User:Re4sonkernel/Kali NetHunter 2

Kali NetHunter
Developer(s)	Offensive Security
Initial release	24 September 2014; 9 years ago
Stable release	2020.1 / 28 January 2020; 4 years ago
Preview release	2020.2-pre3 / 1 April 2020; 4 years ago
Repository	gitlab.com/kalilinux/nethunter/
Written in	C, Java, Kotlin, Python, Bash
Operating system	Android, Kali Linux
Platform	armhf, aarch64
License	Various
Website	www.kali.org/kali-linux-nethunter/

Kali NetHunter is a free and open-source mobile penetration testing platform for Android devices, based on Kali Linux.^[1] Kali NetHunter is available for un-rooted devices (NetHunter Rootless), for rooted devices that have a custom recovery (NetHunter Lite), and for rooted devices with custom recovery for which a NetHunter specific kernel is available (NetHunter).^[2] Official images are published by Offensive Security on their download page and are refreshed every quarter. NetHunter images with custom kernels are published for the most popular of the supported devices, such as Nexus 5/5X/6P, OnePlus 1/2/7 (T/Pro), Xiaomi Mi 9T, Samsung Galaxy Tab S4, etc. Many more models are supported and images not published by Offensive Security can be generated using the NetHunter build scripts.^[3] It is maintained by a large community and funded by Offensive Security.

Background and history[edit]

Started in 2014, the Kali Linux NetHunter project is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security, the company behind the Kali Linux desktop distribution.^[4]

By May 2019, the list of supported Android devices has grown to over 50.^[5]

Features[edit]

Kali NetHunter is an Android ecosystem, the core of which is a ROM overlay that consists of the following core components:

a custom kernel with various enhancements to allow for wifi injection, HID attacks, etc.^[6]
a Kali Linux chroot container^[7]
a NetHunter Android application, which allows for easier interaction with various security tools and attacks^[8]
a client to access the NetHunter App Store offering dozens of purpose build cyber security apps^[9]
a custom built boot animation^[10]
background services and system tools that provide a framework for various penetration testing tools
Kali Desktop Experience (KeX) that allows to run a full Kali Linux Desktop environment on Android devices with interfaces to output the desktop via HDMI or wirelessly^[11]

In addition to the penetration testing tools featured on desktop Kali Linux, NetHunter also enables Wireless 802.11 frame injection, one-click MANA Evil Access Points, HID keyboard functionality (for Teensy-like attacks), as well as BadUSB man-in-the-middle (MitM) attacks.

NetHunter App for advanced attack modes showcasing a wifi monitoring attack using the internal wlan0 interface

NetHunter App Store[edit]

Kali Nethunter has an applications store based on a fork of F-Droid with telemetry completely removed. The store has about 30 applications.^[12]

File:Nethunter App Store.png

Kali NetHunter App Store

Editions^[13][edit]

NetHunter can be installed on almost every Android device using one of the following editions:

Edition	Usage
NetHunter Rootless	The core of NetHunter for unrooted, unmodified devices
NetHunter Lite	The full NetHunter package for rooted phones without a custom kernel.
NetHunter	The full NetHunter package with custom kernel for supported devices

The following table illustrates the differences in functionality:

Feature	NetHunter Rootless	NetHunter Lite	NetHunter
App Store	Yes	Yes	Yes
Kali cli	Yes	Yes	Yes
All Kali packages	Yes	Yes	Yes
KeX	Yes	Yes	Yes
Metasploit w/o DB	Yes	Yes	Yes
Metasploit with DB	No	Yes	Yes
NetHunter App	No	Yes	Yes
Requires TWRP	No	Yes	Yes
Requires Root	No	No	Yes
WiFi Injection	No	No	Yes
HID attacks	No	No	Yes

Whilst NetHunter Rootless has less functionality, it has the advantage of being non-intrusive and not voiding manufacturers warranties.

Attacks and tools[edit]

NetHunter BadUSB Attack[edit]

Enabling this USB mode will turn a device with a USB On-The-Go cable into a network interface when plugged into a target computer. Connecting the USB cable to a PC will force all traffic from that PC (Windows or Linux) through the NetHunter device, which allows the device's user to perform a man-in-the-middle (MitM) attack.^[14]

MANA Evil Access Point[edit]

MANA is an "evil access-point" implementation by SensePost that performs rogue WAP and MitM attacks. The MitM logs get written to /var/lib/mana-toolkit/ in the Kali chroot. Users can change the access point's configuration to match their target environment, such as the SSID, channel number, etc.^[15]

NetHunter HID Keyboard Attacks[edit]

The NetHunter HID Attacks turn any device and its OTG USB cable into a pre-programmed keyboard, able to type any given commands. It is functionally similar to “Teensy” type devices.

NetHunter USB Arsenal - Function Selector[edit]

The NetHunter USB Arsenal controls the USB gadget mode of Android devices. It is used to prepare the device for USB attacks.

NetHunter USB Arsenal - Image Mounter[edit]

The image mounter turns an Android device into a live USB stick from which a computer can be booted.

NetHunter USB Arsenal - Network Tethering[edit]

The Network Tethering module can be used to to configure an Android device for NIC based attacks.

Reception[edit]

John Callaham of Android Authority wrote an unofficial guide for installing Kali NetHunter on most Android devices.^[3] The installation processes and operations have been described in detail in Hands-On Penetration Testing with Kali NetHunter: Spy on and protect vulnerable ecosystems using the power of Kali Linux for pentesting on the go,^[16] and Kali Linux - An Ethical Hacker's Cookbook: Practical recipes that combine strategies, attacks, and tools for advanced penetration testing.^[17]

References[edit]

^ "Home-Wiki-Kali Linux/NetHunter/build-scripts". GitLab. Retrieved 2016-03-08.
^ "Kali Linux Documentation". kali.org. Retrieved 2020-04-05.
^ ^a ^b "Here's how to install Kali NetHunter on any Android device". Android Authority. 2018-08-13. Retrieved 2020-03-14.
^ "Kali Linux NetHunter". www.kali.org. 2014-08-29. Retrieved 2016-03-08.
^ Schirrmacher, Dennis (May 23, 2019). "Werkzeug für Sicherheitsforscher: Das neue Kali Linux ist da". heise online (in German). Retrieved 2020-03-14.{{cite web}}: CS1 maint: url-status (link)
^ "Kali Linux/NetHunter/build-scripts/devices". GitLab. 2019-05-02. Retrieved 2020-04-05.
^ "Kali Linux/NetHunter/build-scripts/kali-nethunter-prokect/nethunter-fs". GitLab. 2016-10-05. Retrieved 2020-04-05.
^ "Kali NetHunter App Store". Kali NetHunter App Store. 2020-04-01. Retrieved 2020-04-05.
^ "Kali NetHunter App Store". Kali NetHunter App Store. 2020-04-01. Retrieved 2020-04-05.
^ "Kali Linux 2019.3 Release". kali.org. 2019-09-02. Retrieved 2020-04-05.
^ "Kali Linux 2019.4 Release". kali.org. 2019-11-26. Retrieved 2020-04-05.
^ "App-Store für Kali NetHunter". Pro-Linux (in German). Retrieved 2020-03-14.
^ "NetHunter Rootless / Kali Linux Documentation". www.kali.org. 2020-02-22. Retrieved 2020-04-05.{{cite web}}: CS1 maint: url-status (link)
^ "offensive-security/kali-nethunter". GitHub. Retrieved 2016-03-08.
^ "offensive-security/nethunter-app". GitHub. Retrieved 2016-03-08.
^ Singh, Glen D.; Oriyano, Sean-Philip (2019-02-28). Hands-On Penetration Testing with Kali NetHunter: Spy on and protect vulnerable ecosystems using the power of Kali Linux for pentesting on the go. Packt Publishing Ltd. ISBN 978-1-78899-668-6.
^ Sharma, Himanshu (2019-03-29). Kali Linux - An Ethical Hacker's Cookbook: Practical recipes that combine strategies, attacks, and tools for advanced penetration testing, 2nd Edition. Packt Publishing Ltd. ISBN 978-1-78995-370-1.

External links[edit]

Kali Nethunter Documentation

Category:Android (operating system) software Category:ARM operating systems Category:Custom Android firmware Category:Debian-based distributions Category:Digital forensics software Category:Free security software

[1] "Home-Wiki-Kali Linux/NetHunter/build-scripts". GitLab. Retrieved 2016-03-08.

[2] "Kali Linux Documentation". kali.org. Retrieved 2020-04-05.

[:0-3] "Here's how to install Kali NetHunter on any Android device". Android Authority. 2018-08-13. Retrieved 2020-03-14.

[4] "Kali Linux NetHunter". www.kali.org. 2014-08-29. Retrieved 2016-03-08.

[5] Schirrmacher, Dennis (May 23, 2019). "Werkzeug für Sicherheitsforscher: Das neue Kali Linux ist da". heise online (in German). Retrieved 2020-03-14.{{cite web}}: CS1 maint: url-status (link)

[6] "Kali Linux/NetHunter/build-scripts/devices". GitLab. 2019-05-02. Retrieved 2020-04-05.

[7] "Kali Linux/NetHunter/build-scripts/kali-nethunter-prokect/nethunter-fs". GitLab. 2016-10-05. Retrieved 2020-04-05.

[8] "Kali NetHunter App Store". Kali NetHunter App Store. 2020-04-01. Retrieved 2020-04-05.

[9] "Kali NetHunter App Store". Kali NetHunter App Store. 2020-04-01. Retrieved 2020-04-05.

[10] "Kali Linux 2019.3 Release". kali.org. 2019-09-02. Retrieved 2020-04-05.

[11] "Kali Linux 2019.4 Release". kali.org. 2019-11-26. Retrieved 2020-04-05.

[12] "App-Store für Kali NetHunter". Pro-Linux (in German). Retrieved 2020-03-14.

[13] "NetHunter Rootless / Kali Linux Documentation". www.kali.org. 2020-02-22. Retrieved 2020-04-05.{{cite web}}: CS1 maint: url-status (link)

[14] "offensive-security/kali-nethunter". GitHub. Retrieved 2016-03-08.

[15] "offensive-security/nethunter-app". GitHub. Retrieved 2016-03-08.

[16] Singh, Glen D.; Oriyano, Sean-Philip (2019-02-28). Hands-On Penetration Testing with Kali NetHunter: Spy on and protect vulnerable ecosystems using the power of Kali Linux for pentesting on the go. Packt Publishing Ltd. ISBN 978-1-78899-668-6.

[17] Sharma, Himanshu (2019-03-29). Kali Linux - An Ethical Hacker's Cookbook: Practical recipes that combine strategies, attacks, and tools for advanced penetration testing, 2nd Edition. Packt Publishing Ltd. ISBN 978-1-78995-370-1.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]