Created
April 18, 2018 01:58
-
-
Save jmmmbnnn/0c47ee13581602d98e17184a9241e6ea to your computer and use it in GitHub Desktop.
Nexus 10 (manta) Nethunter Setup Snippets (WiFi Pineapple, Metasploit, ExploitDB / SearchSploit, Wireshark, CAN, Ubertooth)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # author: jmmmbnnn | |
| # https://www.kali.org/news/kali-linux-2018-1-release/ | |
| # Note that if you haven’t updated your Kali installation in some time (tsk2), you will like receive a GPG error about the repository key being expired (ED444FF07D8D0BF6). Fortunately, this issue is quickly resolved by running the following as root: | |
| wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add | |
| # Update and upgrade | |
| apt update -y | |
| apt upgrade | |
| # In Kali terminal: | |
| # WiFi Pineapple Nano. | |
| # Used in case Pineapple Connector Fragment in Nethunter is not enough. | |
| # Modify routing table as necessary. Must have default gateway. | |
| mkdir ~/bin | |
| cd $_ | |
| wget -q https://wifipineapple.com/wp6.sh | |
| chmod +x wp6.sh | |
| # Metasploit | |
| service postgresql start | |
| # Fix for msf user authentication failure. | |
| # https://stackoverflow.com/questions/32561760/metasploit-cant-use-default-msf3-to-connect#40075220 | |
| msfdb delete | |
| msfdb init | |
| # SearchSploit | |
| # | |
| # This creates the SearchSploit database the SearchSploitFragment needs. | |
| # It also fixes the swapped orders of the column, PLATFORM and TYPE in schema. | |
| # ExploitDB's header is TYPE, PLATFORM and the Nethunter is PLATFORM, TYPE. | |
| # | |
| # As of 2018-04-11: | |
| # There's a bug since files.csv doesn't exist after updating exploitdb. | |
| # /usr/share/exploitdb/files_shellcodes.csv // 875 lines (includes header). | |
| # files_shellcodes.csv headers: id,file,description,date,author,type,platform | |
| # e.g. type=[dos,local,remote,shellcode,webapps] | |
| # /usr/share/files_exploits.csv // 39134 lines (includes header). | |
| # files_exploits.csv headers: id,file,description,date,author,type,platform,port | |
| # total = 40009 // 40007 without both headers. | |
| # CREATE TABLE SQL flips PLATFORM and WEB columns in Android code. | |
| # I fixed it by manually creating the table with correct schema. | |
| # Table count = 40007 after importing and tested working. | |
| # This only fixes the dropdowns populating the correct fields | |
| # The results from the searches will still show platform and type incorrectly. | |
| # Transfer manually built SearchSploit database with SearchSploitTable to Nethunter application. | |
| # files_exploits.csv and files_shellcodes.csv > files.csv | |
| # Comma needs to be corrected for files_shellcodes.csv. | |
| # Columns are wrong when creating database table through Nethunter. | |
| # Must create table schema to match importing header from files.csv. | |
| # Generate SearchSploit sqlite3 and move to /data/data/com.offsec.nethunter/databases/SearchSploit | |
| # Start from PC with device connected and USB debugging enabled. | |
| # Part 1: Update and build SearchSploit database in chroot. Move to /sdcard. | |
| adb root | |
| adb shell | |
| bootkali_login | |
| apt update -y | |
| apt upgrade -y exploitdb | |
| searchsploit --update | |
| # Default to 0 as Nethunter uses this for exploits with no port. NULL crashes application. | |
| sqlite3 SearchSploit 'CREATE TABLE IF NOT EXISTS SearchSploitTable (ID INTEGER PRIMARY KEY, FILE TEXT, DESCRIPTION TEXT, DATE TEXT, AUTHOR TEXT, TYPE TEXT, PLATFORM TEXT, PORT INTEGER DEFAULT 0);' | |
| csv2sqlite.py /usr/share/exploitdb/files_exploits.csv SearchSploit SearchSploitTable | |
| # Add a comma to the end of each row in files_shellcodes_corrected because it doesn't have a port field. | |
| awk -F "," '{x=(NF-1 == 6) ? $0"," : $0; print x}' /usr/share/exploitdb/files_shellcodes.csv > files_shellcodes_corrected.csv | |
| csv2sqlite.py files_shellcodes_corrected.csv SearchSploit SearchSploitTable | |
| sqlite3 SearchSploit 'UPDATE SearchSploitTable SET PORT = 0 WHERE PORT IS NULL;' | |
| rm files_shellcodes_corrected.csv | |
| mv SearchSploit /sdcard/SearchSploit | |
| exit | |
| # Part 2: Move SearchSploit in /sdcard to Nethunter's SearchSploit application storage area. | |
| su | |
| mv /sdcard/SearchSploit /data/data/com.offsec.nethunter/databases/SearchSploit | |
| chown 10050:10050 /data/data/com.offsec.nethunter/databases/SearchSploit | |
| chmod 0660 /data/data/com.offsec.nethunter/databases/SearchSploit | |
| exit | |
| exit | |
| # Wireshark | |
| # wireshark-qt does not work, but wireshark-gtk does. | |
| apt install wireshark-gtk | |
| apt remove wireshark-qt | |
| # CAN | |
| apt install can-utils | |
| # Ubertooth | |
| apt install ubertooth |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment