In previous posts we went through installation of NetHunter on almost any non-rooted and supported rooted Android device.
If your device is among NetHunter supported smartphones, however, a prebuild image is not available on the NetHunter website; I explained how to build it from sources in a previous blog.
Now when we have NetHunter installed and running, we will go through a quick introduction of the NetHunter menu, applications and their use, tools, settings etc. This will be a high level of explanation, but don’t worry, in upcoming blogposts we will go through all the tools and their usage to a great extent. Let’s start with tools that got with the rooted Android and NetHunter as well; starting with unreplaceable Magisk and its modules.
Magisk
It is a free and open-source software for the rooting of Android devices, developed by John Wu. Magisk supporting devices running higher than Android 5.0.
Older versions of Magisk allowed user to download and install modules directly from the app; however, after version 24, it is necessary to install an additional application that manages modules called FoxMagiskModuleManager (FMMM).
Either using Magisk manager or FMMM, we are particularly interested in one module – Wireless Firmware for Nethunter. In case NetHunter can’t recognize your current external wireless adapter, this module might fix it. Installing this module will add firmware support for popular external Wi-Fi adapters. You can see the list of supported wireless adapters and chipsets in Figure 1.
In the video below, I demonstrate how to install it.
NetHunter Store
The NetHunter Store is an Android app made specifically for the Kali NetHunter.
It gives users access to several tools and programs that are helpful for security analysis and penetration testing.
Users can install a variety of apps and tools created especially for use with NetHunter from the NetHunter Store such as NetHunter Terminal, NetHunter KeX, cSploit, Shodan, Hacker’s Keyboard, Orbot, Open VPN, Wigle etc.
Additionally, for downloading apps, you can use Google Play Store, F-droid, Aurora stores.
NetHunter Terminal
It is a terminal emulator program that allows users to access the command line interface (CLI) of Android. After launch, user can start one of three options: KALI, ANDROID, and ANDROIDSU.
KALI shell, a customized variation of the Bash shell, was created especially to function with the Kali Nethunter. It features several Nethunter-specific tools that are useful for penetration testing and security analysis. This sell runs under chroot, where root path is /data/local/nhsystem/kali-arm64/.
ANDROID shell is a Bash shell variant that has been designed for use with the Android operating system. It contains commands and tools tailored specifically for Android that are helpful for controlling and setting up the operating system.
ANDROIDSU shell is an extension of the Bash shell that may be used to execute commands as the superuser. With superuser rights, users can carry out operations such as system file modification and software installation that are generally only available to the system administrator.
NetHunter KeX
Nethunter KeX is a VNC client app that offers users a desktop environment that is comparable to Kali’s, allowing them to execute GUI-based programs on their Android device. Users who want to use the Kali Linux desktop environment on their Android device and are familiar with it may find this handy. Users can run several desktop programs on their Android device with Nethunter KeX, including web browsers, text editors, Wireshark, etc.
NetHunter app
The NetHunter app includes a range of options that allow users to access and manage the various tools and features as you can see in Figure 5.
Home
The first one is Home, which displays system information about kernel, root and HID status, local and external IP addresses as you can see in Figure 6.
All this information is the result of shell commands that are executed on the level of Android system, not NetHunter chroot. They are all executed after the initial launch and can be refreshed by taping on the RUN button. If you long press the command name, as in Figure 6., you can see the command responsible for output. You can alter, add new ones, or delete them.
Kali Chroot Manager
You can manage the Kali Linux chroot using the Kali Chroot Manager option. A chroot is a process that allows you to run a different operating system within your current operating system. The Kali Linux chroot enables you to use Kali tools and commands on an Android device without really changing the Android operating system.
The Kali Linux chroot can be installed, updated, or removed by selecting one of the available options. You can start or stop the chroot as well as check its status using the Chroot Manager. When the chroot is configured and working, you can utilize the NetHunter interface to launch a variety of tools and attacks from the NetHunter app interface.
The ADD METAPACKAGE option allows you to install a metapackage, which are packages that contain a collection of additional packages. Metapackages are used in Kali Linux to group related packages together and make it easier to install a set of packages that are needed for a specific task or purpose.
For example, if you want to use NetHunter for wireless testing, you might install the “wireless” metapackage.
List of all the tools and binaries in each metapackage you can find here.
Settings
This menu allows you to customize your NetHunter experience, including enabling or disabling certain features, changing boot animation, creating, and restoring backups, uninstalling NetHunter application, changing version of busybox, and configuring the NetHunter terminal style.
For changing boot animation, select Preview box and choose one from the animations. If you are fine with image resolution, tap on MAKE BOOTANIMATION that creates bootanimation.zip file and then INSTALL BOOTANIMATION that will copy it to /system/media/bootanimation.zip. After reboot, your new animation will be selected.
Now when you know where the boot animation is stored, you can pull it from your device, unzip it, and customize it. Unfortunately, there is always a risk of stucking in boot loop by messing with system files. Because of that, always backup original bootanimation.zip. In case your device will not boot after altering boot animation, you can always boot in recovery mode and replace it with your backup zip file.
Kali Services
To start or stop services running in the NetHunter chroot, you can use the Kali Services option. You can extend them with your custom services. Comparing these services to commands from Home menu, these are executed in Kali chroot shell, not by Android system shell. This means that tools installed in Kali chroot are not visible to Android system.
Custom Commands
You can create and execute custom commands in NetHunter by choosing the “Custom Commands” option. Running scripts and other shell commands inside the NetHunter chroot is made possible by this functionality.
These commands give the user more options. If we compare them with Kali Services or commands from Home, a user can decide to run them either in Kali chroot or Android and in the background or foreground as you can see in Figure 12.
If you want to go deeper and audit the source code of the NetHunter app, how it works, what commands are being executed, or even compile your custom NetHunter APK and contribute to the project, you can download the source code from the official GitLab repository.
Conclusion
The NetHunter platform runs on the Kali Linux chroot and comes with a NetHunter app that makes it simpler to install, manage, and remove the chroot.
NetHunter is a powerful and flexible security solution for Android that also comes with several settings and tools as well as the possibility to execute custom commands. In the next post we will continue by covering other tools.
Hi mobile-hacker.com administrator, Keep sharing your knowledge!