#!/zitstif.no-ip.org/

When Kali Linux 2.0 came out I decided to upgrade my laptop to this version through the upgrade process (which took very long keep in mind.. it may have just been quicker to just reload the OS). Upon completion of the upgrade process I noticed the desktop GUI and windows didn’t look quite right. Additionally the theme wasn’t right either. Long story short I had to install these packages to fix the issue:

I have just installed the Android 5.1 OTA update on my Nexus 4 and can confirm my chroot image still works, all you need to do is install busybox again and you’ll be back up and running. So for those of you who are having issues with NetHunter and need a chroot environment that is Kali based, my solution will work for you.

Speaking of NetHunter, apparently NetHunter 1.2 has been released and it supposedly works on Lollipop:

https://www.offensive-security.com/kali-nethunter/nethunter-android-lollipop-nexus6/

This post IS from April 1 2015 of this year, so I hope this isn’t a joke. 😉

Hats off to the off-sec guys! They can do wonders.

It looks like my Kali Linux chroot environment has been superseded per se. I am very excited about Kali Linux NetHunter (http://nethunter.com/), and this may drive me to purchase a Nexus 5 so I can have OTG support and perform wireless attacks more easily versus having to use a Y USB cable with my current Nexus 4.

I had a HID attack idea for the Nokia N900, but it appears the folks over at offensive-security have put something together for the Android/Nexus platform. Please have a look at this video:

Kali Linux NetHunter HID Attack from Offensive Security on Vimeo.

One caveat I have noticed is that NetHunter currently only supports Nexus series devices:

(From nethunter.com ):

Supported Devices:

The Kali NetHunter image is currently compatible with the following Nexus devices:

• Nexus 4 (GSM) – “mako” – EXPERIMENTAL SUPPORT
• Nexus 5 (GSM/LTE) – “hammerhead”
• Nexus 7 [2012] (Wi-Fi) – “nakasi”
• Nexus 7 [2012] (Mobile) – “nakasig”
• Nexus 7 [2013] (Wi-Fi) – “razor”
• Nexus 7 [2013] (Mobile) – “razorg”
• Nexus 10 – “mantaray”

With that being said, my article on weaponizing the android platform may still be of use to a lot of you who don’t own Nexus series devices: http://zitstif.no-ip.org/?p=811

For those of you who are looking to update your Android version to Lollipop and wish to continue using the chroot environment I have shown how to setup here, please hold off! You can do so but at your own risk. Currently my chroot environment is not functional because I get ‘permission denied’ when I try to run the same script as I’ve always done before with my rooted Nexus 4 with previous versions of Android (up to 4.4.4). I’m highly confident that the issue is related to Android Lollipop’s PIE system, though I could be wrong. Over at the XDA forums, it appears that there is a workaround, but it still doesn’t fix the ‘permission denied’ issue that I’m experiencing. However it may help you with other apps:

http://forum.xda-developers.com/google-nexus-5/development/fix-bypassing-pie-security-check-t2797731

This bypass method did fix SSHDroid, but caused some issues with other apps.

JP Dunning (https://twitter.com/r0wnin) is the creator of the Katana: Portable Multi-Boot Security Suite. Upon visiting www.hackfromacave.com, it appears that this projects have come to a halt. It is true that you can still obtain the Katana toolkit via torrents (http://securityiskey.blogspot.com/2012/08/katana-3-beta-torrent.html for those are interested). However, I can’t recommend downloading this toolkit as of now because a lot the Linux distributions within the Katana toolkit have been superseded by newer distributions. Another issue with Katana is that it’s kind of a pain to customize and add and remove distributions.

With that being said, this post’s objective is to inform those who how to create a multi-booting USB flash drive toolkit that is easily customizable for end user’s specific needs. For this we will be heavily relying on YUMI (http://www.pendrivelinux.com/yumi-multiboot-usb-creator/). Using YUMI is pretty straight forward and I don’t believe there is a strong need for myself to create a tutorial (https://www.google.com/#q=YUMI+tutorial).

To create our “Home Made Katana”, you will need:

-Time
-32GB Flash drive (smaller may work but I recommend 32GB or larger)
-YUMI ( http://www.pendrivelinux.com/yumi-multiboot-usb-creator/ )
-HomeMadeKatana.zip ( https://ia601401.us.archive.org/15/items/HomeMadeKatana/HomeMadeKatana.zip )

HomeMadeKatana.zip file hash
MD5: dc5b97133c9e6ca9a848b26b234f2210
SHA-1: 8a13ce78c380a05f60602a40790bf77021d52de9

NOTE: TOOLS IN THIS ARCHIVE WILL SET OFF AV SYSTEMS

The root directory of this zip file contains:

Disk Investigator
HxD
KatanaToolKit.exe
odbg201
PortableApps
Speccy
SysinternalsSuite
windows-binaries-from-Kali
zittools

I pulled the PortableApps directory and the KatanaToolKit.exe from the Katana:
Portable Multi-Boot Security Suite. I meant to add herdProtect portable scanner but forgot to. Feel free to add this if you want: http://www.herdprotect.com/installers/herdProtectScan_Portable.exe .

To create our “Home Made Katana”, do as follows:

1.) Backup any data you want on your flash drive
2.) Wipe the flash drive
3.) Download YUMI
4.) I recommend the following distributions/bootable tools:

Caine
Clonezilla (Backup + Clone Tool)
DBAN
Deft (Forensics)
GParted
Hiren’s Boot CD
Kali
Kon-Boot Floppy Image
Mint Linux
Offline NT Password & Registry Editor
Ophcrack Vista/7
Ophcrack XP
Tails
Ultimate Boot CD
Windows 7
Windows 8
Windows Defender Offline

5.) Download and extract HomeMadeKatana.zip to the root of the flash drive.

You may ask yourself why would I recommend putting Windows 8 on your flash drive? I recommend this because newer systems are now using UEFI and a lot of systems are shipping without optical drives. For instance if you need to reset a Windows 8 local account password ( http://pcsupport.about.com/od/windows-8/a/reset-password-windows-8.htm ), having Windows 8 on your “Home Made Katana” would be of great use.

An additional note that should be taken into consideration when dealing with newer UEFI computers. To boot into Linux distros or even to boot from USB or optical drives with software that doesn’t necessarily support secure booting you will need to turn the secure boot option off and/or enable legacy booting and/or enable compatibility support module (CSM).

In retrospect, what we have done is create a mutlibootable and powerful flash drive with utilities for penetration testers, IT gurus and network administrators. In addition, I would also recommend getting a USB Rubber Ducky (https://hakshop.myshopify.com/collections/usb-rubber-ducky) especially if you’re into penetration testing. If you have any questions, comments or input feel free to post a comment below.