hackvault: 2014.09

2014-09-26

Unlocking and Rooting Your Nexus Under Kali Linux

CREDITS: This whole post was lifted from nethunter.com (a.k.a. Kali NetHunter)

Before flashing the Kali NetHunter image to your Nexus device, it must first be unlocked and rooted. Note that unlocking your device will result in all of your data being deleted so ensure you have made a backup. Begin by installing the google-nexus-tools package on your Kali Linux system:

root@kali:~# apt-get update && apt-get -y install google-nexus-tools

Connect your Nexus to Kali with a USB cable. You will be prompted to allow USB debugging from the computer as shown below. Tap ‘OK’ to allow the connection.

On your Kali system, use the nexus-adb command to verify that your Nexus has been successfully attached.

root@kali:~# nexus-adb devices
List of devices attached
0a6088af        device

Download the correct TWRP recovery image for your Nexus device:

Next, we require the correct files needed to root the device:

In this example, we are flashing a Nexus 7 2013 LTE device so we download the necessary files for our device and unzip the CF-Auto-Root archive.

root@kali:~# wget -q -O twrp-recovery.img http://techerrata.com/file/twrp2/deb/openrecovery-twrp-2.8.0.1-deb.img
root@kali:~# wget -q -O cf-auto-root.zip http://download.chainfire.eu/361/CF-Root1/CF-Auto-Root-deb-razorg-nexus7.zip?retrieve_file=1
root@kali:~# unzip cf-auto-root.zip

With everything in place, we can now proceed to unlock the Nexus, install a new recovery, and root the device. First, reboot to the bootloader:

root@kali:~# nexus-adb reboot bootloader

Once the device has booted to the bootloader, we can unlock it with the command below. You will be prompted to confirm the unlock on the Nexus device itself. Use the volume button to select Yes and press the Power button to confirm the unlock.

root@kali:~# nexus-fastboot oem unlock
(bootloader) Unlocking bootloader...
(bootloader) erasing userdata...
(bootloader) erasing userdata done
(bootloader) erasing cache...
(bootloader) erasing cache done
(bootloader) Unlocking bootloader done!
OKAY [ 80.961s]
finished. total time: 80.961s

With the Nexus still in bootloader mode, we can flash the TWRP recovery downloaded previously:

root@kali:~# nexus-fastboot flash recovery openrecovery-twrp-2.8.0.1-deb.img
sending 'recovery' (7878 KB)...
OKAY [  0.673s]
writing 'recovery'...
OKAY [  0.302s]
finished. total time: 0.975s

The final step is to actually root the Nexus by making the ‘root-linux.sh’ script executable and then running it:

root@kali:~# chmod 755 root-linux.sh
root@kali:~# ./root-linux.sh

----- CF-Auto-Root-deb-razorg-nexus7 -----

Please make sure your device is in bootloader/fastboot mode before continuing.

***WARNING*** ALL YOUR DATA *MAY* BE WIPED ! ***WARNING***

We are going to run the OEM UNLOCK command on your device. If your device
was not previously unlocked, this will wipe all your data !

After the unlock, CF-Auto-Root will boot. You should see a big red Android
on your device's screen.

You may need to enter your administrator password to continue.

Press Ctrl+C to cancel !

Press ENTER to continue

... INFOThe bootloader is already unlocked!
OKAY
downloading 'boot.img'... OKAY
booting... OKAY

It may take a minute or so for the red Android to appear. If it doesn't show up
at all, there may be a problem.

Press ENTER to continue

After your Nexus reboots, re-enable developer mode as shown above in order to proceed.

Install BusyBox Free Stephen (Stericson)

The first application to install once rooted is Busybox Free (Stephen Sericson). The NetHunter image will fail to function without a proper installation of this app. Once downloaded from the App store, open up BusyBox and grant it root privileges. Wait until the “gathering information” stage completes, and press “install”. Exit the Busybox app.

Install the TWRP Boot Manager Application

To ease the process of booting your Nexus into fastboot and recovery mode (normally done by powering down the Nexus, then booting it by pressing both the power button and volume down), we can install the TWRP boot manager application through the Google play store. This will allow us to boot into recovery mode with a single press of the touchscreen. Your Nexus device is now successfully unlocked and rooted,

Unlocking and Rooting Your Nexus Under Windows

CREDITS: This whole post was lifted from nethunter.com (a.k.a. Kali NetHunter)

On a Windows machine, download and install the Nexus Root Toolkit, which can be found at http://www.wugfresh.com/nrt/.
Ensure the model type is set correctly for your device. You can find your build number by going to Settings, “About Phone/Tablet” and then scroll to the bottom.

In the NRT app, click on the “Full driver installation guide” button, and read steps 1-3. Click on the Step 3 tab, then download and install Windows drivers for your Nexus device. The “Google drivers” worked for us. Click on Step 4 and confirm the drivers were installed successfully. This process will reboot your Nexus as part of the check.
Once the check completes successfully, proceed to click the “Unlock” button on the Nexus Root Toolkit interface, to unlock your boot loader. Again, be aware this will completely wipe your device. Ensure you have backups of your data as needed. Follow the Nexus Toolkit prompts carefully. On the next boot, you should see an open padlock together with the Google logo.

Rooting Your Nexus Device

Once unlocked, you can now proceed to root your device and install a custom recovery using the Nexus Root Toolkit. To begin the rooting process, follow these steps:

As the device has been wiped, you must re-do the process of Enabling Developer mode and Disabling Storage MTP instructions from previous. You will need to accept the computer RSA fingerprint once again.
Still in the Nexus Root Toolkit, click the Root button, ensuring the Custom Recovery checkbox is checked.

Once the device has rebooted, and the rooting process complete, we need to install some core Android Applications for the NetHunter image to work properly.

Install BusyBox Free Stephen (Stericson)

Install the TWRP Boot Manager Application

To ease the process of booting your Nexus into fastboot and recovery mode (normally done by powering down the Nexus, then booting it by pressing both the power button and volume down), we can install the TWRP boot manager application through the Google play store. This will allow us to boot into recovery mode with a single press of the touchscreen.

Now your Nexus device is successfully unlocked and rooted.

Nexus 7 (2012) Multi-boot with Kali NetHunter

09/26/2014 - NOTE: Kali NetHunter was just released a few days ago. As of this time, I'm working on adding the NetHunter as another boot option for the Pwn Pad, therefore triple booting the poor Nexus 7 (2012) with 16GB (no expansion slots).
Current ROMS:
1. internal (stock Nexus 7) - operational
2. Pwn Pad - operational
3. Kali NetHunter - currently broken (would not boot)
=========Stay Tuned=========

2014-09-14

KALI: the latest and greatest

When new Kali versions are released, won't it be cool if you didn't have to download and reload your current setup from scratch? Especially when a whole bunch of tool updates, a new kernel, and some cool new features are available.

Well, just run the commands below from your preferred terminal emulation, and you can update to the latest and greatest using these simple commands:

apt-get update

apt-get dist-upgrade

# If you've just updated your kernel, then:

reboot