Free, open source, and based on the Linux kernel, Android is the perfect candidate for a mobile hacking platform. It’s flexible and easy to modify, unlike most Apple devices. In this article, we’ll review a few tools you can install on your phone to start wreaking havoc on the go.
Root or Rootless?
Before you begin, it’s best to decide whether you want to install rootless tools or those that require root access. Due to manufacturer lockdowns, obtaining root access can be difficult or impossible on some phones. I will not explain the process here as it varies for each phone, but you can find more information about your specific device on the XDA forums.
Rootless Tools
We’ll start with the rootless tools as these can be installed on both rooted and unrooted phones.
Termux
Termux is a terminal emulator that supports Linux packages. It works by installing a minimal base Linux system and it uses the apt package manager, similar to Ubuntu or Debian. The popular wireless penetration tool Bettercap also has a section about installing it on Termux, demonstrating the app’s versatility.
Countless other Linux tools can run on Termux, such as the Metasploit Framework. However, not everything is guaranteed to work as Termux has no root access. (Termux can use root if your phone is rooted)
Mifare Classic Tool
Most modern phones have NFC, or near field communication, built in. This allows you to perform contactless payments, talk with other phones, or do other fun stuff. In this case, the Mifare Classic Tool allows your phone to read and write to Mifare Classic keycards, which happen to be used by many hotels as room keys. Needless to say, it’s a very useful (and scary) app that lets you clone or modify keycards to gain access to restricted areas. I have a separate tutorial on how to use this tool if you’re interested.
MTools
MTools is similar to the Mifare Classic Tool but it supports different keycards. However, this app has paid features. If anyone knows a better alternative, leave a comment and I will check it out.
Root Tools
Root access gives apps permissions that were previously inaccessible, turning your phone into a true multipurpose attack tool.
Nethunter
Nethunter is the pinnacle of Android hacking. It’s a nearly full Kali Linux installation on your phone, with modifications to do more than its desktop cousin. However, Nethunter needs more than just root to reach its full potential. Depending on your device, you may be limited to the minimum feature set as a custom kernel is also needed for Kali to perform WiFi, Bluetooth, or USB attacks.
This is the big killer for most people as the list of supported phones is small, and many of them are a few years old. If you’re lucky, you can still use Nethunter’s USB functions by turning on USB debugging in the developer’s settings. WiFi and Bluetooth require patched kernels and making one is a difficult process.
Rucky
If you don’t want to install Nethunter or don’t have enough space, Rucky has you covered for HID hacking. It uses duckyscript, developed by Hak5, allowing you to use the numerous premade scripts online. However, it suffers the same drawbacks as Nethunter, requiring kernel level support.
NFCGate
NFCGate is a more advanced NFC analyzer. It can capture NFC traffic from apps on your phone, relay NFC traffic between two devices, replay captured data, or clone a tag ID. It also needs some kernel modifications for full functionality but all it needs is LSPosed(rip) which works on most devices.
Other Useful Apps
Here are a few apps that will make your life easier.
F-Droid
F-Droid is an alternative app store with an extensive catalog of free and open source apps. There are plenty of weird and interesting tools you never knew you needed. Most of the apps listed here can also be found on F-Droid.
Termux Addons
These are a group of addon apps that extend Termux’s abilities. The most useful ones are Termux:Boot, Termux:API, and Termux:Tasker. Each one is self explanatory, Boot lets scripts run when the phone starts, API connects Termux to the Android APIs, and Tasker lets you automate tasks. There are a few others but they’re just widgets to add to your home screen.
What’s Next
As you’ve probably guessed, the overarching theme of this article is to get some form of Linux on your Android device. Linux offers thousands of hacking tools, and with these apps, you can get most of them working on the go. The next step is to find which Linux tools suit your needs and install them on your phone.
Leave a Reply
You must be logged in to post a comment.