OKAY SO
I present to you: Kali NetHunter 3.15.4 for the OnePlus 3 and OnePlus 3T
If you don't know what Kali NetHunter is, well, it's the entire Kali Linux operating system in a chroot on your phone, plus a bunch of awesome apps for executing exploits, fixing things, doing cool things. It goes on, I suppose.
I'm gonna be honest guys, I'm not a security person. When it comes to security, I'm more of a Paul Blart.
What I do know though, is that there is apt-get, and apt-get is life.
Find much more information here: https://github.com/offensive-security/kali-nethunter/wiki
The answer to all your questions, generally the answer is YES, IT CAN DO THAT.
Most ROMs should be supported, as our installer uses a dynamic patching method on your current boot image!
The NetHunter installer zip will add a few files to your /system partition, and install all of the NetHunter apps to your /data partition.
The chroot is located in /data/local/nhsystem, so you don't have to worry about your system partition being full. It's full read/write capable.
Understand that the zip will replace your current kernel with a completely different one.
This is necessary because most stock or custom kernels don't provide the drivers needed to operate most of Kali NetHunter's features.
NetHunter also includes its own Busybox that gives you full large file support and some extra applets.
It will not overwrite your current one, and will happily install alongside it as busybox_nh.
DOWNLOAD
Current version: 3.15.4 (stable, 2017-02-02)
Please be careful to download the right version based on this table:
OnePlus 3: kernel-nethunter-oneplus3-nougat
OnePlus 3T: kernel-nethunter-oneplus3-nougat
All others be sad.
For the apps, chroot, and everything other than just the kernel, you will also need to download:
nethunter-generic-arm64-*
See installation instructions before proceeding!
Downloads are available at the official NetHunter build server: http://build.nethunter.com/nightly/
BEFORE INSTALLING
IMPORTANT: The Kali NetHunter installer requires write access to your data partition!
You should back everything up first before installing Kali NetHunter.
The Kali chroot and apps are installed on your data partition (in /data/local/nhsystem for chroot). To initialize the chroot and install Kali Linux, you need to start the Kali NetHunter app.
The generic NetHunter installer will automatically install SuperSU. We try to keep it up to date, but it isn't always.
If you already have SuperSU or another root method installed, please simply delete the supersu.zip from the root of the zip file before installing it.
** If modifying the installer zip, you will have to disable ZIP signature verification as modifications will break it.
It's recommended that you restore or flash your ROM's original kernel before installing NetHunter.
FULL INSTALLATION STEPS
Install Team Win Recovery Project to your recovery partition.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Recommended: If you have a custom kernel or SuperSU installed, restore your stock kernel. (called Boot in TWRP)
This isn't entirely necessary, but you may need to flash the NetHunter kernel again if SuperSU replaces it.
For new installations: Download the nethunter-generic-arm64-kalifs zip.
For upgrades: Download the update-nethunter-generic-arm64 zip.
Without exiting TWRP, transfer the NetHunter generic arm64 installer zip to your device over MTP* and flash it using [Install] in TWRP.
Download the kernel-nethunter zip specific to your device.
Without exiting TWRP, transfer the NetHunter kernel installer zip to your device over MTP* and flash it using [Install] in TWRP.
Go to [Reboot] -> [System].
Wait 2-5 minutes for your device to finish setting itself up.
Open the NetHunter app to initialize the environment
You're done!
* MTP, known as Media Transfer Protocol, is the same way you transfer files from your PC to your device when booted into system.
UPDATING TO A NEWER BUILD OR UPDATING YOUR ROM
Follow the installation steps above. NetHunter can be installed over itself as many times as you'd like.
If you don't want to lose your chroot, flash the smaller update-nethunter-generic-arm64 zip instead.
DEVICE RECOMMENDATIONS
The OnePlus 3/3T internal wireless does not support monitor mode. This means you'll need to use an OTG adapter and a wireless card that does.
I highly recommend these two items:
Alfa Networks AWUS036NEH: https://smile.amazon.com/802-11g-Wireless-Long-Rang-Network-Adapter/dp/B0035GWTKK/
iXCC USB Type-C to Type-A OTG adapter: https://smile.amazon.com/iXCC-Adapter-Charge-Supported-Devices/dp/B017TJN22C/
* I am not affiliated with these sellers
The AWUS036NEH is the most tested and stable adapter available, and also comes in a very convenient portable form factor allowing antenna swaps for greater scanning ranges.
The iXCC USB adapter is compliant with USB Type-C specifications and provides up to USB 3.1 Gen 2 compatibility. It's also well built.
I don't recommend using smaller OTG adapters - they can break your ports if you accidentally put too much pressure on them or your phone falls with them plugged in.
THE KERNEL
The NetHunter kernel for the OnePlus 3 & 3T is based on OnePlus's OxygenOS 4.0.2 GitHub kernel sources.
It has the following changes:
Rebased on top of CodeAurora msm-3.18 for msm8996 7.0 tag: LA.UM.5.5.r1-02500-8x96.0 (2017-01-22)
Updated to the latest Linux mainline stable - 3.18.47
SELinux Permissive (required for DriveDroid until I fix policy injection rules, it will pretend to be Enforcing)
Tuxera exFAT drivers replaced with Samsung's latest open-source exFAT drivers
Enabled USB (OTG) Atheros, Ralink, and Realtek WiFi drivers
FIOPS IO scheduler as default IO scheduler, SIO available
DriveDroid compatibility
USB HID Gadget keyboard & mouse support
mac80211 packet injection support
savoca's KCAL color calibration driver built in
Additional drivers built in for the full Kali NetHunter experience
Data partition encryption optional
Kernel module support, insert your own modules! (modprobe available in Kali chroot)
CIFS, NFS, USB serial available through included kernel modules
VerifiedBoot=green status hack to pass SafetyNet (may not work with SuperSU, remove SuperSU from the installer if this is important!)
RAN INTO AN ISSUE OR BUG?
In order for me to help you, you have to at minimum reply with:
The link to the exact zip you downloaded
Your device model
The name of the ROM you're flashing it on
The version and build date of the ROM you're flashing it on
A complete description of your problem
If your issue is with a specific app, it might be better to contact the developer of that app.
For Kali NetHunter bugs/issues, you can open a ticket at: https://github.com/offensive-security/kali-nethunter/issues
If your issue is during the installation (ex. flashing the NetHunter zip), then please collect a TWRP recovery.log for me.
If you found a problem and were able to fix it, and no one's mentioned it in the thread already, it would be kind to state the issue and your fix for others to make use of as well.
You can join me and the other NetHunter developers on IRC at the #nethunter room on freenode to more handily diagnose problems together.
I apologize, but I can't do house calls at this time.
KNOWN ISSUES
USB Keyboard - The keyboard is unusable when using Google Keyboard as your input method. Switch to Hacker's Keyboard.
DEVELOPMENT & CONTRIBUTIONS
You can see the main branch of NetHunter's development on the Offensive Security GitHub: https://github.com/offensive-security/kali-nethunter
Kali NetHunter Official device updates: https://github.com/offensive-security/nethunter-devices/commits
OnePlus 3T NetHunter kernel source: https://github.com/jcadduono/android_kernel_oneplus_msm8996/commits/nethunter-7.0
If you wish to donate to the NetHunter project, you can donate directly to me through the Donate button under my name.
This will generally go towards supporting my next flagship device purchase, which will receive NetHunter and TWRP support from myself.
You can also use "Basenji Rescue and Transport" as your Amazon Smile charity and that will make me really happy!
(in my avatar, if you see a dog, that's a Basenji!)
SCREENSHOTS
DISCLAIMER
I am not affiliated with Offensive Security. They seem like cool guys though.
I'm not even a novice when it comes to security and penetration. I'm just a simple system administrator with a passion for breaking Android.
Please restrain yourselves from asking me security related questions.
XDA:DevDB Information
Kali NetHunter for the OnePlus 3 & 3T, Kernel for the OnePlus 3T
Contributors
jcadduono, The Kali NetHunter team
Source Code: https://github.com/offensive-security/kali-nethunter
Kernel Special Features:
Version Information
Status: Stable
Current Stable Version: 3.15.4
Stable Release Date: 2017-02-02
Created 2016-11-27
Last Updated 2017-02-03
That's pretty cool, but I guess for me if I need it, I usually grab a laptop for it. IMO, this is not for most people. Seriously, if you have more tools to do a bunch of pen-test stuff on your phone, the very same phone that you use for other daily routine stuff, it also means those daily routine daily apps could have access to your pen-test tools also. It's like having a bunch of lock picking tools available in your garage when a thief trying break in to your house.
someone0 said:
That's pretty cool, but I guess for me if I need it, I usually grab a laptop for it. IMO, this is not for most people. Seriously, if you have more tools to do a bunch of pen-test stuff on your phone, the very same phone that you use for other daily routine stuff, it also means those daily routine daily apps could have access to your pen-test tools also. It's like having a bunch of lock picking tools available in your garage when a thief trying break in to your house.
Click to expand...
Click to collapse
On the plus side, the lock picking tools in the garage are locked in a safe (SuperSU permission requests), so those thieves can't access them unless they hold a gun to you and say "open the damn safe! ... in 3...2...1...accept supersu request!"
Anyway this could be ported over to oneplus 3??
aadityarulez said:
Anyway this could be ported over to oneplus 3??
Click to expand...
Click to collapse
Umm.. what are you talking about? The OP3 already has Kali nethunter. The kernel download is in the OP's link.
@jcadduono wanted to confirm whether this was the right zip to download. Used nethunter on OP2 before and it didn't have a separate generic zip and a kernel zip.
https://build.nethunter.com/nightly...-kalifs-full-rolling-3.15.3-20161126-1805.zip
knpk13 said:
Umm.. what are you talking about? The OP3 already has Kali nethunter. The kernel download is in the OP's link.
@jcadduono wanted to confirm whether this was the right zip to download. Used nethunter on OP2 before and it didn't have a separate generic zip and a kernel zip.
https://build.nethunter.com/nightly...-kalifs-full-rolling-3.15.3-20161126-1805.zip
Click to expand...
Click to collapse
Yes and we don't have the storage to make 800 MB files for every device every day.
knpk13 said:
Umm.. what are you talking about? The OP3 already has Kali nethunter. The kernel download is in the OP's link.
@jcadduono wanted to confirm whether this was the right zip to download. Used nethunter on OP2 before and it didn't have a separate generic zip and a kernel zip.
https://build.nethunter.com/nightly...-kalifs-full-rolling-3.15.3-20161126-1805.zip
Click to expand...
Click to collapse
really? i couldn't find the links to it.
aadityarulez said:
really? i couldn't find the links to it.
Click to expand...
Click to collapse
https://build.nethunter.com/nightly...oneplus3-marshmallow-3.15.3-20161126-1805.zip
Here.
I'd suggest you continue this in the Kali nethunter thread for OP3.
Thanks @jcadduono!! Looking forward to this ****!
So I'm trying to understand this. Many Qualcomm SoC do not support Monitor mode. Now I know Qualcomm used to use the name Qualcomm Atheros (which had open sourced drivers), so are SoCs not under the same umbrella? If that's true then are the sources for the Qualcomm SoC wifi driver not available? If they are then why can't we take and add monitor mode to the source and build it (like you used to have to do for many drivers to do aircrack)?
This might be a stupid question but am I able to get OTAs when I have NetHunter installed? And if yes do I have to reinstall it every time I get an OTA?
I am just curious because I never ever flashed a custom kernel till now. And thats what I am basically doing here right? Flashing a custom kernel + the NetHunter packge.
Regards
Boind
boind said:
This might be a stupid question but am I able to get OTAs when I have NetHunter installed? And if yes do I have to reinstall it every time I get an OTA?
I am just curious because I never ever flashed a custom kernel till now. And thats what I am basically doing here right? Flashing a custom kernel + the NetHunter packge.
Regards
Boind
Click to expand...
Click to collapse
Most devices you probably can't take OTA's. But I'm pretty sure for this device, that if it's detected that you're rooted or system modified or stuff, it downloads the entire ROM zip instead of just the OTA so you can upgrade manually. Kali is not just a custom kernel , you'll probably have to reinstall it when you update, AFAIK.
knpk13 said:
Most devices you probably can't take OTA's. But I'm pretty sure for this device, that if it's detected that you're rooted or system modified or stuff, it downloads the entire ROM zip instead of just the OTA so you can upgrade manually. Kali is not just a custom kernel , you'll probably have to reinstall it when you update, AFAIK.
Click to expand...
Click to collapse
So I am probally good to go, as far as reflash NetHunter every time I get an OTA?
BTW will NetHunter still work when Nougat gets rolled out in december?
knpk13 said:
Most devices you probably can't take OTA's. But I'm pretty sure for this device, that if it's detected that you're rooted or system modified or stuff, it downloads the entire ROM zip instead of just the OTA so you can upgrade manually. Kali is not just a custom kernel , you'll probably have to reinstall it when you update, AFAIK.
Click to expand...
Click to collapse
You are correct about the OTA'S. It will try the patch first but if it fails it will download the full ROM OTA.
Sent from my OnePlus3T using XDA Labs
How can i go back to the stock kernel? Nethunter kernel is killing my battery .
Hello there. It is possible to change the battery capacity read from the hardware?
I'm sorry if that sounds vague. OP3 owner here. From this video
you can see that one plus 3 batteries are sorta interchangeable. However the capacity is not read correctly. I presume that the OP3T has the correct code for it. I don't want to mess up your thread but if you can contribute it would help existing OP3 owners. (please look up Battery Mod /lens mod thread on One plus 3 forums and reply there.)
thanks
boind said:
So I am probally good to go, as far as reflash NetHunter every time I get an OTA?
BTW will NetHunter still work when Nougat gets rolled out in december?
Click to expand...
Click to collapse
yeah you'll get the full OTAs instead of update OTAs tho like above people said. you already have the rootfs on data partition, so you only need to flash kernel-nethunter-oneplus3t and update-nethunter zips. you might also need to flash supersu again, or you can use another root like phh superuser.
when oneplus releases nougat kernel sources i will support nougat. it will not work with the marshmallow kernel.
update: 3.5.3 sources are out! updating!
https://build.nethunter.com/nightly/3.15.3-20161201-1343/
this kernel is updated for 3.5.3 touchscreen changes (a lot of changes) and also updated to CAF tag LA.HB.1.3.2-33100-8x96.0 (more touchscreen and wifi fixes)
Hello, I installed the latest zips as of 12/01/2016
You mentioned in the OP;
"I highly recommend these two items:
Alfa Networks AWUS036NEH: https://smile.amazon.com/802-11g-Wir...dp/B0035GWTKK/
iXCC USB Type-C to Type-A OTG adapter: https://smile.amazon.com/iXCC-Adapte...dp/B017TJN22C/
* I am not affiliated with these sellers"
I already had the iXCC USB-OTG cable but I have the TL-WN722N wifi card. Do I need a different USB-OTG cable (the Y version)?? The TL-WN722N wifi card will not power on so I wasn't sure if it is a power issue or if I need to configure this somehow?
Any help is appreciated! Thanks!!
MrGimpGrumble said:
Hello, I installed the latest zips as of 12/01/2016
You mentioned in the OP;
"I highly recommend these two items:
Alfa Networks AWUS036NEH: https://smile.amazon.com/802-11g-Wir...dp/B0035GWTKK/
iXCC USB Type-C to Type-A OTG adapter: https://smile.amazon.com/iXCC-Adapte...dp/B017TJN22C/
* I am not affiliated with these sellers"
I already had the iXCC USB-OTG cable but I have the TL-WN722N wifi card. Do I need a different USB-OTG cable (the Y version)?? The TL-WN722N wifi card will not power on so I wasn't sure if it is a power issue or if I need to configure this somehow?
Any help is appreciated! Thanks!!
Click to expand...
Click to collapse
cards don't turn on until you turn them on
ip link set wlan1 up
will turn it on (in whatever mode its currently in)
but most people want monitor mode, theres a monitor mode power on command in the nethunter app
jcadduono said:
cards don't turn on until you turn them on
ip link set wlan1 up
will turn it on (in whatever mode its currently in)
but most people want monitor mode, theres a monitor mode power on command in the nethunter app
Click to expand...
Click to collapse
Thanks! Although the wifi adapter doesn't light up to show its on... Will this happen after I use that command?
Related
What is Kali NetHunter?If you don't know what NetHunter is read this: https://www.kali.org/kali-linux-nethunter/
Q: Why don't I flash the original nethunter version by keeping my current kernel?
A: To get Nethunter fully work you need a kernel that supports its features, such as put a wireless adapter in monitor mode or perform a HID Keyboard attack
Special Patches included in this kernel:
mac80211 injection patch, to put wireless adapters in monitor mode; note that built-in wireless chipset doesn't support monitor mode and you have to use external wireless adapter (see supported wireless cards here)
HID patch, to perform HID keyboard attacks
CD-ROM patch, to emulate CD-ROMs in DriveDroid
Warning!!!:
This version is not tested by me (since I don't have a hono 5x ) but it's tested by another user that told me it works, so, if it doesn't blame him not me
Disclaimer:
Code:
I'm not responsable for bricked devices :( , dead phone chargers,
nuclear explosions or global warming.
Flash it at YOUR OWN RISK.
Required Downloads:
Download any CM based ROM
Download any custom recovery (like twrp)
Download my Nethunter "ROM" here: https://androidfilehost.com/?w=files&flid=118871 All future updates will be in that folder
How to Install (CM/RR):
Note: When you flash my zips, don't check "zip signature verification" box in TWRP recovery
1) Install TWRP
2) Enter in TWRP recovery
3) Flash any CM based (like cm, rr, aicp...) ROM
4) Optional: flash Google Apps after flashed a cm based recovery
5) Flash NetHunter zip
7) Reboot
8) Open Nethunter app and go to menu<chroot manager<install chroot and download the full chroot, for devices which have more storage available, or minimal chroot, for devices which have less space available
9) Close NetHunter app and reopen it to complete the installation
10) Enjoy
Important: I called NetHunter "ROM", but it isn't a ROM, so, you don't have to wipe system partition.
Note: report only bugs related to NetHunter and not to cm based roms
Kernel Source Code:
https://github.com/DeadSquirrel01/android_kernel_huawei_kiwi branch cm-13.0
Now you can build it by youself on official HetHunter source page
You Need this https://github.com/offensive-security/kali-NetHunter
and this https://github.com/offensive-security/nethunter-devices (branch experimental for now )
For Any questions contact me at: [email protected]
Credits: @jcadduono, binkybear and offensive security team for NetHunter source code
XDA:DevDB Information
[MOD] Kali NetHunter for Honor 5x, Kernel for the Honor 5X
Contributors
DeadSquirrel01
Kernel Special Features: mac80211 Packet Injection Patch, HID gadget USB/Mouse Patch, CD-ROM Patch for emulate CD-ROMS in DriveDroid
Version Information
Status: Beta
Current Beta Version: 1.0
Beta Release Date: 2016-10-01
Created 2016-10-01
Last Updated 2016-10-01
already using it NYC work
Will someone explain what this does?? I tried the link but couldn't get much out of it.... Thnx
Sent from my KIW-L21 using Tapatalk
Faheemarif252 said:
Will someone explain what this does?? I tried the link but couldn't get much out of it.... Thnx
Click to expand...
Click to collapse
Well, Mate its actually used for pentesting or penetration testing of wifi or wireless networks... google it for detail information.
mumith3 said:
Well, Mate its actually used for pentesting or penetration testing of wifi or wireless networks... google it for detail information.
Click to expand...
Click to collapse
Yep, it's for pentesting
it is a amazing kernel, wow.
kaankulahli said:
it is a amazing kernel, wow.
Click to expand...
Click to collapse
I know
Gonna try it
Kali Linux on Honor 5X! This is amazing!
Downloaded and flashed on KIW-L22 - On Tipsy OS - AOSP and AOKP (CM Based) - Initial boot took a while longer than normal, got a boot loop first, but it came back up after cache/dalvik wipe
Kali chroot manager stuck in "Checking" even after 10 minutes though
Edit: Lost root on installing this and didn't notice it, and busybox too.....reinstalling SuperSU through TWRP is not bringing it back root access either, so cannot install busybox too......nethunter app returned an error for not getting root access and no busybox installation!
PS: In love with the boot animation!!
nandakalyan said:
Downloaded and flashed on KIW-L22 - Kali chroot manager stuck in "Checking" even after 10 minutes though
1. On Tipsy OS - AOSP - working fine! Initial boot took a while longer than normal, got a boot loop first, but it came back up after cache/dalvik wipe
2. On AOKP (CM based) - Flash and wipe cache/dlavik, took a while longer but booted up normally, but I guess it will settle
Still trying to figure out how and what to use it for but just wanted to report back that the flashing process went well!!
PS: In love with the boot animation!!
Click to expand...
Click to collapse
mmm, stucking in checking it's very strange. Maybe compile a full zip here https://github.com/offensive-security/kali-nethunter (you have to clone
https://github.com/offensive-security/nethunter-devices, too (branch experimental) then for build with full chroot, just type:
$ python build.py -d kiwi --marshmallow --release v1.0 --rootfs-full
Anyway i will upload the zip with full chroot once i finish my cm14 port for a5
DeadSquirrel01 said:
mmm, stucking in checking it's very strange. Maybe compile a full zip here https://github.com/offensive-security/kali-nethunter (you have to clone
https://github.com/offensive-security/nethunter-devices, too (branch experimental) then for build with full chroot, just type:
$ python build.py -d kiwi --marshmallow --release v1.0 --rootfs-full
Anyway i will upload the zip with full chroot once i finish my cm14 port for a5
Click to expand...
Click to collapse
Thanks man, I wish I knew enough to compile and run things on github just edited by previous post.....it seems it got stuck because of no root access and busybox missing. Lemme know if i can test things out for you, glad to be of any help that way!
---------- Post added at 07:52 PM ---------- Previous post was at 07:12 PM ----------
OK, just figured it was me being a bit duh on the whole thing! I just reinstalled the whole ROM, and flashed this again. Installed SuperSU from playstore (it went missing after installing this) and things are back to normal.....now downloading full chroot! Hurray!
[/COLOR]OK, just figured it was me being a bit duh on the whole thing! I just reinstalled the whole ROM, and flashed this again. Installed SuperSU from playstore (it went missing after installing this) and things are back to normal.....now downloading full chroot! Hurray![/QUOTE]
Strange, the zip should include SuperSU
Hi,
where can I find the full chroot file (~ 750Mo), I want to download it manually
+
Why "wifite" does not recognize my hama adapter with Ralink RT2500 chipset?!
It is identified but when I choose the interface, it still returns the menu of choice
thanks for your help
panther2005 said:
Hi,
where can I find the full chroot file (~ 750Mo), I want to download it manually
+
Why "wifite" does not recognize my hama adapter with Ralink RT2500 chipset?!
It is identified but when I choose the interface, it still returns the menu of choice
thanks for your help
Click to expand...
Click to collapse
You can download chroot here:
https://build.nethunter.com/kalifs/
Regarding your adapter, read this: https://github.com/offensive-security/kali-nethunter/wiki/Wireless-Cards
Unlucky, your adapter does not support nethunter
DeadSquirrel01 said:
You can download chroot here:
https://build.nethunter.com/kalifs/
Regarding your adapter, read this: https://github.com/offensive-security/kali-nethunter/wiki/Wireless-Cards
Unlucky, your adapter does not support nethunter
Click to expand...
Click to collapse
Thanks bro
I even tried the alfa rtl8187l chipset without any result,
The problem is the low current for the adapter from the phone,
The usb hub with an external power supply maybe solves the problem, but it is not practical for a displacement
thanks again DeadSquirrel01
Sent from my KIW-L21 using XDA-Developers mobile app
panther2005 said:
Thanks bro
I even tried the alfa rtl8187l chipset without any result,
The problem is the low current for the adapter from the phone,
The usb hub with an external power supply maybe solves the problem, but it is not practical for a displacement
thanks again DeadSquirrel01
Sent from my KIW-L21 using XDA-Developers mobile app
Click to expand...
Click to collapse
For this i dunno, i'm not an elctronic expert ^^
DeadSquirrel01 said:
For this i dunno, i'm not an elctronic expert ^^
Click to expand...
Click to collapse
I must choose
kalifs-armhf-full.log
kalifs-armhf-full.sha512sum
kalifs-armhf-full.tar.xz
for KIW-L21?
panther2005 said:
I must choose
kalifs-armhf-full.log
kalifs-armhf-full.sha512sum
kalifs-armhf-full.tar.xz
for KIW-L21?
Click to expand...
Click to collapse
The .tar.xz one
Hey all,
so i flashed the nethunter zip with no hiccups.
However, now my wifi wont connect.
Does anyone know what might be the problem?
So first of all, here's the disclaimer: I know NOTHING about building stuff, and I have a VERY slow network to even sync the sources required to make it on my own (I live off of 90KB/s)
For the past 2 days I've been banging my head into the wall trying to figure out a way to get my TP-LINK TL-WN321G to work on OOS or CM or a chrooted Kali Linux. Apparently some modules need to be configured into the OnePlus 3 kernel in order for the rt2501/rt2573 to be recognized by the device via USB OTG.
So the humble request is as follows: Is there ANYONE nice enough to actually sync a kernel source (OOS or CM13) and modify the kernel to support the modules necessary for all of this to work? If I can make a chrooted kali linux along with a working wifi adapter that supports monitor mode, I can practically ace my Senior Project.
Thank you!
ATTENTION!
Code:
[COLOR="red"]!!! I AM NOT RESPONSIBLE FOR ANY POSSIBLE DAMAGE DONE TO YOUR DEVICE AS A RESULT OF FLASHING AND I AM NOT RESPONSIBLE FOR ANY BRICKED PHONES OR LOST DATA! FLASH AT OWN RISK !!![/COLOR]
Introduction
This ROM was created for personal use. It was compiled from last sources with some personal changes and bug fixes. It's based on Lord Boeffla's kernel for LineageOS 15.1 ROM with all Kali NetHunter features included. Unfortunately Lord Boeffla stopped developing for Android so it's possibly the last available kernel from him. This ROM was tested on OnePlus 3T LineageOS 15.1 clean installed ROM with NanoDroid microG and MagiskSU.
Click to expand...
Click to collapse
Features
based on boeffla kernel with config app features support
mac80211 packet injection
usb hid
SYSTEM V support for PostgreSQL & msfconsole functionality
usb bluetooth
usb dongle modem support
modprobe support
built-in drivers for Ralink RT3070I & RTL8192CU chipsets
usb dvb- & radio-receivers support
NetHunter app with last changes & fixes
drive droid v.1.38 (older version) with cd-rom & usb-rw support
binkybear-terminal with notification bar support
other NetHunter's features
Installation instructions
Boot to TWRP recovery.
Flash the nethunter-oneplus3T-los-oreo-kalifs-full.zip
Reboot to system.
Run NetHunter App and apply all requirements & give it root privileges.
Launch DB Feed in SearchSploit section to initialize the exploits db.
Launch Android Terminal & give it root privileges.
Run 'apt update && apt dist-upgrade -y' command to get the latest updates.
Launch other apps to set them up.
Special installation instructions
There are some "issues" I've discovered during the compiling and installation. I don't know if they are general or just specific one and depends on using NanoDroid microG and MagiskSU. But as it is.
1. All apps removes from /data/app/ after ROM installation complete and I have to manually install them to make everything works. So I've attached all apps in the Download section if anybody will face the same issue.
P.S. This issue was fixed in last commits from kali-nethunter git. So I've recompiled it from sources and added to nethunter installer. But haven't tested.
2. After the first clean installation of NetHunter with built in kernel Boeffla Config App can't sometimes to initialize the kernel. In this case you should boot to TWRP recovery and flash standalone kernel's zip. After that everything should work's great.
Downloads
Downloads:
NetHunter Full ROM Installer
NetHunter's Apps
Boeffla-LOS-15.1-NH-Kernel
Sources:
kali-nethunter
nethunter-devices
nethunter-app
boeffla-kernel-los-nethunter-oneplus3T
Thanks to/Credits
Code:
[URL="https://www.boeffla.de/"]Lord Boeffla[/URL]
[URL="https://www.offensive-security.com/"]Offensive Security[/URL]
[URL="https://lineageos.org/"]LineageOS[/URL]
[URL="https://github.com/binkybear"]BinkyBear[/URL]
[URL="https://github.com/pelya"]pelya[/URL]
[URL="https://github.com/Re4son"]Re4son[/URL]
[URL="https://github.com/kimocoder"]kimocoder[/URL]
XDA:DevDB Information
OnePlus3T LineageOS 15.1 NetHunter, ROM for the OnePlus 3T
Contributors
flypatriot
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 3.x
ROM Firmware Required: LineageOS 15.1
Version Information
Status: Testing
Created 2019-04-05
Last Updated 2019-04-11
Reserved
Changes at 2019.04.05:
Replaced NetHunter App with last build from Re4son.
Removed modprobe_fix script and how-to-use-it section from installation guide. We don't need it anymore (all thank's to Re4son).
Rebuild NetHunter installer with new App.
Changes at 2019.04.11:
Fixed bluetooth doesn't power on issue.
Added new compiled chroot with last fixes and updates.
Fixed issue with app's installation in android oreo.
thanks for share :good:
Does the monitor mode work without an external antenna?
jorge705 said:
thanks for share :good:
Does the monitor mode work without an external antenna?
Click to expand...
Click to collapse
No. I was searching a lot of time for custom firmware with monitor mode and packet injection support for QCA6174 model but there is nothing at the moment. So you should use external adapters from recommendation list in official Kali wiki.
It would be pretty neat, if the rom would run on the Oneplus 3 as well... :x
UsPdSr said:
It would be pretty neat, if the rom would run on the Oneplus 3 as well... :x
Click to expand...
Click to collapse
I was thinking about 3 model in the beginning of developing but the thing is I can't publish untested roms. And I don't have a OnePlus 3 model to test everything by myself. But if you want I can compile it just for you. But I can't give you any guarantees.
It would be greatly appreciated if you could compile it for op3 pie, thanks anyway:good:
DoN LoUhI said:
It would be greatly appreciated if you could compile it for op3 pie, thanks anyway:good:
Click to expand...
Click to collapse
You can check Havoc based kernel published here https://forum.xda-developers.com/on...nel-kali-nethunter-oneplus-3t-t3507816/page27 (see last comments from MrM0NS73R).
flypatriot said:
You can check Havoc based kernel published here https://forum.xda-developers.com/on...nel-kali-nethunter-oneplus-3t-t3507816/page27 (see last comments from MrM0NS73R).
Click to expand...
Click to collapse
Thanks man, I would hope finding one for stock oos pie. any suggestions ?!
DoN LoUhI said:
Thanks man, I would hope finding one for stock oos pie. any suggestions ?!
Click to expand...
Click to collapse
Take a look to ZaneZam's threads. I'm sure he's already made some builds. I've been using his kernels earlier and they were really great.
flypatriot said:
I was thinking about 3 model in the beginning of developing but the thing is I can't publish untested roms. And I don't have a OnePlus 3 model to test everything by myself. But if you want I can compile it just for you. But I can't give you any guarantees.
Click to expand...
Click to collapse
I would gladly be the tester if you don't mind the additional work.
We could talk this over Pm or another messaging app if you prefer.
Also congrats to the the successful implementation of your work in the Nethunter repository!
it is compatible with my RTL8188EU ?
flypatriot said:
Take a look to ZaneZam's threads. I'm sure he's already made some builds. I've been using his kernels earlier and they were really great.
Click to expand...
Click to collapse
That great man, I've been using his kernel too on oos Oreo and it was awesome. I hope he would make a build for stock pie as well.
[TWRP]
Failed to install Kali Nethunter!
Updater process ended with ERROR: 1
why?
net hunter
What OS/Kernel/packages combo is neded to get it to work on the 1+3T ?
You have to to make sure you magisks is working or super su before you flash the kalinethuner zip. i had the same problem
i got kalinethunter running with chroot installed but i dont have the nethunter terminal anyone else got a fix for this ?
Can i Flash Nethunter Kernal for OnePlus 3T nougat to OnePlus 3T Android pie? if no then how to get Nethunter kernal for OnePlus 3T Android 9 pie ?
please explain
without any rom installed this Nethunter Rom is not being install, while Having Havoc 2.xx installed this rom is got installed but issues.
is it important to install this rom over other Rom?
is it compatable with Havoc 2.6?
flypatriot said:
No. I was searching a lot of time for custom firmware with monitor mode and packet injection support for QCA6174 model but there is nothing at the moment. So you should use external adapters from recommendation list in official Kali wiki.
Click to expand...
Click to collapse
can you try this tutorial? pls :crying:
https://github.com/The-Cracker-Tech...ki/How-to-enable-monitor-mode-in-all-devices?
DoN LoUhI said:
Thanks man, I would hope finding one for stock oos pie. any suggestions ?!
Click to expand...
Click to collapse
flypatriot said:
Take a look to ZaneZam's threads. I'm sure he's already made some builds. I've been using his kernels earlier and they were really great.
Click to expand...
Click to collapse
See the last post in this thread.. it's stock 9.0.3 kernel with WiFi adapter drivers and other nethunter features.
https://forum.xda-developers.com/oneplus-3/development/kernel-coconut-kernel-oos-oreo5-x-x-t3902040
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
brought to you by the
Code:
/*
* I'm not responsible for bricked devices, dead SD cards, thermonuclear war, or you getting fired because the alarm app failed (like it did for me...).
* Please do some research if you have any concerns about features included in the products you find here before flashing it!
* YOU are choosing to make these modifications, and if you point the finger at me for messing up your device, I will laugh at you.
* Your warranty will be void if you tamper with any part of your device / software.
* Same statement for XDA.
*/
About /e/
/e/ is not just another ROM - it is a mobile ecosystem (ROM + online services) that:
is open source
is pro-privacy
is compatible with most existing Android applications
cares about usability
is as far as possible freed from shackles by Google and OEMs
already exists!
It’s the alternative to the Apple/Google duopoly on the smartphone.
... so again and just to be clear: /e/ is not just a ROM, it is more a complete privacy ecosystem and consists of:
an installable mobile operating system for smartphones, which is forked from Android and strongly “ungoogled”
a set of sorted and improved default open source applications
various online services that are linked to the mobile operating system, such as: a meta search engine for the web, drive (with synchronization), mail, calendar, notes, tasks.
Features
Based on the stable Lineage OS
microG fully pre-installed with Signature Spoofing in restricted mode!
All features described on the /e/ page: What is e
All features and fixes of LineageOS
My builds are all signed with a custom private key for best trust. This also means you have to factory reset when coming from another ROM!
My builds come with full OTA update support
... you know that thing which informs you that a new update is there and where you just click to download + install
You can LOCK YOUR BOOTLOADER - if you like
Build variants (UNOFFICIAL, CUSTOM)
UNOFFICIAL builds:
full OTA support
no other differences to pure /e/. It is just an unofficial build (if you want to have it official test my builds and report also SUCCESS! this ROM is currently awaiting to get approved by /e/ for official builds)
CUSTOM builds:
2 variants: rooted (magisk) or unrooted
removed: the app "Apps" (see FAQ why)
added: F-Droid, F-Droid priv ext, F-Droid additional repos (disabled by default), AuroraStore, Lawnchair-latest (taken from their TG group), PhoneSky (google play store - patched for microG), Magisk app when choosen the rooted variant
patched with this safetynet patch (this will not bypass safetynet though)
fully patched for AVB / dm-verity support - means you can lock your bootloader! (all builds since 3rd of Sep 2021) - yes even the rooted variant can run on locked bootloader!
SHRP included (accepted by a locked bootloader) - means when you want to use a different recovery you have to flash / re-flash it after flashing / upgrading the ROM. Including this is needed to not brick devices running on locked bootloader.
.. read all the details about locking your bootloader in this post
Known issues:
Keep in mind that this is brand new stuff so it may (still) contain unknown issues!
So back up regularly and frequently!
none known (yet)
If you find a bug not listed let me know and SHARE LOGS! -> READ FAQ#1 for how to provide proper logs.
Requirements
Latest TWRP or SHRP build (while I am testing with SHRP only)
Do a full (i.e. not just TWRP/SHRP - as those do not backup your internal storage) backup before doing anything!
Planning to lock your bootloader? Read this first
Installation
Planning to lock your bootloader?
Read on here
Detailed guide:
follow MSe1969's guide here
Quick guide (assuming you have TWRP/SHRP already):
Full clean install as described here (FAQ #2). DO NOT REPORT ISSUES when you have skipped that step!
Flash /e/
Optional (if you want root): Flash Magisk
Flashing OpenGapps ????? NO No no! you don't want that on a google-free phone! /e/ contains everything you need to live without Google! So flashing OpenGapps on /e/ is like using a bit more secure LOS but that's not the point of /e/. Either try without or go with LOS (imho).
Boot it (will take a bit on first boot!!! be patient!)
Enjoy the most easy way to have a privacy focused and google-free phone!
Download
Get your builds from my leech server (new installs or re-installs)
https://leech.binbash.rocks:8008/e-os/a10/hotdog/ (planning to lock your bootloader? Read this first)
If you have a previous version of my(!) /e/ Q installed already and just want to update to a newer release:
Android settings -> Updater (yes my builds have built-in OTA support!)
Note:
Builds are updated as soon as possible. There is no build cycle.
Information pertaining to your device is displayed accordingly.
The current build is the latest for your device.
Changelogs
Join my Telegram groups (see "Support" topic)
Support
Of course in this thread but also by Telegram. I have created a generic group for all stuff around Android : here
and another one if you want to keep up2date whenever I build something (TWRP, SHRP, LOS, /e/, ...): here
Credits
MSe1969, wth.. you did an AWESOME job
LineageOS (the base of /e/)
The /e/ foundation and all related devs making this experience possible!
and all I forgot (let me know if that's the case ofc) ..
Sources
/e/ : https://gitlab.e.foundation/e
my build manifest
MSe1969's stuff
Frequently Asked Questions (FAQ)
Q #0: For CUSTOM builds only: Why is the /e/ App store not included??? It is GREAT!
Mainly due to security and privacy concerns. Wth? I thought /e/ is secure and privacy focused? Yes it is but.. read on:
First of all the App store itself has no security or privacy issues. It is opensource and I see no issues with the app itself!
... the most important point for a smartphone is the availability of apps. I mean having a secure device which respects your privacy is great but it will have no chance to win when you cannot get easily apps on it.
... and the most dangerous part for a smartphone is installing apps because here is where Malware can easily step in! So whatever you do never install APK files from a website directly unless you can be 100% safe it is trustworthy.
It is all about trust again and when you look in the sources of the /e/ Apps store you find it connects to: cleanapk.org.
/e/ makes that not a secret though as you can read here.
So who is behind that cleanapk.org? Why is /e/ trusting them? While reading through the /e/ forums I found that this page hosts (as far as we know) apps mirrored from apkpure + fdroid.
.. and it's completely unclear who hosts that site and where is behind it. On the other site /e/ (Gael, the founder as well) states clearly they are not in any relation to that site. "They just using their api".
here some facts:
you cannot get the owner by a whois request
They have a info page here which just roughly describes where the apps are coming from and how
There is no detailed privacy statement or even an info if they keep your data GDPR compliant or not
No way for devs to get their apps removed or updated
The /e/ foundation clearly states they have no relationship to that repository of apps but some things are interesting aren't they:
IP's of /e/ and cleanapk are at least nearby
During an ongoing discussion about exactly that topic something took my attention: the welcome notification on api.cleanapk.org was exactly at that time: https://archive.is/U1E0y (I mean.... )
/e/ itself was audited several times by a site named "infosec-handbook" and of course even they find that app store at least "mysterious"
During that mentioned discussion and after pointing Gael to that - the welcome message suddenly changed to what it is today..
The full topic where even Gael is talking (not that friendly) is: here
TL;DR:
/e/ is providing apps (the most used way to get infected by malware) by an API which is at least questionable.
I do not say /e/ is doing questionable things and as said before the /e/ ROM is 100% trustworthy (otherwise I would not do any builds for it) but that cleanapk.org site is truly another story.
An interesting quote of Gael can make one read between the lines (I marked the interesting ones bold and cursive):
Some users have reported that they are using Aurora, [...] (context: we will never integrate this) because it’s infriging the play store terms of services.
For this, we have to use indirect mechanisms, that don’t infrige the play store TOS, and therefore, we are using a service that is not officially part of the /e/ project, and which is called cleanapk.org
On the long run, we other plans with partners, to offer something more transparent, but it’s too soon to talk about this.
Click to expand...
Click to collapse
Of course /e/ needs to ensure that what they are doing is 100% legal and offering an app repository like cleanapk.org is not.
My personal assumption is that /e/ is offering that repo - indirectly so not officially by the e.foundation itself.
A relation between is for sure nothing they want to have public as this would cause legal questions.
So the last question is:
Q: Why do I consider AuroraStore "better" then using cleanapk.org and so removed the /e/ apps store and adding AuroraStore instead?
A: Because I definitively know where the apps are coming from when using Aurora instead of /e/. Not just the app itself is OSS (like the /e/ one) the apps are coming directly from the play store instead of an unknown source.
Q #01: I want to report an issue. What is the proper way to do so?
I'm glad that you are asking: before doing so check the KNOWN ISSUES topic in the OP and ofc the other FAQ's listed here!
if you have an audio issue follow FAQ #6 instead.
Often selinux can cause issues so try that at very first:
Code:
if you have magisk installed:
adb shell
su
setenforce permissive
When " usb debugging root" is enabled in developer settings:
adb root
adb shell
setenforce permissive
Try again and if the issue is gone when in permissive mode: provide me a logcat as described here -> on step 3 I need the SELINUX log (option D)
If your issue is not solved with selinux permissive click here to proceed:
If your issue is not listed there follow the directions here briefly and I may can fix it:
logcat GUIDE
Ensure you have done a full CLEAN install before doing so (refer to FAQ #2 for what that means).
Warning: NO SUPPORT when:
- magisk is installed (known to cause issues sometimes - regardless of the ROM or version)
- Xposed is installed (known to cause issues sometimes - regardless of the ROM or version)
If you have installed any of these UNINSTALL or better do a FULL CLEAN install (see FAQ #2) before doing anything else. Often enough these above causes several issues like battery draining, problems on booting and much more. Even when they may work properly you should re-produce your issue without them first and follow the above to grab the log.
Magisk is a great piece of software and besides that it is Open Source which SuperSu never was.
I just saying I do not "support" issues when you have Magisk installed. Why? It is (like Xposed) extendable with modules (made by whoever) and those can cause billions of issues.
Other then that magisk was sometimes the reason for battery drain etc. Magisk modifies the boot "process" and sits very deep in the system (which is needed to make it work ofc) but that has the potential to make a system/ROM unstable or result in strange behaviors.
so in order to support a specific issue I have to be sure the ROM is in a "clean" state, no magisk, no xposed.
Pro-Tip: a very first test is to set magisk on core functions only to see if an extension causes your issue or not.
Q #02: I want to install clean, how? What is a clean install? What is the recommended way to flash a new ROM version?
A clean install ensures that there are no leftovers from any previous install. One can say that there are 2 phases of a clean flash:
1) regular
2) full - when you (still) encounter issues
Usually the regular one is fully ok when flashing a new ROM version but if you encounter strange issues nobody else is reporting or if a release post is recommending it you should do a full clean install instead.
A regular clean install can be done like this:
WIPE -> Advanced -> select: System + Cache
Flash the ROM
reflash root addon/magisk if you want root
A full clean install needs 2 steps more then the regular:
follow the steps for regular clean
go back in WIPE -> touch the "FORMAT data" button and type "yes" to format the internal storage (you will LOOSE ALL YOUR DATA - obviously)
REBOOT -> Recovery
Flash the ROM
reflash root addon/magisk if you want root
It is absolutely recommended to create a backup before and COPYING IT to your PC(!) before doing the above.
Q #03: Are there any plans or a chance of official /e/ builds?
Yes. With your help! What you can do? Test and report EVEN SUCCESS in this thread.
Q #4: Is there a FAQ specific for /e/?
Sure:
FAQ: click
Forum: click
HOWTOs: click (a great resource for all your first questions)
App alternatives (to replace google variants): click
Q #5: issues with audio (e.g. echo's, silence on one or the other site, ..)? Read here how to provide a specific log for that:
Do the following steps:
1) Ensure you have adb set up on your PC, and have adb debugging and adb root enabled in developer options on your phone
2) Then perform the following (all one command)
On Linux:
adb root ; adb shell "stop audioserver; logcat -c -b all; start audioserver" && sleep 10 && adb logcat -b all |egrep -vi "(dialer|telecom|ril|gsm|touch|brightn|dct|QC-time-services|SST|sensors|AlarmMan|Lights|perfp)"
Click to expand...
Click to collapse
On windows:
adb root ; adb shell "stop audioserver; logcat -c -b all; start audioserver && sleep 10 && logcat -b all |egrep -vi '(dialer|telecom|ril|gsm|touch|brightn|dct|QC-time-services|SST|sensors|AlarmMan|Lights|perfp)' "
Click to expand...
Click to collapse
3) Then re-produce your audio issue and cancel the logcat from step 2 before hanging up!
4) Share the logcat output from the console screen using paste.omnirom.org
Q #6: I'm scared about that microG , I don't want to expose my phone so is this /e/ version a security risk?
First of all you need a lot of trust installing ANY custom ROM. A developer can do nasty things right? Besides that yes microG allowing to let apps act like as they are another app, also known as signature spoofing. This CAN be a good and a bad thing. Read on why my builds are different:
In general the microG patch is an all or nothing. A ROM which supports microG (i.e. signature spoofing) have that feature enabled, always.
The difference in my /e/ builds is that I am using the "restricted" option of signature spoofing so as long as you trust me you are as safe as without microG.
Q #7: What is the difference between CUSTOM and UNOFFICIAL builds?
See OP
Q #8: Will my banking app (or other root detecting app) work with this ROM?
The answer is .. well .. simple. it depends.
First of all the following technique works regardless of what ROM you are using or what device. It worked with my LG G4, OnePlus 6T and now OP7tpro so its a generic "maybe-solution"
Read on here:
I am using a german banking app which works even when root gets detected. It will prompt and say thats bad but I am still able to use it. The same was the case for the TAN generator app of the same bank but it fully stopped working one day after a (forced) app upgrade.
So I started to play around and found a solution which works for me since several years but there is no guarantee it will work for you or for how long it will work. The process and steps must be followed briefly and nothing more, nothing less must be done.
The following references a banking app but it applies to any app which rejects starting when root or a custom ROM has been detected:
you need root, i.e. Magisk. This ROM has a custom build which includes Magisk already.
uninstall the currently not working banking app(s)
install & setup a work-profile manager like Insular, Shelter, (if you do not care about google trackers: Island), or [fill-in-another] ,.....
configure Magisk that it hides itself (i.e. re-package Magisk with a random name) & reboot just to be sure. and yes that works on signed and locked ROMs, too
newer Magisk versions will clone themself into the island profile during the repackage process so open island then switch to the island tab and remove the magisk app there (so not from the "mainland"!)
install the banking app(s) - BUT DO NOT start it!
clone that app into your work-profile (i.e. open Insular/Shelter/Island/.. find the app, clone it there), repeat that step for any app needed
configure Magisk hide for this app(s) and ensure you select all options (some apps can be expanded in magisk hide, select all options then)
remove any icons of your app(s) from your launcher but DO NOT UNINSTALL them!! (never)
in your work-profile manager (Insular/Shelter/Island/...) find your app and create a quick start launcher (repeat that for any app needed)
now start your banking app quick link (again it HAS to be the one created by your work-profile manager). usually you can identify that you are using the right one bc it has a mini icon of your work-profile manager on top of the regular app icon
enjoy. if it does still detect root or a custom ROM you either have not followed the above steps briefly or you are out of luck.
Background:
You cannot uninstall the app(s) from android (ever) because otherwise Magisk hide will not work. so you always need to keep that app(s) but never starting it.
It can make sense to try another work-profile manager if the above way fails for you as the app devs using different techniques
Q #9: Will DRM protected content work? | Will this ROM satisfy Safetynet?
Likely not. Yes this ROM is signed, selinux is enforcing and you can lock your bootloader but these days this is not enough anymore. While there are some workarounds available these might stop at any time. So do not expect that this will work or work for a long time.
LOCK your bootloaderYes you read correctly: you can lock your bootloader again! Why is that so amazing? The most important thing: security. When your bootloader is locked no one can install or modify without you notice it. Let's say you loose your phone and your bootloader is unlocked. The person can boot into fastboot and flash a custom recovery of his choice and have full access to your data (if not having a pin set) but also can tamper e.g. your system partitions like installing malware. Yea for that the attacker needs physical access to your phone but there is malware around and this is REAL which uses bugs to install themselves even on your system partition. For this the attacker does NOT need physical access to your phone.
On a locked bootloader the device won't boot anymore as a modification like that will be detected.
Anyways.. yea one can say both attack variants are not THAT critical or affecting you as you are paying attention on what you do but .. there is a always a risk of undetectable malware like the good old drive-by downloads etc. so .. its all up to you if you want to have that extra barrier or not..
But before we begin
a HUUUUGE thanks to @WhitbyGreg !!!
All this here would not be possible without his great guide here ! Ofc I need to adapt it and integrate all this within my automation process but it would have been a LOT harder without his thread(s).
So if you love it having a locked bootloader now - give HIM some thanks clicks, donations, hugs.. as well
Checklist: is locking the bootloader something for me?If you answer anyone - even just 1 - of the following with YES - then KEEP AWAY FROM LOCKING your bootloader!
I want to remove (not just disable) system apps (often called bloatware)
I want to add / convert apps into system apps (e.g. Titanium Backup offers such an option)
For rooted variant: I want to update Magisk to the latest version
For rooted variant: I want to change init scripts, XMLs or anything else within system/, product/ etc partitions
For rooted variant: I want to use an ad-blocker which modifies the "hosts" file (system partition)
I want to install another recovery then the one coming with the ROM (SHRP)
I want to flash GApps (LOL! this is /e/ !! even on unlocked bootloader this won't work!)
I want to flash anything else in recovery which modifies: boot, recovery, system or any other partition then userdata
Do you have answered at least 1 of the above with YES ? Then do NOT lock your bootloader. It WILL brick your device if you try.
if you can live with the above - GO GO GO
Lock your bootloader - processDownloads
ROM without root: https://leech.binbash.rocks:8008/e-os/a10/hotdog/ (all CUSTOM(!) builds since 2021-09-03)
AVB key: https://github.com/sfX-android/update_verifier/blob/master/hotdog_eos-q_custom_pkmd.bin
ROM with root: https://leech.binbash.rocks:8008/e-os/a10_rooted/hotdog/ (all CUSTOM(!) builds since 2021-09-03)
AVB key: https://github.com/sfX-android/update_verifier/blob/master/hotdog_eos-q_custom-rooted_pkmd.bin
backup all your data. I am serious EVERYTHING. we need to FORMAT the userdata partition during the lock process and there is no way around. so use TB or Swiftbackup, Migrate or any other. Always a good idea to also having a TWRP/SHRP backup just for the case..
boot your current recovery
flash the ROM of your choice (with or without root)
reboot to the bootloader / fastboot
if you flashed the ROM with root: fastboot flash avb_custom_key hotdog_eos-q_custom-rooted_pkmd.bin
if you flashed the ROM without root: fastboot flash avb_custom_key hotdog_eos-q_custom_pkmd.bin
type: fastboot oem lock
approve locking the bootloader on the phone's screen
< take a deeeeeeep breath >
recovery (SHRP) will load automatically
choose wipe -> format(!) data (there is no way around)
boot android -> you will notice a new bootloader message warning you that you have a custom ROM installed - but it will load
congrats! you now running on a locked bootloader + /e/ OS!
for the rooted variant: start the Magisk app (requires internet), accept the install request and open the magisk app afterwards and let it reboot when asked
enjoooooy
Locked - now what?OEM unlock option
The above does not mention one additional step: disabling OEM unlock in developer options. For a reason. I mean you CAN uncheck that option now that all is running fine but you don't get any more security tbh.
The reason is if you keep it checked an attacker is able to unlock your device but it WILL format the encryption keys when done. that means no way to access your data anyways. If you want to avoid even that then feel free to uncheck OEM unlock in developer settings as well but then a brick will require low level recovery tools to bring your device back to life.
Magisk (rooted variant)
I recommend to disable automatic update checking within magisk settings - remember: when flashing a newer version of magisk it WILL brick your device. you have to wait for me updating it within the ROM.
Anything you do within Magisk can EASILY BRICK your device, installing a magisk module which tampers your system partition: BRICK. So really really check if a module touches anything mentioned in the above checklist topic. Using the magisk variant has HIGH potential of bricking your device.
You can use all standard root functions, magisk hide and even re-pack the magisk app though.
Bricked
Always keep an eye on the above "Checklist" topic! If you change/do something mentioned there you will brick your device with a snap of a finger.
Android does not boot anymore because you flashed a newer version of Magisk or changed something within the protected partitions:
boot recovery (power off, press power on and vol down the same time and keep it pressed until you see the shrp logo)
flash the current ROM version or a later release and reboot
recovery does not load bc you flashed another recovery:
wait for the next OTA and it get fixed automatically
or unlock the bootloader again (this will need to FORMAT the userdata partition)
Sounds like a cool ROM, however I'm curious, what issues might I run into having no Google services? Are most apps going to work ok?
L4WL13T said:
Sounds like a cool ROM, however I'm curious, what issues might I run into having no Google services? Are most apps going to work ok?
Click to expand...
Click to collapse
hard to say. there are some which might not work and/or apps you should avoid (as they contain trackers etc). There is a good list of alternatives in FAQ 4 above
steadfasterX said:
Do a full (i.e. not just TWRP/SHRP - as those do not backup your internal storage) backup before doing anything
Click to expand...
Click to collapse
Do TWRP backups even work on this device? Last I heard, it was broken.
Hi! Why is there no gesture based navigation??? I'd love to see it!!!
at first glance the system is very surprising, like the very idea of a system without GAPPS. Looking forward to the development)
ap81z said:
Hi! Why is there no gesture based navigation??? I'd love to see it!!!
at first glance the system is very surprising, like the very idea of a system without GAPPS. Looking forward to the development)
Click to expand...
Click to collapse
Yea they removed it bc their launcher does not support it yet. There is an open issue on their bug tracker. I don't know when they will fix it tbh but i need it so bad that i found a way to include it. It's a kind of dirty hack but ... it works and will find its way in my next CUSTOM build..
steadfasterX said:
Yea they removed it bc their launcher does not support it yet. There is an open issue on their bug tracker. I don't know when they will fix it tbh but i need it so bad that i found a way to include it. It's a kind of dirty hack but ... it works and will find its way in my next CUSTOM build..
Click to expand...
Click to collapse
ok, I'll be waiting!!!
forgot to mention it here (another reason why users should join my automation channel):
Gestures are supported since the latest version.
breaking news:
I was working on using this device as my DD again but I have very strict requirements:
/e/ OS must work (reason: privacy focus, google-free) [ DONE ]
encryption must work (reason: security, e.g. loosing or selling the phone) [ DONE ]
selinux must run in enforcing [ DONE ]
/e/ OS must be signed with own private key (reason: allowing secure OTA and local/recovery upgrades) [ DONE ]
SHRP must work (reason: a password on startup can be set - allowing to have rich recovery feature set but secured - when the bootloader is locked!) [ DONE ]
and here the fun began:
/e/ OS must run on locked bootloader [ DONE ]
SHRP must run on locked bootloader [ DONE ]
OTA must work on locked bootloader [ WIP ]
so overall I am pretty much where I want to be and can provide a privacy focused, secure, google-free and locked bootloader experience soon...
stay tuned
Ever wanted to lock your bootloader - not on STOCK but on a custom ROM?Most ppl don't know (or don't care) that almost all Oneplus devices offer such an option - if the ROM dev is willing to take the journey implementing it.
This is now possible when running my /e/ OS CUSTOM builds (read more in the OP about the diff between CUSTOM and UNOFFICIAL) and not just that my new CUSTOM builds coming either pre-rooted or not - whatever you wish more.
I have to say that this was something on my to-do list since I bought this device more then 1 year ago. After a lot of work in the past months I am finally where I am and can use it as my DD again. Something which makes me reeeeeeally happy lol
Dunno but maybe someone enjoys having a locked bootloader like I do
Read all the details and how it works: here
Hey just for info, I'v tried without relocking bootloader, to install aa auto as I do on lineage, and it give me the same result as locked bootloader, a black screen, I know that it's not your job to debug aaauto since it's a de-google rom. But the rom is unusable in my case, another question, why Play Store is installed by default ?
Thanks
Also I doesn't find any option to change 60hz/90hz ?
Thetimelost said:
Hey just for info, I'v tried without relocking bootloader, to install aa auto as I do on lineage, and it give me the same result as locked bootloader, a black screen, I know that it's not your job to debug aaauto since it's a de-google rom. But the rom is unusable in my case, another question, why Play Store is installed by default ?
Thanks
Click to expand...
Click to collapse
The CUSTOM builds containing the play store as i need it for some apps which do their license check over it. You csn simply deactivate it or use the UNOFFICIAL build instead (which do not allow locking the BL though).
Thetimelost said:
Also I doesn't find any option to change 60hz/90hz ?
Click to expand...
Click to collapse
Hmm good q. Is there an option for that in LOS? Maybe that's a limitation by /e/ but dunno tbh
steadfasterX said:
The CUSTOM builds containing the play store as i need it for some apps which do their license check over it. You csn simply deactivate it or use the UNOFFICIAL build instead (which do not allow locking the BL though).
Hmm good q. Is there an option for that in LOS? Maybe that's a limitation by /e/ but dunno tbh
Click to expand...
Click to collapse
Thanks for the answer ! Yes on LOS there is an option for it, and after use my op7t pro for 2 year with 90hz I directly spot the difference. ^^
Thetimelost said:
Thanks for the answer ! Yes on LOS there is an option for it, and after use my op7t pro for 2 year with 90hz I directly spot the difference. ^^
Click to expand...
Click to collapse
Hm interesting mine is running at 90 hz all the time it seems. Weird bc /e/ is based on LOS so maybe its an option in a11 first?
When will we get Android 11?
andr052h said:
When will we get Android 11?
Click to expand...
Click to collapse
Why do you want to have it?
steadfasterX said:
Why do you want to have it?
Click to expand...
Click to collapse
I mean, I really like what you have done with your current build, and would love to see that applied to the new Android 11 version as-well.
andr052h said:
I mean, I really like what you have done with your current build, and would love to see that applied to the new Android 11 version as-well.
Click to expand...
Click to collapse
Well first of all I thought no one uses my ROM anyways so there was no need for me upgrading to a11. This ROM is rock stable and does what i need as a daily driver and gets monthly security patches. Many ppl just want to have a newer android version just bc there is one and not bc for a specific reason. That's why I'm asking.
I personaly prefer a good working ROM over having always the newest android version just because there is one
Other then that i may upgrade to a11 but not anytime soon. Main reason is that I am using this as my daily driver so it would be hard alsi dev on it..
Hi, so after searching for a bit on if kali nethunter could be installed on the 7T, I found that most people were sticking to the OP7 due to increased compatibility/development. Although, I'm able to install nethunter on my 7T I could not find a kernel for the Oneplus 7T with nethunter support. Mainly for the ext. wifi adapter support in my case. So after some research I could see that the 7T is listed as a supported device on the nethunter git page so I decided to try their build.py script to see if I can get one to work on my 7T HD1905. After some trial and error I ended up with a working kernel for my device which is a OP7T (HD1905) on A11, build 11.0.1.1.HD65AA.
So, this is what I did.
-rooted my phone using latest magisk(I always use canary)
-flashed the kernel that was compiled using the Kali nethunter build.py script using ex kernel manager(there were some errors in the log, but didn't affect the flashing)
-downloaded the nethunter store app from the kali website and installed the nethunter app and the nethunter terminal app.
-through the nethunter app I installed chroot under the kali chroot manager tab. I selected the option to download from the website.
-I also installed the nethunter wireless firmware from the magisk repo. Not sure if that was 100% necessary, but hey why not?
After that completed, I had a working kali terminal. Now the test was if I can get my ext. wifi adapter to actually get recognized now and could I put it in monitor mode....and the answer was yes.
I will post the kernel zip if anyone wants to take a look at it. I'm sure it needs work from someone who actually knows what they're doing. I was just excited that it actually somewhat worked. I figure it's a good starting point. Also, sorry for the write up. It's not very good. I might go and rewrite with a little more detail later on.
Would it be somehow applicable to OnePlus 3 also?
I remember someone made a nethunter kernel in telegram group.
Here’s the github Link
Apeek7 said:
I remember someone made a nethunter kernel in telegram group.
Here’s the github Link
Click to expand...
Click to collapse
Sorry, been away from the 7T for a bit. Thanks for this. Working great so far.