From 15776f1b799e9c2bb6f5814e95fd5818f7e45c6e Mon Sep 17 00:00:00 2001 From: kimocoder Date: Tue, 9 Apr 2019 11:32:50 +0200 Subject: [PATCH 1/4] some scripts to make life easier --- .../data/local/nhscripts/ath9k_disable.sh | 67 +++++++++++++ .../data/local/nhscripts/ath9k_enable.sh | 93 +++++++++++++++++++ .../nhscripts/oos_otg_enable_always_on.sh | 7 ++ .../data/local/nhscripts/rtl8187_disable.sh | 62 +++++++++++++ .../data/local/nhscripts/rtl8187_enable.sh | 79 ++++++++++++++++ .../update/data/local/placeholder | 4 - 6 files changed, 308 insertions(+), 4 deletions(-) create mode 100644 nethunter-installer/update/data/local/nhscripts/ath9k_disable.sh create mode 100644 nethunter-installer/update/data/local/nhscripts/ath9k_enable.sh create mode 100644 nethunter-installer/update/data/local/nhscripts/oos_otg_enable_always_on.sh create mode 100644 nethunter-installer/update/data/local/nhscripts/rtl8187_disable.sh create mode 100644 nethunter-installer/update/data/local/nhscripts/rtl8187_enable.sh delete mode 100644 nethunter-installer/update/data/local/placeholder diff --git a/nethunter-installer/update/data/local/nhscripts/ath9k_disable.sh b/nethunter-installer/update/data/local/nhscripts/ath9k_disable.sh new file mode 100644 index 0000000000..f993a967c1 --- /dev/null +++ b/nethunter-installer/update/data/local/nhscripts/ath9k_disable.sh @@ -0,0 +1,67 @@ +#!/system/bin/sh + +## +# Script to remove of atheros ath9k modules via init.d or immediately +## + +SYSTEM_DEVICE="/dev/block/bootdevice/by-name/system" +INIT_DIR="" + +# use init.d folder if available +if [ -d /system/etc/init.d ]; then + INIT_DIR="/system/etc/init.d" +fi + +# if Magisk is available use its init folder +if [ -d /sbin/.magisk/img/.core/post-fs-data.d ]; then + INIT_DIR="/sbin/.magisk/img/.core/post-fs-data.d" +fi + +# no init folders found, only manual mode possible +if [ -z "$INIT_DIR" ] && [ ! -z "$1" ]; then + echo "You need Magisk installed or a kernel which supports /system/etc/init.d folder to use a modules loading init script!" + echo "You however still can use the command line option 'now' with this script to unload modules immediately." + echo "Don't forget to reboot afterwards!" + exit 1 +fi + +# check if needed modules are available otherwise quit +if [ ! -f /system/lib/modules/mac80211.ko -o ! -f /system/lib/modules/ath9k.ko -o ! -f /system/lib/modules/ath9k_common.ko -o ! -f /system/lib/modules/ath9k_htc.ko -o ! -f /system/lib/modules/ath9k.ko ]; then + echo "At least one of the needed modules are missing!" + echo "Modules mac80211.ko, ath9k.ko, ath9k_common.ko, ath9k_htc.ko, ath9k.ko" + echo "must be present in /system/lib/modules/" + echo "Be sure that you use a kernel which has atheros ath9k chipset support enabled!" + exit 1 +fi + +# use this to unload modules immediately +if [ "$1" == "now" ]; then + busybox rmmod ath9k_htc + busybox rmmod ath9k + busybox rmmod ath9k_common + busybox rmmod ath9k_hw + if [ -f /system/lib/modules/ath.ko ]; then + busybox rmmod ath + fi + busybox rmmod mac80211 + sleep 1 + # enable systems wifi + svc wifi enable + echo "Modules unloaded, please reboot now!" + exit 0 +fi + +# default is to remove init script again and do a reboot (lesser problems expected) +if [ -f $INIT_DIR/99_ath9k_init.sh ]; then + mount -o rw,remount /system + rm $INIT_DIR/99_ath9k_init.sh + busybox sync + mount -o ro,remount /system + # enable systems wifi + svc wifi enable + # finally reboot + echo 0 > /sys/kernel/dyn_fsync/Dyn_fsync_active + busybox sync + sleep 1 + /system/bin/reboot +fi diff --git a/nethunter-installer/update/data/local/nhscripts/ath9k_enable.sh b/nethunter-installer/update/data/local/nhscripts/ath9k_enable.sh new file mode 100644 index 0000000000..a4767face3 --- /dev/null +++ b/nethunter-installer/update/data/local/nhscripts/ath9k_enable.sh @@ -0,0 +1,93 @@ +#!/system/bin/sh + +## +# Script to proper load atheros ath9k modules via init.d or immediately +## + +# system device +SYSTEM_DEVICE="/dev/block/bootdevice/by-name/system" +INIT_DIR="" + +# use init.d folder if available +if [ -d /system/etc/init.d ]; then + INIT_DIR="/system/etc/init.d" +fi + +# if Magisk is available use its init folder +if [ -d /sbin/.magisk/img/.core/post-fs-data.d ]; then + INIT_DIR="/sbin/.magisk/img/.core/post-fs-data.d" +fi + +# no init folders found, only manual mode possible +if [ -z "$INIT_DIR" ] && [ ! -z "$1" ]; then + echo "You need Magisk installed or a kernel which supports /system/etc/init.d folder to use a modules loading init script!" + echo "You however still can use the command line option 'now' with this script to unload modules immediately." + echo "Don't forget to reboot afterwards!" + exit 1 +fi + +# check if needed modules are available otherwise quit +if [ ! -f /system/lib/modules/mac80211.ko -o ! -f /system/lib/modules/ath9k.ko -o ! -f /system/lib/modules/ath9k_common.ko -o ! -f /system/lib/modules/ath9k_htc.ko -o ! -f /system/lib/modules/ath9k.ko ]; then + echo "At least one of the needed modules are missing!" + echo "Modules mac80211.ko, ath9k.ko, ath9k_common.ko, ath9k_htc.ko, ath9k.ko" + echo "must be present in /system/lib/modules/" + echo "Be sure that you use a kernel which has atheros ath9k chipset support enabled!" + exit 1 +fi + +# use 'now' option to load modules immediately +if [ "$1" == "now" ]; then + + # disable systems wifi + svc wifi disable + sleep 2 + + # load modules in proper dependency order (mac80211.ko always first) + busybox insmod /system/lib/modules/mac80211.ko + + # only add ath module if available (newer driver versions have that module) + if [ -f /system/lib/modules/ath.ko ]; then + busybox insmod /system/lib/modules/ath.ko + fi + + # ath9k module sequence + busybox insmod /system/lib/modules/ath9k_hw.ko + busybox insmod /system/lib/modules/ath9k_common.ko + busybox insmod /system/lib/modules/ath9k_htc.ko + busybox insmod /system/lib/modules/ath9k.ko + exit 0 +fi + +# create init script in init folder and reboot +if [ ! -f $INIT_DIR/99_ath9k_init.sh ]; then + + # disable systems wifi (+reboot = important to avoid possible driver clash!) + svc wifi disable + + # create init script + mount -o rw,remount /system + echo "#!/system/bin/sh" > $INIT_DIR/99_ath9k_init.sh + echo "busybox insmod /system/lib/modules/mac80211.ko" >> $INIT_DIR/99_ath9k_init.sh + + # only add ath.ko module if available (newer driver versions have that module) + if [ -f /system/lib/modules/ath.ko ]; then + echo "busybox insmod /system/lib/modules/ath.ko" >> $INIT_DIR/99_ath9k_init.sh + fi + + # ath9k module sequence + echo "busybox insmod /system/lib/modules/ath9k_hw.ko" >> $INIT_DIR/99_ath9k_init.sh + echo "busybox insmod /system/lib/modules/ath9k_common.ko" >> $INIT_DIR/99_ath9k_init.sh + echo "busybox insmod /system/lib/modules/ath9k_htc.ko" >> $INIT_DIR/99_ath9k_init.sh + echo "busybox insmod /system/lib/modules/ath9k.ko" >> $INIT_DIR/99_ath9k_init.sh + + # make it executeable + busybox chmod 775 $INIT_DIR/99_ath9k_init.sh + busybox sync + mount -o ro,remount /system + + # finally reboot + echo 0 > /sys/kernel/dyn_fsync/Dyn_fsync_active + busybox sync + sleep 2 + /system/bin/reboot +fi diff --git a/nethunter-installer/update/data/local/nhscripts/oos_otg_enable_always_on.sh b/nethunter-installer/update/data/local/nhscripts/oos_otg_enable_always_on.sh new file mode 100644 index 0000000000..4fb152e58b --- /dev/null +++ b/nethunter-installer/update/data/local/nhscripts/oos_otg_enable_always_on.sh @@ -0,0 +1,7 @@ +#!/system/bin/sh +## +# use this in a root shell to disable OTG inactivity timeout on OOS roms +# more infos: https://www.xda-developers.com/enable-always-on-otg-oxygenos/ +## +settings put global oneplus_otg_auto_disable 0 + diff --git a/nethunter-installer/update/data/local/nhscripts/rtl8187_disable.sh b/nethunter-installer/update/data/local/nhscripts/rtl8187_disable.sh new file mode 100644 index 0000000000..16a4bc72c6 --- /dev/null +++ b/nethunter-installer/update/data/local/nhscripts/rtl8187_disable.sh @@ -0,0 +1,62 @@ +#!/system/bin/sh + +## +# Script to remove of realtek rtl8187 modules via init.d or immediately +## + +# system device +SYSTEM_DEVICE="/dev/block/bootdevice/by-name/system" +INIT_DIR="" + +# use init.d folder if available +if [ -d /system/etc/init.d ]; then + INIT_DIR="/system/etc/init.d" +fi + +# if Magisk is available use its init folder +if [ -d /sbin/.magisk/img/.core/post-fs-data.d ]; then + INIT_DIR="/sbin/.magisk/img/.core/post-fs-data.d" +fi + +# no init folders found, only manual mode possible +if [ -z "$INIT_DIR" ] && [ ! -z "$1" ]; then + echo "You need Magisk installed or a kernel which supports /system/etc/init.d folder to use a modules loading init script!" + echo "You however still can use the command line option 'now' with this script to unload modules immediately." + echo "Don't forget to reboot afterwards!" + exit 1 +fi + +# check if needed modules are available otherwise quit +if [ ! -f /system/lib/modules/mac80211.ko -o ! -f /system/lib/modules/rtl8187.ko -o ! -f /system/lib/modules/eeprom_93cx6.ko ]; then + echo "At least one of the needed modules are missing!" + echo "Modules mac80211.ko, rtl8187.ko, eeprom_93cx6.ko" + echo "must be present in /system/lib/modules/" + echo "Be sure that you use a kernel which has realtek rtl8187 chipset support enabled!" + exit 1 +fi + +# use this to unload modules immediately +if [ "$1" == "now" ]; then + busybox rmmod rtl8187 + busybox rmmod eeprom_93cx6 + busybox rmmod mac80211 + sleep 1 + # enable systems wifi + svc wifi enable + exit 0 +fi + +# but default is to remove init script and do a reboot (lesser problems expected) +if [ -f $INIT_DIR/99_rtl8187_init.sh ]; then + mount -o rw,remount /system + rm $INIT_DIR/99_rtl8187_init.sh + busybox sync + mount -o ro,remount /system + # enable systems wifi + svc wifi enable + # finally reboot + echo 0 > /sys/kernel/dyn_fsync/Dyn_fsync_active + busybox sync + sleep 1 + /system/bin/reboot +fi diff --git a/nethunter-installer/update/data/local/nhscripts/rtl8187_enable.sh b/nethunter-installer/update/data/local/nhscripts/rtl8187_enable.sh new file mode 100644 index 0000000000..5c88b7b2f7 --- /dev/null +++ b/nethunter-installer/update/data/local/nhscripts/rtl8187_enable.sh @@ -0,0 +1,79 @@ +#!/system/bin/sh + +## +# Script to proper load realtek rtl8187 modules via init.d or immediately +## + +# system device +SYSTEM_DEVICE="/dev/block/bootdevice/by-name/system" +INIT_DIR="" + +# use init.d folder if available +if [ -d /system/etc/init.d ]; then + INIT_DIR="/system/etc/init.d" +fi + +# if Magisk is available use its init folder +if [ -d /sbin/.magisk/img/.core/post-fs-data.d ]; then + INIT_DIR="/sbin/.magisk/img/.core/post-fs-data.d" +fi + +# no init folders found, only manual mode possible +if [ -z "$INIT_DIR" ] && [ ! -z "$1" ]; then + echo "You need Magisk installed or a kernel which supports /system/etc/init.d folder to use a modules loading init script!" + echo "You however still can use the command line option 'now' with this script to unload modules immediately." + echo "Don't forget to reboot afterwards!" + exit 1 +fi + +# check if needed modules are available otherwise quit +if [ ! -f /system/lib/modules/mac80211.ko -o ! -f /system/lib/modules/rtl8187.ko -o ! -f /system/lib/modules/eeprom_93cx6.ko ]; then + echo "At least one of the needed modules are missing!" + echo "Modules mac80211.ko, rtl8187.ko, eeprom_93cx6.ko" + echo "must be present in /system/lib/modules/" + echo "Be sure that you use a kernel which has realtek rtl8187 chipset support enabled!" + exit 1 +fi + +# use 'now' option to load modules immediately +if [ "$1" == "now" ]; then + + # disable systems wifi + svc wifi disable + sleep 2 + + # load modules in proper dependency order (mac80211.ko always first) + busybox insmod /system/lib/modules/mac80211.ko + + # rtl8187 module sequence + busybox insmod /system/lib/modules/eeprom_93cx6.ko + busybox insmod /system/lib/modules/rtl8187.ko + exit 0 +fi + +# create init script in /system/etc/init.d folder and reboot +if [ ! -f $INIT_DIR/99_rtl8187_init.sh ]; then + + # disable systems wifi (+reboot = important to avoid possible driver clash!) + svc wifi disable + + # create init script + mount -o rw,remount /system + echo "#!/system/bin/sh" > $INIT_DIR/99_rtl8187_init.sh + echo "busybox insmod /system/lib/modules/mac80211.ko" >> $INIT_DIR/99_rtl8187_init.sh + echo "busybox insmod /system/lib/modules/eeprom_93cx6.ko" >> $INIT_DIR/99_rtl8187_init.sh + echo "busybox insmod /system/lib/modules/rtl8187.ko" >> $INIT_DIR/99_rtl8187_init.sh + busybox chmod 775 $INIT_DIR/99_rtl8187_init.sh + busybox sync + + # make it executeable + busybox chmod 775 $INIT_DIR/99_rtl8187_init.sh + busybox sync + mount -o ro,remount /system + + # finally reboot + echo 0 > /sys/kernel/dyn_fsync/Dyn_fsync_active + busybox sync + sleep 2 + /system/bin/reboot +fi diff --git a/nethunter-installer/update/data/local/placeholder b/nethunter-installer/update/data/local/placeholder deleted file mode 100644 index 59b0ff1e66..0000000000 --- a/nethunter-installer/update/data/local/placeholder +++ /dev/null @@ -1,4 +0,0 @@ -# THIS IS OPTIONAL # - -# PLACE KALI CHROOT IN THIS FOLDER IF YOU WANT TO INSTALL IT DURING UPDATE PROCESS # -# FILE SHOULD BE CALLED kalifs-full.tar.xz # From 06c5506c9bb2e4ab1dc974d52ebadbfbbec5df36 Mon Sep 17 00:00:00 2001 From: kimocoder Date: Tue, 9 Apr 2019 11:37:11 +0200 Subject: [PATCH 2/4] Add helper scripts for proper loading of wifi modules --- .../update/META-INF/com/google/android/update-binary | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nethunter-installer/update/META-INF/com/google/android/update-binary b/nethunter-installer/update/META-INF/com/google/android/update-binary index bd03d2ab2c..5c53962844 100755 --- a/nethunter-installer/update/META-INF/com/google/android/update-binary +++ b/nethunter-installer/update/META-INF/com/google/android/update-binary @@ -256,6 +256,11 @@ progress 0.7 install "/data/local" 0755 0644 } +[ -d data/local/nhscripts ] && { + print "Copying helper scripts to /data/local/nhscripts" + install "/data/local/nhscripts" 0755 0755 +} + [ -d system/etc/init.d ] && { print "Installing init.d scripts" install "/system/etc/init.d" 0755 0755 From 9439ee1540fb82b4053f0f1001c556fd5d736a2d Mon Sep 17 00:00:00 2001 From: kimocoder Date: Tue, 9 Apr 2019 11:43:42 +0200 Subject: [PATCH 3/4] Updated uninstaller + Check device encryption when flashing --- .../patch.d/02-no-verity-opt-encrypt | 88 ++++++++++++++----- .../META-INF/com/google/android/update-binary | 26 +----- 2 files changed, 67 insertions(+), 47 deletions(-) diff --git a/nethunter-installer/boot-patcher/patch.d/02-no-verity-opt-encrypt b/nethunter-installer/boot-patcher/patch.d/02-no-verity-opt-encrypt index 3966621cb7..edd4d08406 100644 --- a/nethunter-installer/boot-patcher/patch.d/02-no-verity-opt-encrypt +++ b/nethunter-installer/boot-patcher/patch.d/02-no-verity-opt-encrypt @@ -6,37 +6,77 @@ print "Disabling dm-verity & forced encryption..." found_fstab=false -for fstab in fstab.*; do - [ -f "$fstab" ] || continue +device_name=$(getprop ro.product.device) +isEncrypted=$(getprop ro.crypto.state) + +if [ "$device_name" = "cheeseburger" ] || [ "$device_name" = "dumpling" ]; then + print "Device is $device_name" + if [ "$isEncrypted" = "unencrypted" ]; then + print "Phone is not encrypted" + for fstab in /system/vendor/etc/fstab.*; do + [ -f "$fstab" ] || continue + found_fstab=true + print "Found fstab: $fstab" + print "Changing fileencryption=ice to encryptable=footer" + sed "s/fileencryption=ice/encryptable=footer/g" "$fstab" | awk ' + $1 ~ /^\// { + n = split($5, flags, ",") + newflags="" + for (i = 1; i <= n; i++) { + if (flags[i] == "") + continue + if (flags[i] ~ /^verify/) + continue + if (flags[i] ~ /^support_scfs/) + continue + if (i > 1) newflags = newflags "," + newflags = newflags flags[i] + } + if ($5 != newflags) $5 = newflags + if ($5 == "") $5 = "defaults" + } + { print } + ' > "$fstab-" + replace_file "$fstab" "$fstab-" + done + else + print "Device is encrypted!! There will be no change for fstab.qcom" + print "This may result a bootloop for any encrypted device, if you got bootloop, please make a factory reset in recovery and full wipe the system and data partition." + fi +else + for fstab in fstab.*; do + [ -f "$fstab" ] || continue + found_fstab=true print "Found fstab: $fstab" - sed " - s/\b\(forceencrypt\|forcefdeorfbe\)=/encryptable=/g - " "$fstab" | awk ' - $1 ~ /^\// { - n = split($5, flags, ",") - newflags="" - for (i = 1; i <= n; i++) { - if (flags[i] == "") - continue - if (flags[i] ~ /^verify/) - continue - if (flags[i] ~ /^support_scfs/) - continue - if (i > 1) newflags = newflags "," - newflags = newflags flags[i] - } - if ($5 != newflags) $5 = newflags - if ($5 == "") $5 = "defaults" + sed "s/\b\(forceencrypt\|forcefdeorfbe\)=/encryptable=/g" "$fstab" | awk ' + $1 ~ /^\// { + n = split($5, flags, ",") + newflags="" + for (i = 1; i <= n; i++) { + if (flags[i] == "") + continue + if (flags[i] ~ /^verify/) + continue + if (flags[i] ~ /^support_scfs/) + continue + if (i > 1) newflags = newflags "," + newflags = newflags flags[i] } - { print } - ' > "$fstab-" + if ($5 != newflags) $5 = newflags + if ($5 == "") $5 = "defaults" + } + { print } + ' > "$fstab-" replace_file "$fstab" "$fstab-" - found_fstab=true -done + done +fi $found_fstab || print "Unable to find the fstab!" +print "Setting ro.config.dmverity to false" setprop ro.config.dmverity false +print "Removing verity_key and /sbin/firmware_key.cer" rm -f verity_key sbin/firmware_key.cer +print "Done." exit 0 diff --git a/nethunter-installer/uninstaller/META-INF/com/google/android/update-binary b/nethunter-installer/uninstaller/META-INF/com/google/android/update-binary index ad4b9c1d41..2ca68b1e4d 100644 --- a/nethunter-installer/uninstaller/META-INF/com/google/android/update-binary +++ b/nethunter-installer/uninstaller/META-INF/com/google/android/update-binary @@ -46,32 +46,12 @@ print " NetHunter Uninstaller " print "***********************" mount /system -mount /data # Remove added firmware (folder would only exist if you installed NetHunter) -[ -d "/system/etc/firmware/rtlwifi" ] && { - print "@Removing Firmware"; - rm -rf /system/etc/firmware/rtlwifi - rm -rf /system/etc/firmware/zd1211 - rm -f /system/etc/firmware/ar9170-1.fw - rm -f /system/etc/firmware/ar9170-2.fw - rm -f /system/etc/firmware/carl9170.fw - rm -f /system/etc/firmware/htc_7010.fw - rm -f /system/etc/firmware/rt73.bin - rm -f /system/etc/firmware/rt2561.bin - rm -f /system/etc/firmware/rt2860.bin - rm -f /system/etc/firmware/rt2870.bin - rm -f /system/etc/firmware/rt3070.bin -} - -[ -d "/system/priv-app/NetHunter" ] && { - print "@Removing NetHunter.apk" - rm -rf /system/priv-app/NetHunter -} -[ -d "/data/data/com.offsec.nethunter" ] && { - print "@Removing NetHunter chroot/data" - rm -rf /data/data/com.offsec.nethunter +[ -d "/data/local/nhsystem" ] && { + print "@Removing nhsystem" + rm -rf /data/local/nhsystem } cleanup From 3ee00d103bffbedd3e0220328bd36d7af94dc508 Mon Sep 17 00:00:00 2001 From: kimocoder Date: Fri, 12 Apr 2019 09:02:50 +0200 Subject: [PATCH 4/4] Updated OpenVPN for Android --- nethunter-installer/build.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nethunter-installer/build.py b/nethunter-installer/build.py index 603fd57f2d..656a68b71a 100755 --- a/nethunter-installer/build.py +++ b/nethunter-installer/build.py @@ -26,7 +26,7 @@ 'Drivedroid': ['https://drivedroid-versions.s3-eu-west-1.amazonaws.com/files/drivedroid-free-0.10.50.apk', '455354369d34dd59cdf71e50c02fd1dc969925f803fbc1c498467ac1b3b50b7a3b23dd22a3e60a5dbe61d7106c99106f92ef6a86c56775f01e42dfcd1837c198'], 'OpenVPN': - ['https://f-droid.org/repo/de.blinkt.openvpn_159.apk', 'a47200c972a6e98649f6a8f87e02c5b924b1c7915ef86698f1339a1ec82af3eab82e7ecf442a3b2f5ab5ded91b59b0943315133413b50a2c473d5f9ba8050695'], + ['https://f-droid.org/repo/de.blinkt.openvpn_160.apk', '1a3bfc12b1ea396aceaebeaf6136d64989cd06b276022d4c60150ef4622102bd285436cc260f206c5a09e469e52fab55c022fa07b7a7f5c9143011a567a9f309'], 'USBKeyboard': # Feb 3, 2015 ['https://github.com/pelya/android-keyboard-gadget/raw/7ea69c684aa1/USB-Keyboard.apk', '18bced7b339a67c48fe31698cb54063bce8f3dd9f7d7f23d9e5c619697e8da5ab08312cf9a2fa0e3f445a584485db23d1e4c27e3ffc1448551bbaf486ccb11e9'], 'RFAnalyzer':