Allllllllllllllllllllllllllllllllllllrighty then.
I wrote this guide because most of the documentation requires you to know the basics of flashing ROMs and stuff and just generally how to use Android, which I didn’t know. Maybe you don’t know either.
For some reason I thought it would be a good idea to buy a used Oneplus One (got mine for $120) for the sole reason of installing Kali Linux NetHunter, which can be installed over your Android ROM to give you a bunch of nifty penetration tools in a (more) mobile platform.
I specifically chose the OnePlus One because it’s the recommended device for installing NetHunter, and I’m a total noob at anything Android. And sure enough, installing it was simple as heck.
I used the Kali NetHunter Linux Root Toolkit to install everything.
1. Hunting down CyanogenMod 13
The CyanogenMod project has been dead since 2016, which made it super inconvenient to try and find the ROM. Probably doesn’t help that the phone was released in 2014 either.
After much googling, I found this ROM for CM 13.1.2. Whether or not it’s official is anyone’s guess, BUT THE FILENAME SAYS SIGNED, SO I TRUST IT.
Unfortunately the above link appears to be dead, but I’ve got a copy that I’ve put on my Google Drive. I definitely haven’t fucked with it, make sure to run shell.exe
as Administrator or shell.sh
with sudo.
2. Downloading Components
The NetHunter install requires a few different components to work correctly.
TeamWin Recovery Project
TWRP is used as a custom recovery image that lets you flash all sorts of stuff through a handy GUI.
TWRP was found pretty quickly by following the LRT instructions. I downloaded version 3.3.1.
SuperSU
SuperSU lets apps request root permission.
Following the LRT instructions, I downloaded beta version 2.66 (the 2.67 link was dead).
adb
and fastboot
I found links to Android Platform Tools here, and then downloaded the latest version for MacOS. After unzipping, I put adb
and fastboot
in my PATH
by running:
cd platform-tools
cp adb /usr/local/bin/
cp fastboot /usr/local/bin/
Kali Linux NetHunter
From the Kali Linux Nethunter download page, I downloaded the latest version for the OnePlus One.
3. Cloning the Kali NetHunter Linux Root Toolkit
Very, very simple. On my Mac, I ran:
git clone https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-lrt
cd kali-nethunter-lrt
4. Preparing the Phone
Enable USB Debugging
Tons of blogs have written about how to do this, so I’ve linked the first result from Google. Make sure you accept the RSA fingerprint when you plug the phone into your computer.
Unlock the Bootloader
Luckily for me, the bootloader on my phone was already unlocked.
The LRT includes a script to unlock the phone too. After connecting the phone with USB debugging enabled, run this script:
./oemUnlock.sh
Installing Stock Image
This step is optional, but I did it just for a smoother install.
I copied the CM 13 ZIP file previously downloaded into the stockImage folder of the LRT cloned repository and ran the script for OnePlus One (64GB).
cp ../cm-13.1.2-ZNH2KAS3P0-bacon-signed-fastboot_64GB.zip stockImage/
./stockOpoFlash.sh 64gb
This takes about 5 minutes.
With a newly flashed ROM, I then setup the phone and re-enabled USB debugging. This step in itself took the longest, as CM 13 is a bag of dicks full of Microsoft and Google bloatware.
5. Flashing NetHunter
I moved all of the components into their respective folders:
cp ../twrp-3.3.1-0-bacon.img twrpImage/
cp ../BETA-SuperSU-v2.66-20160103015024.zip superSu/
cp ../nethunter-oneplus1-marshmallow-kalifs-full-2019.2.zip kaliNethunter/
Then ran the happy little flashing script:
./twrpFlash.sh
Interaction is required to allow modifications to allow NetHunter to be installed. Otherwise, after about 30 minutes, you’ll boot into a fresh new NetHunter instance!
I’ll be writing another guide on how to flash Kali NetHunter on the top of LineageOS 15.1 if I can ever figure out how to get it working. I’m so so so so close. I think.
welp I was literally gonna ask you how to do this after the demo tonight. I *think* I have an old handset that’s supported… I have no idea what half of this means… but I’m sure between coffee and Google I’ll figure it out :,)
If you need a hang figuring it out, let me know. Took me a good while to figure it out too.
Thanks for your post.
The link provided to the stock ROM is not a fastboot one. The correct one should be this: https://androidfilehost.com/?fid=24591000424960109
Not sure what the difference is. The one I linked worked for me installing NetHunter.
What would be the reason to choose fastboot over the one I linked?
Great post, thanks for sharing. I’m considering doing exactly the same. Either the OnePlus or the Nexus 6P. Your post has helped me decide.