Tuesday 12 April 2016

Nethunter on Cyanogenmod 13 and oneplus one

Caution: nethunter can swallow up large amounts of valuable time. Only use it if you have time to spare and don't mind hacking (as in close to the true sense of the word) in order to fix issues that arise. Having reached a stable state now, I will think twice about changing anything anytime soon!

I've used nethunter for fun stuff on my oneplus One for around a year now. There were a very small number of minor niggles that annoyed me a little, but that I chose to just live with, and everything was fine. The user interface wasn't amazing, but the tools mostly worked as intended. It was awesome, running on CM 11 and nethunter 2.x. BDFProxy did what it said on the tin, BEeF worked nicely with MITMProxy injecting hooks, I could run vulnerability scans with openVAS, and it generally rocked my world. The Swiss army knife for ethical hackers and script kiddies alike.

Around January this year I spotted that a new version of nethunter had been released, and I was pretty excited. As soon as I was able to, I followed the upgrade instructions on the nethunter site through CM 12 and installed nethunter 3.0. Things have been far less awesome since then. I'll describe some of the issues and then the resolution at the end of this post.

Issue number 1: drivedroid just stopped working. Drivedroid is great because it allows you to host an ISO or other disk image from your phone, over a USB cable and make it appear as though it is a CD drive, writeable USB stick, or read only USB. It's amazing knowing that you can boot into tails, kali, DEFT, or any other favourite live CD distro or tool of your choosing, even konboot. With CM12, none of this worked. In CM 13 it does.

Issue number 2: The phone crashed randomly and frequently. It could happen overnight while I was asleep, meaning that my alarm wouldn't go off. It could happen when I disabled WiFi tethering. Rebooting the phone would sometimes fix, but sometimes required 3 or 4 reboots. Clearing the cache would increase the chance of success but was still not full-proof. CM 13 fixed this.

Issue number 3: Sound and video playback would just stop. Again, rebooting didn't always help. CM 13 fixed this.

Issue number 4: If you are running the TWRP recovery manager, you cannot apply over the air updates for your OS. There is no fix for this that I have found.

Resolution: Most of the issues above have been fixed by upgrading to CM 13, and now things are much more awesome again. It was a painful upgrade process, but worth it. Some advice if you are about to embark upon this endeavour:

Make sure you have backed up your precious data. You don't want to lose those pictures of your cat or mum or whatever.

Clear the cache, and preferably factory-reset the device before every step. Failing to do so can lead to crashing applications, failed startups and other such delights.

Rough guide:

Download the latest stable CM 13 and store it in the root of your device. This may appear as /sdcard in TWRP. Do the same with the latest nethunter build, openGapps, and SuperSU.

With TWRP, first install CM 13, then openGapps. Boot up and make sure everything seems OK. If things don't seem good, then go back into recovery and factory reset.

Next, install SuperSU, and then boot up and download and install busybox from the play store.

Finally, go back into recovery and install nethunter.

If all has gone well then you should have a stable installation.

Happy scripting, kiddie!

5 comments:

  1. Thanks for the info. Did you build your own versión of nethunter for cm13 or you got it already built?

    ReplyDelete
  2. Thanks for the info. Did you build your own versión of nethunter for cm13 or you got it already built?

    ReplyDelete
  3. I just used the latest nightly from here: https://idlekernel.com/nethunter/nightly/ as recommended by various forums and also on the nethunter github issues tracker. Version when I installed was 3.0.5, but I see that there is now 3.1.0 available. Good luck and feel free to let me know how you get on.

    ReplyDelete
  4. This comment has been removed by the author.

    ReplyDelete