How To: Flash Kali NetHunter on OnePlus and Nexus Devices (Most) As a Secondary ROM

Flash Kali NetHunter on OnePlus and Nexus Devices (Most) As a Secondary ROM

How to Flash Kali NetHunter on OnePlus and Nexus Devices (Most) As a Secondary ROM

Hello there, 'Flashers'!

Welcome to my 8th Post. This tutorial will explain how to flash Kali NetHunter on OnePlus (Tested) and Nexus Devices (Not Tested-Should work) as a secondary ROM, so that none of your personnel data/ROM gets affected.

NetHunter?

Refer to Ciuffy's Post, right here

Pre-Requisites:

1) Device should be rooted
2) Should have TWRP custom Recovery Installed/Flashed.
3) (Bootloader, should be unlocked, if locked)
4) A Back Up if anything goes wrong. (Make it using the recovery)

For OnePlus here is a guide on all of this from XDA.

Step 1: Installing MultiROM :

Install MultiROM manager from Google Playstore

1) After installing, Open it.
2) Tick all the Check-boxes
3) In the last one choose the correct Kernel (Kitkat or Lollipop)

(WARNING: Check the Kernel Status: It should be in Green Letters, but if in RED then, ask about it in the comments section)

4) Tap Install
5) This will do everything for you, sit back and relax, it will take time.
6) After everything goes right, you should have:

  • A modified custom recovery,
  • A boot manager at start-up that asks, which ROM to boot into. (Press cancel so it won't automatically boot into the Internal ROM)
  • The same application, in the internal ROM, which manages every ROM, and Check for Updates.

Step 2: Downloading CM11-M11 ROM:

We will be using this because it is highly compatible with MultiROM.

Goto this website, and Download CM11 M11 ROM for OnePlus.

Click here for WiFi Model Nexus 2013

Click here for 4G/LTE Model Nexus 2013

Click here for LG Nexus 5

Click here for Nexus 4

Go to your default search engine (Google) and search this ROM for your Device if not listed here.

Step 3: Downloading Kali NetHunter

Go to the Official website of Kali
Scroll down to the bottom and download the correct image (actually .zip) for your Device.
Don't use the Windows Installer.

Step 4: Downloading SuperSU.Zip and BusyBox:

Download this Super User update.
Also, Download BusyBox from Playstore or from here

Step 5: FLASHING CM11-M11 as a Secondary ROM:

After all of your Weapons are ready, it's time to FIRE. (I mean Flash)
Move all the items to the root of your SD-card in your Device (or any other Folder)

  • Reboot your system to Custom Recovery. (Vol-Down + Power, when device is turned off)
  • Once booted, go to Advanced, then MultiROM settings, tap on add ROM
  • Tap on Next. (Or choose where do you want to install the ROM Eg: A Flash/Pen Drive)
  • Choose ZIP file
  • Choose cm-11-20141008-SNAPSHOT-M11-xxxx.zip (The ROM you just Downloaded)
  • Swipe to Confirm
  • Once Finished, Reboot system.

------------------------------------------------Flashed--------------------------------------------

  • Use the MultiROM manager at Start-up to boot into The Flashed ROM.
  • Go out there and explore!
  • Install BusyBox, open it and then Install it. (It may/will fail because the system is not rooted) (Don't worry its temporary, you may even skip this step)
  • Once you are happy, and want to move on, Follow the next step.

Step 6: FLASH KALI NET-HUNTER!!!

  • Reboot to Recovery.
  • Go to MultiROM settings.
  • Tap on 'List ROMs'
  • Choose the CM11-M11 ROM
  • Tap the small button stating 'Flash ZIP'
  • Choose The Kali Nethunter.zip you just downloaded.
  • Swipe to Confirm Flash
  • After flashing, Reboot system.

-----------------------------------------FLASHED-------------------------------------------------

  • Congratulations you Successfully Flashed Kali NetHunter!!
  • Boot into the ROM
  • EXPLORE! Go Go Go!
  • Sort things out, install necessary apps, play-store, Google services etc..
  • Tap on KaliNetHunter Home (App) and Explore it too!
  • However any service provided by it won't WORK, because the ROM is not Rooted.
  • Then what are we waiting for? Let's gain the root access.

Step 7: Rooting the ROM:

It's too easy! (Now that you have practice)

  • Reboot to Custom/TWRP Recovery.
  • Go to MultiROM settings.
  • Then to 'List ROM'.
  • Choose the same ROM
  • Then to 'Flash ZIP'.
  • Choose The SuperSU.zip that you downloaded.
  • Swipe to Confirm Flash.
  • After the Flash Reboot System.

--------------------------------------------FLASHED/ROOTED--------------------------------

The FUN Begins:

And now rename the ROM if you want to, using the manager in Internal ROM.
Boot into NetHunter.
So you are good to Go!
Every service offered by NetHunter can be accessed!
Also download SuperSU.apk from the playstore and Install BusyBox again.
ENJOY! EXPLOIT! HAVE FUN!

The Tutorial ENDS:

When following this tutorial, I hope you could learn something from it (me too) about Flashing and Roots. And now, I think you can Flash any ROMs that you need.

{When you are in the boot manager, at start-up, tap the top-left icon, of the MultiROM manager, see what happens (a little game! lol)}

Good Luck!

There is an issue with OnePlus I think, Sometimes, it may get suck into a boot-loop but that's Fine, just press the key combination for custom recovery until the device turns-off. Then release the buttons and press them again, once you get booted to custom recovery, reboot system from there.

Keep Coming back for more!!
Thank You,
F.3.A.R.

70 Comments

Excelent, GG FEAR!

Thanks Ciuffy!

Nice tutorial. +1

Is Offensive Security working on making NetHunter more cross-platform?

Thanks C|H,
Yes, slowly but it is.

(There was a tutorial for NetHunter, in which it could be used on any device, except some in built attacks won't work. Someone posted it in the fourms. Will check if I can find it again)

They say they are aiming to expand the community.

From the FAQ:
"Can NetHunter be installed on other Android devices other than the ones listed?"

"Short answer : No. While it is possible to build a "rootfs" NetHunter image only for non Nexus or Oneplus phones, however this will not include our custom kernel, so features like HID, Wi-Fi injection, and BadUSB will not work."

Heyyyyyyy, thanks!! Now I can flash the thing with thingy and bam!! Thanks again FEAR!!!

Welcome!
Flash the thingy with the thing, and then don't forget to root to get a compound! Or it will remain a mixture.
EDIT: Don't forget to tell the results!

Currently, things are still a mixture. For some reason, when I try to mix in the ol' kali image with cm11, it tells me it will finish in 30 minutes. Then after about 10 minutes, it turns off, then restarts? Something go wrong with Kali or...?

Yes it will only take 10-20 minutes, however it should not turn off.
Critical: Don't charge your device during the process.
Follow:

  • Wipe the CM11 ROM, Flash it again.
  • Don't flash Kali, until you successfully boot into the ROM.
  • Reboot to recovery.
  • Flash Kali.
  • When success, boot to the modified ROM. (Kali)

Then follow the remaining tutorial (and don't use shortcuts if you are)

Thanks for responding again, it is has now successfully flashed. I did not follow any of the bullet points (I could already boot into the rom) and it worked. The only problem was because my phone was charging. Thanks again!!!

Nice to hear that, and you are Welcome!
Did you flash the SuperSU Update also?
If yes, then you are good to go!

{Wait, you mean your device suffered from a boot loop, (on and off and then on again and off), to correct it every-time, follow the Instructions at the end of this post.}

Everything is flashed and ready to go. I am trying to deauth myself first, but something is going wrong, no idea what. From what I can gather, the adapter I am using is getting the wrong bssid. Eh, something I can fix later. And for the boot loop, I have been booting into the recovery, so I think I am all set. I really appreciate you making this post. I would have never found out how to install this myself (well I would eventually, it would've just taken me hours of screaming and kicking :D ).

Feels good to be helpful,

Also, while ejecting the otg/wireless-adapter turn it off, or use a wlan1 down command or your Nethunter will reboot itself to a boot-loop (again)

Another issue, Maybe when you lock the Device (press power button) it won't wake up again (screen off-death). You need to keep on pressing the power button or double tapping or reboot or plug in the charger.

Hey Fear, I have no idea if your still here (understandable if your not) but my secondary rom stopped working :/ I have no idea what is wrong, I have updated multirom and TWRP. I made sure to patch 5.0 kexec kernel whatever. After all of this, it still hasn't worked. This problem has happened before, in which I then had to add a new rom, and repeat the steps. That fixed it, but now it has stopped working again. I'm beginning to think it is because I flashed the xposed framework. I'm running blisspop primary (don't think that has anything to with this) and I am still on a oneplus one. Thanks in advance.

Thanks so much for this tutorial
But... I don't understand what you mean in step 7
We downloaded net hunter and all is good what is step 7 for

Also you say rom download link for nexus 2013 wifi are you talking about the nexus 7

Step 7, is to gain Super User access, without that you won't be able to access anything offered but NetHunter (Try it, then you will know)

Yes, it is for Nexus 7.

The Kali NetHunter image is currently compatible with the following Nexus and OnePlus devices:

Nexus 4 (GSM) – "mako"
Nexus 5 (GSM/LTE) – "hammerhead"
Nexus 7 2012 (Wi-Fi) – "nakasi"
Nexus 7 2012 (Mobile) – "nakasig"
Nexus 7 2013 (Wi-Fi) – "razor"
Nexus 7 2013 (Mobile) – "razorg"
Nexus 10 (Tablet) – "mantaray"
OnePlus One 16 GB – "bacon"
OnePlus One 64 GB – "bacon"

Looks like you are far behind.
This will be long for you, (No Pain No Gain)
I am assuming that you have Nexus 7

  • First Follow this guide from here
  • Once completed follow this guide.
  • Choose method 2 from the above guide, and don't follow 2nd step of Method 2.
  • Instead this: Go to C:\android-sdk-windows\platform-tools and Hold shift + right click, choose Open cmd here.
  • Type this command: adb devices and see whether your device is listed or not. Now follow the remaining Method 2
  • WARNING! This will wipe all of your data, use My Backup PRO to backup your data, and copy it to a PC.
  • Now follow this guide and don't follow step 1,2 or 3. Instead follow this:
  • Download the latest TWRP recovery image file for your Nexus 7 2013 model:
  • http://teamw.in/project/twrp2/193

Nexus 7 2013 -WiFi or Nexus 7 2013 LTE

  • Copy it to C:\android-sdk-windows\platform-tools and again 'open cmd there'.
  • Follow the 4th and 5th step from the same guide
  • Now Flash this Super User Update, to gain root access.
  • DONE! Now your device is rooted, unlocked boot-loader, and have a custom recovery installed.

---------------------------------------------NOW---------------------------------------------

Follow this/my guide to Flash NetHunter.

Looks like its going to take a week, to complete this ;)
EDIT: Corrected link for Nexus 7 2013 WiFi TWRP : here

Woah o.o thanks fear for the links
On the neyhuner home page they made it look so simple with window installer

Welcome Mizanur,

If you want a boring AOSP ROM and erase your data twice of the internal ROM, and use it as a Primary ROM. You can follow the easy way.

However your Nexus 7, won't look like '7' anymore...

True rather do it the hard way and have a good result
then do the easy and have a bad result

True that! Good Choice.

excellent work FEAR

+Kudos

-Phoenix750

Thank You! Phoenix :)

The Kali NetHunter image is compatible with htc m8 ?

No, it isn't,
Only compatible with OnePlus/Nexus Devices.

Android 5.x.x have been giving out the parsing error usually associated with unchecking unchecking the allow installation from unknown sources check box. This is causing my two most common RATS to be impossibly to install on devices. could it be that one like your self has a solution.

Thanks so much for this F.E.A.R. I followed this guide and successfully flashed a second ROM of Kali Nethunter onto my Nexus 4. The only error I encountered was that the Nexus 4 link for the CM11-M11 ROM was wrong but I found it on Google anyway.

Unfortunately I'm having difficulty getting USB OTG to work with any WiFi adapters (I've tried a TL-WN722N, which I know has worked for some people). I managed to flash another kernel to get OTG to work with a memory stick but the WiFi adapters still don't work.

I heard somewhere that Nexus 4 users need to flash another kernel on specifically designed for Nexus 4 and Nethunter to get this stuff to work but I haven't found it yet. Does anyone know where to find such a kernel?

Welcome John,
I'll make the changes in the link, thank you for pointing out.
From XDA:

here and here.

I hope you know about flashing and adb etc., if not then I'll explain the steps.
Edit: Use the 2nd link (of-course)

Thanks F.E.A.R. The thing is, the kernels I installed (quanta Kernel/SaberMod franco.Kernel) do let me use a USB mouse and a USB memory stick (with an OTG Y cable of course). My phone can charge through the cable at the same time. It won't work with a usb mic/webcam or the wifi adapter though. I'm thinking maybe I'm supposed to install a driver for the adapter or something? How could I do that?

Nope the driver for TL-WN722N is pre-installed in Kali Nethunter.
And if you got the OTG to work in NetHunter, there should be no problem.
Follow:

  • Turn off android's in-build WiFi adapter before plugging in the external one.
  • Plug in the external one and try to put it into monitor mode even if it is down:
  • airmon-ng start wlan0 (or wlan1)

If it does no work:

  • Use an OTG instead of Y-OTG.

Ok well that's a start! At least I know it should work

I tried those steps among others but nothing is getting the wifi adapter to light up and wifite says no interfering processes found then nothing below PHY Interface Driver Chipset.

I think maybe the things that I flashed to get OTG working have messed up the WiFi adapter compatibility built into Nethunter. Maybe I should delete the ROM and reflash CMG and Nethunter then try a different means of fixing OTG. What do you think?

Also of note I found this: https://android.stackexchange.com/questions/105325/mounting-an-usb-wireless-adapter-to-a-nexus-4 Seems to have a similar problem to me but a different adapter.

Yes, you should do that, this time try a different kernel FIX.

Hi there, does anybody know if is save to use NetHunter in your private terminal? I never use the tools for pentesting from my personal computer for example, just for safety. But in this case I would like to use my own personal phone with NetHunter, without multiple roms. Is this safe to my private data? I couldn't find info about this.

Thanks in advice!

Safe as in, safe from data loss or breach of privacy?
Nope your data and everything with it will be wiped out completely.
Yea it is safe from breach like a normal android system, it depends on the antivirus and the user.

I was thinking from breach, and if you could leave some kind of personal information, taken from your phone, in a pentest or attack. Something like your mobile name or something like that...

Nope, for android and the apk even if we decompile it, there is no info about the attacker, its fully undetectable at least in the hacks I told.

However for other attacks, it will in the same scenario as PC.
(A little more safer than PC)

hi
i have succesfully flashed cm11
but after flashing kali nethunter on cm11 my phone gets stuck
on boot at google screen. i have tried flashing it several times now
dont understand why i am getting stuck after flashing kali nethunter.

Are you sure, you have downloaded the correct image for your android? (Nexus/Oneplus)

yes i followed the link you provided but i was intalling kali nethunter 2.0 though

just tried flashing kali nethunter with the latest cm12 stock rom.. now getting stuck at cyanogen logo during boot.. please help. I am using nexus 5 hammerhead

these are the zips i m using.
1) cm-12.1-20150901-SNAPSHOT-YOG4PAO237-hammerhead.zip
2) kalilinuxnethunter2.0hammerheadlollipop.zip

KaliNethunter 2.0 has bugs and I still can't get the change-log.
Follow the guide again with KaliNethunter 1.0 then upgrade it to 2.0 internally. (Tested)
Wait, tell me you haven't bricked your android have you?
If you have then you already know what's coming next...
FacTory ReseT!
(Until you listened to my warning and took a quick backup before hand)

yup have bricked it alright but its okay as i use this phone only for pen testing.. thanks i will try again with nethunter 1.0

:)

Phew, good to hear that :)

For the Oneplus, if you go to the Nethunter website now they don't have version 1.0 available. I'm only asking because of the comment above but will this method work for CM12.1 OS with KaliNethunter version 2.0.1?

I hope so, I have never tested it though, just updated it internally.
I might re-install/flash the KaliNethunter 2.0 image again and update the guide.
KaliNethunter 2.0 supports CM12 (Lollipop) or CM11 (Kitkat), as specified in the Official FAQ of Nethunter.
Make a backup before flashing 2.0

Just installed KaliNethunter version 2.0.1 on CM12.1 OS. Confirmed it works!

Alright! I have yet to try it.
Are there any changes in the interface?
Thank you for the confirmation.

Does this works with oneplus two

Not tested, it should.

Help im planning to do this on my new nexus 7 but im reall worried becuase i dont have much knowledge on ROMS
so basically a ROM is like a customised OS

so for this tutorial we will be using two Roms one without nethunter one with nethunter and we can flash on to any one of them ?

From what it sounds like flash is when you go on to the ROM

please clear my headache thanks hope you can reply i rarely want to use net hunter

Just assume the meaning of Flashing is Installing and ROM is an OS, and follow the guide.

Thanks for the reply I also heard there is a loop error on the Oneplus One thats the device i will be using i dont want to get into any errors or get stuck since i am a new android user and im not fully sure on how to set up recoverys unlock bootloader and root etc....

Hello I'm A Brazilian Fascinated By Kali Linux Development.
When he learned that faced by the System On my Nexus I was super happy :)
After much effort I managed to NetHunter in My Place "nexus 7 wifi" At Least I think Yes:}.

More Now I can not use The Tools Of NetHunter, When I Abilito functions in "Kali Service Controll" The All options back to starting position.

and when I access Terminal appears written,
"u0a97 grouper @: / $
"u0
a97 grouper @: / $ su -c 'bootkali kalimenu'
"tmp-mksh: bootkali: not found
"127 | U0a97 grouper @: / $
Please I really need help !!!!

Your android device is not Rooted
Edit: The Nethunter ROM is not rooted

I installed kalinethunter lolipop in my nexus5 cm-11-20141008-SNAPSHOT-M1
but , it doesn't work, I did root , and it doesnt work... help
I installed busy box , TWRPand flashed nethunter ,

If I boot cm-11-20141008-, it is going to be fail, like be Google logo

  1. I am using kalinethunter 2.0 ver(for hammerhead), what's wrong?

I saw comment VISHAL AMIN , I think same thing , Then, where is nethunter hammerhead ver 1.0??? I searched google , but there's not ver1.0

Use a Lollipop CM12 ROM and Flash NetHunter 2.0

have you guys MultiROM working on ZUK Z1 devices? thanks

Thank you for excellent tutorial. So far it's the best the best I have seen concerning MultiRom manager. I am having an issue concerning this point:

(WARNING: Check the Kernel Status: It should be in Green Letters, but if inRED then, ask about it in the comments section)

I am running a OnePlus One (Fingerprint oneplus/bacon/A0001:5.1.1/LMY48B/YOG4S3JL:user/release-keks). Kernel version is 3.4.67-cyanogenmod-g223b093 build04@cyanogenmod #1 Fri Oct 23 14:48:18 PDT 2015

I am rooted and I have TWRP and MultiRom manager installed. When I open MultiRom I get this:

Just in case this screenshot doesn't make it through, it shows at kernel line in the Status group: doesn't have kexec-hardboot patch! Also below, a red checkmark at Kernel has options to select between 4.4.x and 5.0.x. Now, none of these are available on my OnePlus One because I have Lollipop 5.1.1!

I have downloaded the kernelkexecgrougercm121-01-5e0fa481d7.zip file. I would like to know if it's the right zip file to patch the kernel and I would like to know the steps by steps procedure to install that patch. I know how to install ROMs but not how to update or patch kernel. Hopefully you can help. I will backup again before I execute any of your procedures just in case… Thanks again for excellent tutorial and Happy Holidays.

I'm following your tutorial and I keep getting the same problem when I try to flash the image to my nexus 7(2013, wifi) it keeps saying that "meta-inf/com/google/android/updater-script" is missing. I downloaded everything from the sources provided and i triple checked that I have the correct model in each instance.

I apologise if this is a stupid mistake but i've never replaced or altered the stock os on a device before.

Does net hunter 3.0 support nexus 5x

Does the internal wifi work on the nexus 7 2013 model net hunter thanks

Thanks F.E.A.R for this useful tutorial!

Some further informations: Nethunter 3.0 runs fluently over CM13 on the Nexus5 (tested). I just followed this tutorial, changed the ROM and the version of Nethunter with the new version and skip the SuperSU step.

While flashing, the progress bar stopped at 70% (installing kernel). I wait 2 hours to be sure, restart the phone, and BAM, it works!

(if you guys need any help for flashing Nethunter on Nexus5, just ask me)

i have stock marshmallow its safe to flash nethunter without flashing CM ? on nexus 5 i did the recovery method but still the same problem

Share Your Thoughts

  • Hot
  • Latest