****i am not responsible for your phone or anything you do with aircrack-ng
*this guide is based on nexus 5 you can substitute it with any phone/tablet(with otg support) with this gude
if your a noob or expert just ask will guide you
------------------------------------------------------------------------------------------------
Things You Need
------------------------------------------------------------------------------------------------
1) any phone with otg support [used=Nexus 5 (rooted)]
2) OTG Cable
3) any usb wifi [used=TP-LINK TL-WN722N](if you have others let me know ill add it to the guide)
4) Ubuntu (to compile kernel)
5) if you need it for other device or compile kernel for other usb wifi device just let me know i will guide you thru
------------------------------------------------------------------------------------------------
PART A
(Compiling Kernel)
------------------------------------------------------------------------------------------------
Setting up your ubuntu machine
Code:
$ sudo apt-get updateCode:
$ sudo apt-get install oracle-java6-installerCode:
$ sudo apt-get install git gnupg ccache lzop flex bison gperf build-essential zip curl zlib1g-dev zlib1g-dev:i386 libc6-dev lib32bz2-1.0 lib32ncurses5-dev x11proto-core-dev libx11-dev:i386 libreadline6-dev:i386 lib32z1-dev libgl1-mesa-glx:i386 libgl1-mesa-dev g++-multilib mingw32 tofrodos python-markdown libxml2-utils xsltproc libreadline6-dev lib32readline-gplv2-dev libncurses5-dev bzip2 libbz2-dev libbz2-1.0 libghc-bzlib-dev lib32bz2-dev squashfs-tools pngcrush schedtool dpkg-devCode:
$ sudo ln -s /usr/lib/i386-linux-gnu/mesa/libGL.so.1 /usr/lib/i386-linux-gnu/libGL.soCode:
git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.6/create a file /etc/udev/rules.d/51-android.rules (as the root user)
copy paste the below code and save
Code:
# adb protocol on passion (Nexus One)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e12", MODE="0600", OWNER="<username>"
# fastboot protocol on passion (Nexus One)
SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0fff", MODE="0600", OWNER="<username>"
# adb protocol on crespo/crespo4g (Nexus S)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e22", MODE="0600", OWNER="<username>"
# fastboot protocol on crespo/crespo4g (Nexus S)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e20", MODE="0600", OWNER="<username>"
# adb protocol on stingray/wingray (Xoom)
SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", ATTR{idProduct}=="70a9", MODE="0600", OWNER="<username>"
# fastboot protocol on stingray/wingray (Xoom)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="708c", MODE="0600", OWNER="<username>"
# adb protocol on maguro/toro (Galaxy Nexus)
SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", ATTR{idProduct}=="6860", MODE="0600", OWNER="<username>"
# fastboot protocol on maguro/toro (Galaxy Nexus)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e30", MODE="0600", OWNER="<username>"
# adb protocol on panda (PandaBoard)
SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d101", MODE="0600", OWNER="<username>"
# adb protocol on panda (PandaBoard ES)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="d002", MODE="0600", OWNER="<username>"
# fastboot protocol on panda (PandaBoard)
SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d022", MODE="0600", OWNER="<username>"
# usbboot protocol on panda (PandaBoard)
SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d00f", MODE="0600", OWNER="<username>"
# usbboot protocol on panda (PandaBoard ES)
SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d010", MODE="0600", OWNER="<username>"
# adb protocol on grouper/tilapia (Nexus 7)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e42", MODE="0600", OWNER="<username>"
# fastboot protocol on grouper/tilapia (Nexus 7)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e40", MODE="0600", OWNER="<username>"
# adb protocol on manta (Nexus 10)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee2", MODE="0600", OWNER="<username>"
# fastboot protocol on manta (Nexus 10)
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee0", MODE="0600", OWNER="<username>"Setting correct paths
Code:
gedit android-path.shCode:
export CC=$(pwd)/arm-eabi-4.6/bin/arm-eabi-
export CROSS_COMPILE=$(pwd)/arm-eabi-4.6/bin/arm-eabi-
export ARCH=arm
export SUBARCH=arm
export PATH=$PATH:$(pwd)/andorid_boot_tools_bin(you need to source it to your current terminal window before you compile)
Code:
$ chmod +x android-path.sh
$ source android-path.shDownload Source (any kernel source can be used)
1. HTC
2. Samsung
3. LG
4. Sony
5. Nexus devices
using nexus 5 andoid kernel source
Code:
$ git clone https://android.googlesource.com/kernel/msm.gitCode:
$ cd msm/
$ git branch -a
$ git checkout origin/android-msm-hammerhead-3.4-kitkat-mr2Code:
$ make hammerhead_defconfig
$ make menuconfigthis is only for TP-LINK_TL-WN722N (if you have other device let me know)
quick look in wikidev will tell you that TP-LINK TL-WN722N uses ath9k_htc drivers
Enabling ath9k drivers in kernel
To enable ath9k, you must first enable mac80211 through make menuconfig when compiling your kernel. If you do not know what this means then please learn to compile kernels or rely on your Linux distribution's kernel. Below are the options you need to enable ath9k through make menuconfig.
Code:
Networking --->
Wireless --->
< * > Improved wireless configuration API
< * > Generic IEEE 802.11 Networking Stack (mac80211)Code:
Device Drivers --->[*] Network device support --->
Wireless LAN --->
Atheros Wireless Cards ---->
< * > Atheros 802.11n wireless cards support
< * > Atheros HTC based wireless card supportcheck in your .config file if you have them enable(its a hidden file)
Code:
CONFIG_ATH_COMMON=y
CONFIG_ATH9K_HW=y
CONFIG_ATH9K_COMMON=y
CONFIG_ATH9K_HTC=yCode:
make -j4you should get something like this in the end
Code:
Kernel: arch/arm/boot/zImage-dtb is readyCode:
$ cd .. # if you was in msm directory
$ git clone https://github.com/pbatard/bootimg-tools.git
$ cd bootimg-tools/
$ make
$ cd cpio/
$ gcc mkbootfs.c -o mkbootfs -I../include
$ cd ../..
$ mkdir andorid_boot_tools_bin
$ cd andorid_boot_tools_bin/
$ cp ../bootimg-tools/mkbootimg/mkbootimg .
$ cp ../bootimg-tools/mkbootimg/unmkbootimg .
$ cp ../bootimg-tools/cpio/mkbootfs .
$ cd ..Code:
$ unmkbootimg -i boot_img/boot.img
$ cp msm/arch/arm/boot/zImage-dtb kernel
$ mkbootimg --base 0 --pagesize 2048 --kernel_offset 0x00008000 --ramdisk_offset 0x02900000 --second_offset 0x00f00000 --tags_offset 0x02700000 --cmdline 'console=ttyHSL0,115200,n8 androidboot.hardware=hammerhead user_debug=31 maxcpus=2 msm_watchdog_v2.enable=1' --kernel kernel --ramdisk ramdisk.cpio.gz -o boot.img(this is for nexus 5 it might work for others also)
Code:
$ adb reboot bootloader
$ sudo fastboot boot boot.img------------------------------------------------------------------------------------------------
PART B
(setting up your phone)
------------------------------------------------------------------------------------------------
this is only for TP-LINK_TL-WN722N (if you have other device let me know)
download the firmware files here
1. htc_7010.fw
2. htc_9271.fw
copy them to your phone
use a file manager with root to copy both of them to /system/etc/firmware/
install Linux deploy on your phone
fire up linux deploy and go to properties-->Distribution and select kali linux
installation path set to /sdcard/linux.img
hit the install button
after installation click start button
start your favorite ssh program and happy aircrack-ng
(SH credentials are “android” for the username (configured via Linux Deploy) and “changeme” as the password.)