 40 | umount /data 41 | 42 | [ "$zip" ] && rm /tmp/console 43 | } 44 | 45 | install() { 46 | setperm "$2" "$3" "$tmp$1" 47 | if [ "$4" ]; then 48 | cp -r "$tmp$1" "$(dirname "$4")/" 49 | return 50 | fi 51 | cp -r "$tmp$1" "$(dirname "$1")/" 52 | } 53 | 54 | extract() { 55 | rm -rf "$2" 56 | mkdir -p "$2" 57 | unzip -o "$1" -d "$2" || { 58 | abort "Unable to extract! The zip may be corrupt or your device may not have enough RAM to proceed. Consider using a smaller installer if it is available." 59 | } 60 | } 61 | 62 | setperm() { 63 | find "$3" -type d -exec chmod "$1" {} \; 64 | find "$3" -type f -exec chmod "$2" {} \; 65 | } 66 | 67 | mount() { 68 | mountpoint -q "$1" || /sbin/busybox mount -o rw "$1" || abort "Unable to mount $1 as rw!" 69 | >> "$1/.rw" && return || /sbin/busybox mount -o remount,rw "$1" 70 | >> "$1/.rw" && return || abort "Unable to write to $1!" 71 | } 72 | 73 | print "##################################################" 74 | print "## ##" 75 | print "## 88 a8P db 88 88 ##" 76 | print "## 88 .88' d88b 88 88 ##" 77 | print "## 88 88' d8''8b 88 88 ##" 78 | print "## 88 d88 d8' '8b 88 88 ##" 79 | print "## 8888'88. d8YaaaaY8b 88 88 ##" 80 | print "## 88P Y8b d8''''''''8b 88 88 ##" 81 | print "## 88 '88. d8' '8b 88 88 ##" 82 | print "## 88 Y8b d8' '8b 888888888 88 ##" 83 | print "## ##" 84 | print "#### ############# NetHunter ####################" 85 | 86 | # Unpack the installer 87 | [ "$zip" ] && { 88 | print "@Unpacking the installer, this may take a while..." 89 | extract "$zip" "$tmp" 90 | } 91 | cd "$tmp" 92 | 93 | progress 0.0 94 | print "@Starting the install process" 95 | 96 | mount /data 97 | mount /system 98 | 99 | progress 0.1 100 | 101 | setperm 0755 0755 "$tmp/tools" 102 | 103 | # Install additional busybox applets to /sbin in case something is missing during installation 104 | print "@Installing busybox applets to /sbin" 105 | cp tools/busybox /sbin/busybox_nh 106 | /sbin/busybox_nh --install /sbin 107 | 108 | progress 0.4 109 | 110 | print "@Running busybox installer..." 111 | sh tools/installbusybox.sh 112 | 113 | progress 0.7 114 | 115 | [ -d "$tmp/scripts" ] && { 116 | print "Installing scripts to /system/bin" 117 | install "/scripts" 0755 0755 "/system/bin" 118 | } 119 | 120 | progress 0.8 121 | 122 | print "@Running Kali chroot installer..." 123 | sh tools/installchroot.sh 124 | 125 | cleanup 126 | print "************************************************" 127 | print "* Kali Linux is now installed! *" 128 | print "* To boot into the chroot, simply run (as su): *" 129 | print "* root@android:/# bootkali *" 130 | print "************************************************" 131 | progress 1.0 132 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | ZIP := kali-chroot-installer.zip 2 | 3 | EXCLUDE := Makefile *.git* 4 | 5 | all: $(ZIP) 6 | 7 | $(ZIP): 8 | @echo "Creating ZIP: $(ZIP)" 9 | @zip -r9 "$@" . -x $(EXCLUDE) 10 | @echo "Generating SHA1..." 11 | @sha1sum "$@" > "$@.sha1" 12 | @cat "$@.sha1" 13 | @echo "Done." 14 | 15 | clean: 16 | @rm -f "$(ZIP)" "$(ZIP).sha1" 17 | @echo "Done." 18 | -------------------------------------------------------------------------------- /scripts/bootkali: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | ######### IMPORT BOOTKALI ENVIRONMENT ######### 4 | SCRIPT_PATH=$(readlink -f $0) 5 | . ${SCRIPT_PATH%/*}/bootkali_env 6 | 7 | # EXECUTE CHROOT / ADD ARGUMENTS TO LAUNCH SPECIFIC PROGRAMS 8 | # 9 | # --------------- START / STOP ARGUMENTS ----------------- # 10 | # apache, beef-xss, dhcp, dnsmasq, hid-cmd, openvpn, ssh, 11 | # mana {stop}, mana-full, mana-noup, mana-noupeap, mana-simple, 12 | # mana-bdf, msf, fruitywifi 13 | # --------------- SINGLE ARGUMENT ------------------------- # 14 | # hid-cmd, hid-cmd-elevated-win[7-8], wifite, iptables, update 15 | # start-rev-met, start-rev-met-elevated-win[8-7] 16 | 17 | if [ $# -eq 0 ]; then 18 | $busybox chroot $mnt /bin/bash -i 19 | else 20 | 21 | #APACHE 22 | 23 | if [ "$1" == "apache" ] && [ "$2" == "start" ]; then 24 | $busybox chroot $mnt sudo service apache2 start 25 | fi 26 | if [ "$1" == "apache" ] && [ "$2" == "stop" ]; then 27 | $busybox chroot $mnt sudo service apache2 stop 28 | fi 29 | 30 | #BEEF-XSS 31 | 32 | if [ "$1" == "beef-xss" ] && [ "$2" == "start" ]; then 33 | LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8 LC_ALL=en_US.UTF-8 $busybox chroot $mnt sudo service beef-xss start 34 | sleep 35 35 | am start -a android.intent.action.VIEW -d http://127.0.0.1:3000/ui/panel 36 | fi 37 | if [ "$1" == "beef-xss" ] && [ "$2" == "stop" ]; then 38 | $busybox chroot $mnt sudo service beef-xss stop 39 | fi 40 | 41 | #DHCP 42 | 43 | if [ "$1" == "dhcp" ] && [ "$2" == "start" ]; then 44 | $busybox chroot $mnt sudo service isc-dhcp-server start 45 | fi 46 | if [ "$1" == "dhcp" ] && [ "$2" == "stop" ]; then 47 | $busybox chroot $mnt sudo service isc-dhcp-server stop 48 | fi 49 | 50 | #DNSMASQ 51 | 52 | if [ "$1" == "dnsmasq" ] && [ "$2" == "start" ]; then 53 | $busybox chroot $mnt service dnsmasq start 54 | fi 55 | if [ "$1" == "dnsmasq" ] && [ "$2" == "stop" ]; then 56 | $busybox chroot $mnt service dnsmasq stop 57 | fi 58 | 59 | #HOSTAPD 60 | 61 | if [ "$1" == "hostapd" ] && [ "$2" == "start" ]; then 62 | #$busybox chroot $mnt /usr/sbin/hostapd /etc/hostapd/hostapd.conf >/dev/null 2>&1 /dev/null 67 | $busybox chroot $mnt service hostapd stop 68 | fi 69 | 70 | #IPTABLES 71 | 72 | if [ "$1" == "iptables" ]; then 73 | $busybox chroot $mnt sh /sdcard/nh_files/configs/iptables.conf 74 | fi 75 | 76 | #MANA (is now using only the stop scripts) 77 | 78 | if [ "$1" == "mana-lollipop" ] && [ "$2" == "stop" ]; then 79 | $busybox chroot $mnt /usr/bin/stop-mana-lollipop 80 | fi 81 | if [ "$1" == "mana-kitkat" ] && [ "$2" == "stop" ]; then 82 | $busybox chroot $mnt /usr/bin/stop-mana-kitkat 83 | fi 84 | 85 | #MSF 86 | 87 | if [ "$1" == "msf" ] && [ "$2" == "start" ]; then 88 | $busybox chroot $mnt start-msf.sh 89 | fi 90 | if [ "$1" == "msf" ] && [ "$2" == "stop" ]; then 91 | $busybox chroot $mnt stop-msf.sh 92 | fi 93 | 94 | #OPENVPN 95 | 96 | if [ "$1" == "openvpn" ] && [ "$2" == "start" ]; then 97 | $busybox chroot $mnt service openvpn start 98 | fi 99 | if [ "$1" == "openvpn" ] && [ "$2" == "stop" ]; then 100 | $busybox chroot $mnt service openvpn stop 101 | fi 102 | 103 | # HID Keyboard Command a.k.a Teensy style 104 | # Supported keyboard layouts: US, FR, EN, ES 105 | # We can pass language options to bootkali like: 106 | # bootkali start-rev-met --us | --fr | --de | --es 107 | 108 | if [ "$1" == "start-rev-met" ]; then 109 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh start-rev-met "$2" | /system/bin/sh 110 | fi 111 | if [ "$1" == "start-rev-met-elevated-win7" ]; then 112 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh start-rev-met-elevated-win7 $2 | /system/bin/sh 113 | fi 114 | if [ "$1" == "start-rev-met-elevated-win8" ]; then 115 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh start-rev-met-elevated-win8 $2 | /system/bin/sh 116 | fi 117 | if [ "$1" == "start-rev-met-elevated-win10" ]; then 118 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh start-rev-met-elevated-win10 $2 | /system/bin/sh 119 | fi 120 | if [ "$1" == "hid-cmd-elevated-win10" ]; then 121 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh hid-cmd-elevated-win10 "$2" | /system/bin/sh 122 | fi 123 | if [ "$1" == "hid-cmd-elevated-win8" ]; then 124 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh hid-cmd-elevated-win8 "$2" | /system/bin/sh 125 | fi 126 | if [ "$1" == "hid-cmd-elevated-win7" ]; then 127 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh hid-cmd-elevated-win7 "$2" | /system/bin/sh 128 | fi 129 | if [ "$1" == "hid-cmd" ]; then 130 | $busybox chroot $mnt sudo /usr/bin/hid-all.sh hid-cmd "$2" | /system/bin/sh 131 | fi 132 | 133 | # DUCK HUNT - Rubber Ducky conversion script to nethunter 134 | # Requires argument to generate based on language. e.g.: 135 | # bootkali duck-hunt-convert us /sdcard/nh_files/modules/ducktest.txt /opt/duckout.sh 136 | # Languages supported: us, fr, de, es,sv, it, uk, ru, dk, no, pt, be 137 | # 138 | # Run converted script with: 139 | # bootkali duck-hunt-run {/opt/duckout.sh} 140 | 141 | if [ "$1" == "duck-hunt-convert" ]; then 142 | $busybox chroot $mnt sudo python /sdcard/nh_files/modules/duckhunter.py -l $2 $3 $4 143 | $busybox chroot $mnt sudo chmod 755 $4 144 | fi 145 | if [ "$1" == "duck-hunt-run" ]; then 146 | if [ ! -f /data/local/nhsystem/kali-armhf$2 ]; then 147 | echo "File not found" 148 | else 149 | echo "File /data/local/nhsystem/kali-armhf$2 found" 150 | $busybox chroot $mnt /bin/bash $2 151 | fi 152 | fi 153 | 154 | # File2HID will convert any file or string to HID for keyboard goodness 155 | # bootkali file2hid-file -f fileinput.txt -l us 156 | # bootkali file2hid-string -s "string" -l us 157 | 158 | if [ "$1" == "file2hid-file" ]; then 159 | $busybox chroot $mnt sudo python /sdcard/nh_files/modules/filetohid.py -f $2 -l us 160 | fi 161 | if [ "$1" == "file2hid-string" ]; then 162 | $busybox chroot $mnt sudo python /sdcard/nh_files/modules/filetohid.py -s $2 -l us 163 | fi 164 | 165 | #SSH 166 | 167 | if [ "$1" == "ssh" ] && [ "$2" == "start" ]; then 168 | $busybox chroot $mnt sudo service ssh start 169 | fi 170 | if [ "$1" == "ssh" ] && [ "$2" == "stop" ]; then 171 | $busybox chroot $mnt sudo service ssh stop 172 | fi 173 | 174 | #UPDATE 175 | 176 | if [ "$1" == "update" ]; then 177 | LANG=C PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt sudo /usr/bin/start-update.sh 178 | fi 179 | 180 | #Disable WLAN1 181 | 182 | if [ "$1" == "wifi-disable" ]; then 183 | LANG=C PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt sudo /usr/bin/stop-wlan1.sh 184 | fi 185 | 186 | #WIFITE 187 | 188 | if [ "$1" == "wifite" ]; then 189 | $busybox chroot $mnt sudo /bin/bash -c "chmod 777 /dev/null" 190 | ifconfig wlan1 up 191 | sleep 3 192 | LANG=C PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt sudo /usr/bin/python /usr/bin/wifite 193 | fi 194 | 195 | #FRUITYWIFI 196 | 197 | if [ "$1" == "fruitywifi" ] && [ "$2" == "start" ]; then 198 | $busybox chroot $mnt /etc/init.d/php5-fpm start 199 | $busybox chroot $mnt /etc/init.d/fruitywifi start 200 | sleep 15 201 | am start -a android.intent.action.VIEW -d http://127.0.0.1:8000 202 | fi 203 | if [ "$1" == "fruitywifi" ] && [ "$2" == "stop" ]; then 204 | $busybox chroot $mnt /etc/init.d/fruitywifi stop 205 | $busybox chroot $mnt /etc/init.d/php5-fpm stop 206 | fi 207 | 208 | #MACCHANGER 209 | # Usage: bootkali macchanger 210 | # bootkali macchanger random 211 | 212 | if [ "$1" == "macchanger_random" ]; then 213 | $busybox chroot $mnt sudo /usr/bin/macchanger --random $2 214 | fi 215 | if [ "$1" == "macchanger_custom" ]; then 216 | $busybox chroot $mnt sudo /usr/bin/macchanger --mac=$2 $3 217 | fi 218 | if [ "$1" == "macchanger_original" ]; then 219 | $busybox chroot $mnt sudo /usr/bin/macchanger --permanent $2 220 | fi 221 | 222 | #KALIMENU 223 | 224 | if [ "$1" == "kalimenu" ]; then 225 | $busybox chroot $mnt sudo /usr/bin/kalimenu 226 | fi 227 | 228 | #YCABLE ¯\_(ಠ_ಠ)_/¯ 229 | 230 | if [ "$1" == "ycable" ] && [ "$2" == "start" ]; then 231 | if [ -f "/sys/module/msm_otg/parameters/usbhost_charge_mode" ]; then 232 | echo "1" > /sys/module/msm_otg/parameters/usbhost_charge_mode 233 | fi 234 | if [ -f "/sys/module/tegra_otg/parameters/tegra_otg_on_charging" ]; then 235 | echo "Y" > /sys/module/tegra_otg/parameters/tegra_otg_on_charging 236 | fi 237 | if [ -f "/sys/module/dwc3/parameters/aca_enable" ]; then 238 | echo "Y" > /sys/module/dwc3/parameters/aca_enable 239 | fi 240 | if [ -f "/sys/module/dwc3/parameters/otg_charging" ]; then 241 | echo "Y" > /sys/module/dwc3/parameters/otg_charging 242 | fi 243 | fi 244 | 245 | if [ "$1" == "ycable" ] && [ "$2" == "stop" ]; then 246 | if [ -f "/sys/module/msm_otg/parameters/usbhost_charge_mode" ]; then 247 | echo "0" > /sys/module/msm_otg/parameters/usbhost_charge_mode 248 | fi 249 | if [ -f "/sys/module/tegra_otg/parameters/tegra_otg_on_charging" ]; then 250 | echo "N" > /sys/module/tegra_otg/parameters/tegra_otg_on_charging 251 | fi 252 | if [ -f "/sys/module/dwc3/parameters/aca_enable" ]; then 253 | echo "N" > /sys/module/dwc3/parameters/aca_enable 254 | fi 255 | if [ -f "/sys/module/dwc3/parameters/otg_charging" ]; then 256 | echo "N" > /sys/module/dwc3/parameters/otg_charging 257 | fi 258 | fi 259 | 260 | #CUSTOM BUTTONS 261 | 262 | if [ "$1" == "custom_cmd" ]; then 263 | commmand="" 264 | LANG=C PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 265 | while test $# -gt 0 266 | do 267 | shift 268 | commmand=${commmand}" "$1 269 | done 270 | $busybox chroot $mnt sudo $commmand 271 | fi 272 | 273 | #MFOC MIFARE DUMP 274 | 275 | if [ "$1" == "dumpmifare" ]; then 276 | $busybox chroot $mnt /usr/bin/dumpmifare.sh 277 | fi 278 | 279 | #APT-GET 280 | #Example: bootkali apt-get install "package-name package2" 281 | #Packages don't have to be in quotes but it doesn't hurt 282 | #Also, you can leave the packages blank and it'll just update/upgrade 283 | 284 | if [ "$1" == "apt-get" ] && [ "$2" == "install" ]; then 285 | echo -e "\e[32mHere we go!\n\nInstalling any new metapackages and update/upgrading.\n\nNote that you may be asked to interact during the installation of some packages.\n\n" 286 | echo -e "kali-chroot$ /usr/bin/apt-get update\e[0m" 287 | LANG=C PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt /usr/bin/apt-get update 288 | if [ -z ${var+x} ] || [ "$3" != "" ]; then 289 | echo -e "\e[32mkali-chroot$ /usr/bin/apt-get -y install "$3"\e[0m" 290 | LANG=C DEBIAN_FRONTEND=noninteractive PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt /usr/bin/apt-get -y install "$3" 291 | fi 292 | echo -e "\e[32mkali-chroot$ /usr/bin/apt-get -y dist-upgrade\e[0m" 293 | LANG=C DEBIAN_FRONTEND=noninteractive PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt /usr/bin/apt-get -y dist-upgrade 294 | LANG=C DEBIAN_FRONTEND=noninteractive PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt /usr/bin/apt-get -y install "$3" 295 | echo -e "\e[32mkali-chroot$ /usr/bin/apt-get -y dist-upgrade\e[0m" 296 | LANG=C DEBIAN_FRONTEND=noninteractive PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $busybox chroot $mnt /usr/bin/apt-get -y dist-upgrade 297 | echo -e "\e[32m" 298 | printf "\n\nDone!\n\nPress the 'back' key to return to Nethunter.\n\nIf you noticed errors, press the up-arrow key (if your keyboard supports it) to review previously-issued commands.\n" 299 | printf "And remember to use the 'Maintain Chroot' button in the Chroot Manager to keep your chroot up-to-date and to install new metapackages.\n\n" 300 | echo -e "\e[0m" 301 | fi 302 | fi 303 | -------------------------------------------------------------------------------- /scripts/bootkali_bash: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | ######### IMPORT BOOTKALI ENVIRONMENT ######### 4 | SCRIPT_PATH=$(readlink -f $0) 5 | . ${SCRIPT_PATH%/*}/bootkali_env 6 | 7 | $busybox chroot $mnt /bin/bash -i 8 | -------------------------------------------------------------------------------- /scripts/bootkali_env: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | ######### IMPORT BOOTKALI INITIALIZATION ######### 4 | SCRIPT_PATH=$(readlink -f $0) 5 | . ${SCRIPT_PATH%/*}/bootkali_init 6 | 7 | ######### EXPORT ENVIRONMENT ######### 8 | export bin=/system/bin 9 | export mnt=$mnt 10 | PRESERVED_PATH=$PATH 11 | export PATH=/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/local/sbin:$PATH 12 | export TERM=linux 13 | export HOME=/root 14 | export USER=root 15 | export LOGNAME=root 16 | unset LD_PRELOAD 17 | 18 | ######### TERMINAL SETUP ######### 19 | $busybox resize 20 | clear 21 | -------------------------------------------------------------------------------- /scripts/bootkali_init: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | if [ -x /system/xbin/busybox_nh ]; then 4 | busybox=/system/xbin/busybox_nh 5 | elif [ -x /sbin/busybox_nh ]; then 6 | busybox=/sbin/busybox_nh 7 | elif [ -x /system/xbin/busybox ]; then 8 | busybox=/system/xbin/busybox 9 | elif [ -x /data/local/bin/busybox ]; then 10 | busybox=/data/local/bin/busybox 11 | elif [ -x /system/bin/busybox ]; then 12 | busybox=/system/bin/busybox 13 | else 14 | echo "Busybox not found! Install it, dummy!" 15 | log "Busybox not found! Install it, dummy!" 16 | exit 1 17 | fi 18 | 19 | su 0 setenforce 0 20 | 21 | ######### CHECK FOR ROOT ######### 22 | f_checkforroot(){ 23 | perm=$(id | $busybox cut -b 5) 24 | if [ "$perm" != "0" ]; then 25 | echo "ROOT NOT DETECTED! Type: su or install SuperSU to fix" 26 | exit 1 27 | fi 28 | } 29 | 30 | ######### VARIABLES ######### 31 | mnt=/data/local/nhsystem/kali-armhf 32 | 33 | ######### CHECK FOR INSTALL ######### 34 | # 35 | # There is a bug that will create the resolv.conf 36 | # If we continue on with bootkali even after we 37 | # remove chroot. So stop here if removed or else 38 | # chroot is never uninstalled. 39 | 40 | if [ ! -d "$mnt/usr" ]; then 41 | echo "Missing a required folder. Something isn't right" 42 | exit 1 43 | fi 44 | 45 | ######### SET TUN ######## 46 | mkdir -p /dev/net 47 | ln -s /dev/tun /dev/net/tun 2> /dev/null 48 | 49 | ######### SET DNS ######## 50 | > $mnt/etc/resolv.conf # empty dns entries 51 | 52 | for i in 1 2 3 4; do 53 | if [ -z "$(getprop net.dns${i})" ]; then 54 | # we go through 1-4 dns servers and break out of loop on empty 55 | break 56 | else 57 | # add local/device dns server first 58 | echo "nameserver $(getprop net.dns${i})" >> $mnt/etc/resolv.conf 59 | fi 60 | done 61 | 62 | # lastly add two default dns entries 63 | echo "nameserver 208.67.222.222" >> $mnt/etc/resolv.conf 64 | echo "nameserver 208.67.220.220" >> $mnt/etc/resolv.conf 65 | chmod 644 $mnt/etc/resolv.conf 66 | 67 | ######### MOUNT ######### 68 | 69 | ## Should run always (https://su.chainfire.eu/#how-mount) 70 | $busybox mount -o remount,suid /data 71 | 72 | # If chroot's /dev is mounted, assume the chroot is already running and skip initialization 73 | if ! $busybox mountpoint -q $mnt/dev; then 74 | f_checkforroot 75 | 76 | $busybox mount -r -o bind /system $mnt/system 77 | 78 | if $busybox mountpoint -q "$EXTERNAL_STORAGE"; then 79 | $busybox mount -o bind "$EXTERNAL_STORAGE" $mnt/sdcard 80 | elif $busybox mountpoint -q /storage/emulated/0; then 81 | $busybox mount -o bind /storage/emulated/0 $mnt/sdcard 82 | elif $busybox mountpoint -q /storage/emulated/legacy; then 83 | $busybox mount -o bind /storage/emulated/legacy $mnt/sdcard 84 | else 85 | $busybox mount -o bind /sdcard $mnt/sdcard 86 | fi 87 | 88 | # Grab the first available secondary storage and assume it's a micro SDcard 89 | SDCARD=$(echo "$SECONDARY_STORAGE" | $busybox cut -d: -f1) 90 | if $busybox mountpoint -q "$SDCARD"; then 91 | $busybox mount -o bind "$SDCARD" $mnt/external_sd 92 | fi 93 | 94 | $busybox mount -o bind /storage/usbdisk $mnt/mnt/usbdisk 95 | $busybox mount -o bind /dev $mnt/dev 96 | $busybox mount -t devpts devpts $mnt/dev/pts 97 | $busybox mount -t proc proc $mnt/proc 98 | $busybox mount -t sysfs sysfs $mnt/sys 99 | 100 | $busybox chmod 666 /dev/null 101 | 102 | # SET 250MB TO ALLOW POSTGRESQL # 103 | $busybox sysctl -w kernel.shmmax=268435456 104 | 105 | # NETWORK SETTINGS # 106 | $busybox sysctl -w net.ipv4.ip_forward=1 107 | echo "127.0.0.1 localhost kali" > $mnt/etc/hosts 108 | echo "::1 localhost ip6-localhost ip6-loopback" >> $mnt/etc/hosts 109 | echo "kali" > $mnt/proc/sys/kernel/hostname 110 | 111 | echo "The Kali chroot has been started." 112 | log "The Kali chroot has been started." 113 | else 114 | echo "The Kali chroot is already running!" 115 | fi 116 | -------------------------------------------------------------------------------- /scripts/bootkali_login: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | ######### IMPORT BOOTKALI ENVIRONMENT ######### 4 | SCRIPT_PATH=$(readlink -f $0) 5 | . ${SCRIPT_PATH%/*}/bootkali_env 6 | 7 | $busybox chroot $mnt /bin/login -f root 8 | -------------------------------------------------------------------------------- /scripts/killkali: -------------------------------------------------------------------------------- 1 | #!/system/bin/sh 2 | 3 | if [ -x /system/xbin/busybox_nh ]; then 4 | busybox=/system/xbin/busybox_nh 5 | elif [ -x /sbin/busybox_nh ]; then 6 | busybox=/sbin/busybox_nh 7 | elif [ -x /system/xbin/busybox ]; then 8 | busybox=/system/xbin/busybox 9 | elif [ -x /data/local/bin/busybox ]; then 10 | busybox=/data/local/bin/busybox 11 | elif [ -x /system/bin/busybox ]; then 12 | busybox=/system/bin/busybox 13 | else 14 | echo "Busybox not found! Install it, dummy!" 15 | log "Busybox not found! Install it, dummy!" 16 | exit 17 | fi 18 | 19 | export bin=/system/bin 20 | export mnt=/data/local/nhsystem/kali-armhf 21 | PRESERVED_PATH=$PATH 22 | export PATH=/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/local/sbin:$PATH 23 | export TERM=linux 24 | export HOME=/root 25 | export LOGNAME=root 26 | unset LD_PRELOAD 27 | 28 | # set shmmax to 128mb to free memory# 29 | 30 | $busybox sysctl -w kernel.shmmax=134217728 31 | 32 | echo "Shutting down SSH Server" 33 | $busybox chmod 666 /dev/null 34 | 35 | $busybox chroot $mnt /etc/init.d/ssh stop 36 | 37 | echo "Shutting down Postgresql" 38 | $busybox chroot $mnt /etc/init.d/postgresql stop 39 | 40 | # unmount everything 41 | 42 | echo "Removing all Kali mounts" 43 | $busybox umount $mnt/dev/pts && echo "unmounted pts" 44 | $busybox umount $mnt/dev && echo "unmounted dev" 45 | $busybox umount $mnt/proc && echo "unmounted proc" 46 | $busybox umount $mnt/sys && echo "unmounted sys" 47 | $busybox umount $mnt/system && echo "unmounted system" 48 | $busybox umount $mnt/sdcard && echo "unmounted sdcard" 49 | $busybox umount $mnt/external_sd && echo "unmounted external_sd" 50 | 51 | export PATH=$PRESERVED_PATH 52 | -------------------------------------------------------------------------------- /tools/busybox: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jcadduono/kali-chroot-installer/4890695bc05b7f59713fa8a5233c0df2c44c9c2f/tools/busybox -------------------------------------------------------------------------------- /tools/installbusybox.sh: -------------------------------------------------------------------------------- 1 | #!/sbin/sh 2 | # Install NetHunter's busybox 3 | 4 | TMP=/tmp/kali-chroot 5 | 6 | console=$(cat /tmp/console) 7 | [ "$console" ] || console=/proc/$$/fd/1 8 | 9 | print() { 10 | echo "ui_print - $1" > $console 11 | echo 12 | } 13 | 14 | XBIN=/system/xbin 15 | 16 | print "Installing busybox..." 17 | rm -f $XBIN/busybox_nh 18 | cp $TMP/tools/busybox $XBIN/busybox_nh 19 | chmod 755 $XBIN/busybox_nh 20 | $XBIN/busybox_nh --install -s $XBIN 21 | 22 | [ -e "$XBIN/busybox" ] || { 23 | print "$XBIN/busybox not found! Symlinking..." 24 | ln -s $XBIN/busybox_nh $XBIN/busybox 25 | } 26 | -------------------------------------------------------------------------------- /tools/installchroot.sh: -------------------------------------------------------------------------------- 1 | #!/sbin/sh 2 | # Install Kali Linux chroot 3 | 4 | TMP=/tmp/kali-chroot 5 | ARCH=armhf 6 | 7 | console=$(cat /tmp/console) 8 | [ "$console" ] || console=/proc/$$/fd/1 9 | 10 | print() { 11 | echo "ui_print - $1" > $console 12 | echo 13 | } 14 | 15 | NHSYS=/data/local/nhsystem 16 | CHROOT=$NHSYS/kali-$ARCH 17 | 18 | # Check installer for kalifs archive 19 | KALIFS=$(ls $TMP/kalifs-*.tar.xz) 20 | # If not found, check /data/local instead 21 | [ -f "$KALIFS" ] || KALIFS=$(ls /data/local/kalifs-*.tar.xz) 22 | 23 | # If kalifs-*.tar.xz is present, then extract 24 | [ -f "$KALIFS" ] && { 25 | print "Found Kali chroot to be installed: $KALIFS" 26 | mkdir -p "$NHSYS" 27 | 28 | # Remove previous chroot 29 | [ -d "$CHROOT" ] && { 30 | print "Removing previous chroot..." 31 | rm -rf "$CHROOT" 32 | } 33 | 34 | # Extract new chroot 35 | print "Extracting Kali rootfs, this may take up to 25 minutes..." 36 | busybox_nh tar -xJf "$KALIFS" -C "$NHSYS" --exclude "kali-$ARCH/dev" && { 37 | mkdir -pm 0755 "$CHROOT/dev" 38 | print "Kali chroot installed successfully!" 39 | } || { 40 | print "Error: Kali chroot failed to install!" 41 | print "Maybe you ran out of space on your data partition?" 42 | } 43 | 44 | # We should remove the rootfs archive to free up device memory or storage space 45 | rm -f "$KALIFS" 46 | } || { 47 | print "No Kali rootfs archive found. Skipping..." 48 | } 49 | --------------------------------------------------------------------------------