Penetration Testing platform on Android devices

cover (image credit)

We might have seen hackers in movies or games like watchdogs who can do hacking activities with their phones. But is this realistic? Can you really do hacking or security penetration testing with just a mobile device? The answer is yes.

With the help of the kali linux project, you can run an advanced penetration testing platform on your android phone and everywhere. It is free and open source, and it works on most android devices.

Kali NetHunter

kali NetHunter logo

Kali NetHunter is a robust penetration testing platform based on kali linux that is adapted and optimized for android devices. Kali nethunter also offers advanced penetration testing tools for ethical hacking purposes.

Kali NetHunter has 3 major versions as shown in the tables above.

NetHunter Versions comparison

NetHunter Rootless

You can install this version on any android device without rooting or losing warranty, but it has fewer features than the other nethunter versions.

NetHunter lite

This version has more functionality than the nethunter version without root, but it requires a rooted android device and a custom recovery such as twrp recovery.

NetHunter /NetHunter Pro

This version gives you access to all the kali nethunter features, such as wireless injection attacks, external wireless adapter connection, and other features that need special kernel modifications. However, Nethunter Pro has limited compatibility with different android versions and device models.

Prerequisite

To install kali nethunter without root, which works on any android phone, you need the following:

• Any stock or custom rom with Android 5 or higher and no root needed
• 32gb of internal storage (kali takes up about 6–8 gb of space)
• 2gb of ram

Installation

core installation

Install termux (https://f-droid.org/en/packages/com.termux/) dont install termux playstore version since playstore termux has outdated version of termux

Install nethunter store (https://store.nethunter.com/en/)

Open termux and begin nethunter installation

$ pkg update 
$ termux-setup-storage 
$ pkg install wget 
$ wget -O install-nethunter-termux https://offs.ec/2MceZWr 
$ chmod +x install-nethunter-termux 
$ ./install-nethunter-termux

NetHunter Setup

1. type ‘nethunter’ or ‘nh’ on termux to start kali nethunter in cli mode
2. Runkali@kali:~$ sudo apt update && sudo apt full-upgrade -y (enter default value if asked to select configuration)
3. if facing any network error while connecting to internet or kali repository:
   Runkali@kali:~$ sudo nano /etc/resolv.conf
change ‘nameserver x.x.x.x’ with google dns ‘nameserver 8.8.8.8’
   save with ctrl+x and enter

Other Nethunter function on termux

NetHunter desktop gui setup (optional)

1. Open NetHunter store and download NetHunter KeX
2. Open termux and run ‘nh kex passwd’ to setup password for vnc connect
3. On termux run ‘nh kex &’ to run nethunter gui server
4. Open netHunter KeX input username, configured vnc password and connect

NetHunter Kex connect

Kali NetHunter running on GUI mode

Conclusion

Kali NetHunter is worth trying because the install process is quite easy and has functions that are similar to Kali Linux on desktop, penetration tools built in Kali such as nmap, gobuster, ssl scan, sqlmap, and other basic ctf tools can run normally. Beside of working kali features, NetHunter have some limitations, poor performance compared with desktop versions, and access to the system is also restricted which means having limitations for doing wireless pentesting, the existence of bugs and crashes especially on the NetHunter Kex also still often occur.

sources

Kali NetHunter | Kali Linux Documentation

Termux | The main termux site and help pages.