Month: December 2016

 

Welcome. My apologies for being late with this article. Been so busy with work and family.

This post will focus on installing Nethunter on my Nexus 5 phone. Nethunter is a mobile penetration testing platform written by some very smart people. It is specifically designed to run on the Android platform on a small list of hardware devices. One being the Nexus 5 which is what this article focuses on.

I am not going to get into what great security testing tools run on the platform. Only how I installed Nethunter on my Nexus 5 using my Macbook Pro. This should be easily done using a Windows PC or a Linux system as well.

Download the necessary tools

  1. Download the correct version of nethunter, Lollipop (v5.1.1) or Marshmellow (v6.0.1)
  2. Download TWRP
  3. Download beta-SuperSU
  4. Download the tool used to unlock bootloader
  5. Ensure you are running the default ROM for Nexus 5. If not, download it here.
  6. Download fastboot and adb tools. Instruction for Mac. Instructions for Windows.

 

Now, let’s get started …..

 

Unlock the Boot Loader

  • Place your Nexus 5 in debugging mode. Open Settings->About Phone  and tap “Build Number” 7 times
  • Turn off your Nexus 5
  • Unzip CF-Auto-Root-hammerhead-hammerhead-nexus5.zip on your mac. chmod 755 root-mac.sh to make it executable
  • Execute the script ./root-mac.sh but do not hit “Enter. (For Windows users, execute the root-mac.bat script)

 

 

 

 

  • Next enter into bootloader mode onto the Nexus 5. Press and hold Volume Down + Power at the same time

 

 

 

 

 

 

  • Now plug the Nexus 5 into the Mac via USB
  • Go back to the screen where you executed the “root-mac.sh” script and press any key to continue with the script execution
  • The Nexus should display an “Unlock Bootloader” message on screen. Press “Volume Up” to select Yes. Unlock boot loader and then press Power button to execute.

 

 

 

 

 

 

Flash the TWRP Recovery image

  • Ensure you are in bootloader mode on the phone

 

 

 

 

 

 

 

  • Navigate to the directory which contains your adb and fastboot tools on your Mac.
  • Copy the TWRP recovery image to the same directory which contains the adb and fastboot tool. Rename it to recovery.img
  • Connect the Nexus to the Mac using a USB cable and confirm the Nexus is recognized in Finder on the Mac
  • Run the following commands on your Mac in sequence. Do not run the second command if the first does not return the serial number of the Nexus 5
    • fastboot devices -> This command returns a serial number of the Nexus 5 which indicates that fastboot has recognized the Nexus.
    • fastboot flash recovery recovery.img -> This command flashes TWRP to the phone. You should see a success message of some sort if the process was successful.  

  • Disconnect the Nexus 5 from the mac and reboot the phone. You should see the TWRP menu.

 

 

 

 

 

 

 

  • Before we get into the next section, run a backup of everything from TWRP.

Root the phone

  • Boot the Nexus into recovery mode (TWRP)
  • Upload beta-SuperSU to the Nexus 5 by connecting it to the Mac via USB and running abd push <superSU.zip> /sdcard
  • Once uploaded, select Install from the TWRP menu

 

 

 

 

 

 

 

  • Browse to /sdcard on the Nexus 5 and select the superSU zip file to install it.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  • Reboot the phone into the stock rom (not TWRP). Download and install Root Checker. This application confirms if the phone has been successfully rooted.
  • You should see the following onscreen if the phone has been successfully rooted.

 

 

 

 

 

 

 

 

Install NetHunter

  • Connect the Nexus to the Mac via USB
  • Upload Nethunter to the Nexus 5 using adb. abd push <NetHunter> /tmp
  • Boot into Recovery mode (TWRP) and install NetHunter

 

 

 

 

 

 

 

  • Accept the security warning

 

 

 

 

 

 

 

  • I selected the default installation and unchecked superSU since it was installed in the previous step.
  • It will take a while to install so please be patient.  And I really mean a while.

 

 

 

 

 

 

 

  • You may not even see an indication that the install completed.  I ended up rebooting my Nexus after an hour. Once rebooted, I had a Nexus 5 running NetHunter.

 

 

 

 

 

 

 

So, that’s it. Please let me how you make out with these instructions in the comments section. Also, let me know if you found alternative methods of installing Nethunter on the Nexus 5.

Thanks and  hope you come back again soon.

PenTest