Upload files to 'server'

NetGuard

@@ -0,0 +1 @@
+Subproject commit 0350e46d6dbe398dc395675e348121fe3ae6624a

root-android/README.md

@@ -1,30 +1,26 @@
 
 ## Steps to root Android (Google Pixel4a-sunfish <Android 13>)
 
-
 1. Enable dev options by tapping build number 7 times
 2. Enable usb debugging and OEM unlocking in developer options panel from in Syste
 3. Make note of build number at About phone -> Build number = TPIA.221105.002
-4. Download full image for build from: https://developers.google.com/android/images
+4. Download full image for build from: https://developersd.google.com/android/ota#sunfish
-5. Unzip downoaded zip, then unzip the zip within there to get the "build.img" file needed
+5. Install fastboot: apt install fastboot and adb
-6. Push the build.img file to the unrooted Android device: `adb push <path_to_file>/boot.img /storage/emulated/0/Download/boot.img`
+6. Reboot to bootloader: adb reboot bootloader
-7. Install fastboot: `apt install fastboot and adb`
+7. Make sure fastboot is connected: fastboot devices
-8. Reboot to bootloader: `adb reboot bootloader`
+8. fastboot flashing unlock
-9. Make sure fastboot is connected: `fastboot devices`
-10. `fastboot flashing unlock`
-11. Sideload Magisk apk: `adb -s $(adb devices) install ~/Downloads/Magisk.apk/`, URL: https://github.com/topjohnwu/Magisk/releases/tag/v26.1
-12. Patch the downloaded factory image file in Magisk: Magisk -> Install -> Select and patch a file -> Select the boot.img file pushed in step 6 
-13. Hit lets go to let Magisk patch image -> Wait for path of new image file on device to be printed if it worked
-14. Pull patched image to desktop: `adb pull /storage/emulated/0/Download/magisk_patched-26100_zEIYy.img ./`
-15. `adb devices` -> `adb reboot bootloader` -> `fastboot devices`
-16. `fastboot boot ~/Desktop/magisk_patched-26100.img`
-17. Root permanently via Direct Install from Magisk: Open Magisk app -> Install Direct (Recommended) -> wait and reboot
-18. Verify root after reboot from desktop: `adb shell` -> `su` -> `whoami`
-19. Install this ZIP as Magisk module to trust user certs and system certs: https://github.com/NVISOsecurity/MagiskTrustUserCerts/releases
 
+9. Sideload Magisk apk: adb -s $(adb devices) install ~/Downloads/Magisk.apk/, URL: https://github.com/topjohnwu/Magisk/releases/tag/v26.1
+10. Patch the downloaded factory image file in Magisk: Magisk -> Install -> Select and patch a file -> Select the unzipped boot.img file (Note: Within original zip for factory image there is another zip that boot.img is within) 
 
+11. Hit lets go to let Magisk patch image -> Wait for path of new image file on device to be printed if it worked
+12. Pull patched image to desktop: Adb pull /storage/emulated/0/Download/magisk_patched-26100_zEIYy.img ./
+13. Adb devices -> fastboot devices 
+14. Fastboot boot ~/Desktop/magisk_patched-26100.img
+15. Root permanently via Direct Install from Magisk: Open Magisk app -> Install Direct (Recommended) -> wait and reboot
+16. Verify root after reboot from desktop: “adb shell” -> “su” -> “whoami”
 
-*Note: Using Ubuntu 20 for desktop machine in instructions*
+17. Install this ZIP as Magisk module to trust user certs and system certs: https://github.com/NVISOsecurity/MagiskTrustUserCerts/releases 
 
 
 

server/NetGenieSrv.py

@@ -0,0 +1,61 @@
+#!/bin/env python3
+
+import socket;
+import sys;
+
+def init_socket():
+    # Creates a TCP/IP socket
+    # socket type .AF_INET is the Internet address family for IPv4.
+    # .SOCK_STREAM is the socket type for TCP. 
+    debug_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+
+    # Bind the socket to the port 8000
+    debug_server_address = ('localhost', 8000)
+    debug_socket.bind(debug_server_address)
+    
+    # Listen for incoming connections
+    debug_socket.listen(1)
+    while True:
+    # Wait for a connection
+       print >>sys.stderr, 'Waiting for a Connection'
+       connection, client_address = debug_socket.accept()
+
+def check_bridge_socket():
+    evt = None
+    return evt
+
+def handle_bridge_evt(evt):
+    """
+    TODO: Whatever bridge events to handle
+    """
+
+def check_debug_socket():
+    dbg_evt = None 
+    return dbg_evt
+
+def handle_debug_evt(dbg_evt):
+    """ TODO: Do something with the events here."""
+
+def run_loop():
+    """ """
+    while True:
+        # 1. Check the BridgeSocket
+        evt = check_bridge_socket()
+        if evt != None:
+            handle_bridge_evt(evt)
+        dbg_evt = check_debug_socket()
+        if dbg_evt != None:
+            handle_debug_evt(dbg_evt)
+def main():
+    init_socket()
+    """
+    1. TODO: Open Server port that the device connects to.
+    2. TODO: Open Server port that an admin connects to, i.e., to test sending packets to
+    3. TODO (Optional): We might be able to start a Scapy [REPL](https://en.wikipedia.org/wiki/Read%E2%80%93eval%E2%80%93print_loop)
+       and then add these functions. That way the person in debugging the phone can do live testing.
+
+    """
+
+
+if __name__ == '__main__':
+    main()

server/readme.txt

@@ -0,0 +1,3 @@
+The following link maybe helpful.
+
+https://github.com/davidbombal/red-python-scripts/blob/main/arp_mitm.py

server/send_first_packet.py

@@ -0,0 +1,22 @@
+# Using the source code and instructions from: https://inc0x0.com/tcp-ip-packets-introduction/tcp-ip-packets-3-manually-create-and-send-raw-tcp-ip-packets/
+
+import socket
+
+s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
+s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
+
+# b converts string into byte format
+ip_header  = b'\x45\x00\x00\x28'  # Version, IHL, Type of Service | Total Length
+ip_header += b'\xab\xcd\x00\x00'  # Identification | Flags, Fragment Offset
+ip_header += b'\x40\x06\xa6\xec'  # TTL, Protocol | Header Checksum
+ip_header += b'\x0a\x0a\x0a\x02'  # Source Address
+ip_header += b'\x0a\x0a\x0a\x01'  # Destination Address
+
+tcp_header  = b'\x30\x39\x00\x50' # Source Port | Destination Port
+tcp_header += b'\x00\x00\x00\x00' # Sequence Number
+tcp_header += b'\x00\x00\x00\x00' # Acknowledgement Number
+tcp_header += b'\x50\x02\x71\x10' # Data Offset, Reserved, Flags | Window Size
+tcp_header += b'\xe6\x32\x00\x00' # Checksum | Urgent Pointer
+
+packet = ip_header + tcp_header
+s.sendto(packet, ('10.10.10.1', 0))

server/sending_raw_packets.py

@@ -0,0 +1,23 @@
+import socket
+
+s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW)
+s.bind(("wlp1s0", 8000))
+
+ethernet  = b'\x00\x0c\x29\xd3\xbe\xd6' # MAC Address Destination
+ethernet += b'\x00\x0c\x29\xe0\xc4\xaf' # MAC Address Source
+ethernet += b'\x08\x00'                 # Protocol-Type: IPv4
+
+ip_header  = b'\x45\x00\x00\x28'  # Version, IHL, Type of Service | Total Length
+ip_header += b'\xab\xcd\x00\x00'  # Identification | Flags, Fragment Offset
+ip_header += b'\x40\x06\xa6\xec'  # TTL, Protocol | Header Checksum
+ip_header += b'\x0a\x0a\x0a\x02'  # Source Address
+ip_header += b'\x0a\x0a\x0a\x01'  # Destination Address
+
+tcp_header  = b'\x30\x39\x00\x50' # Source Port | Destination Port
+tcp_header += b'\x00\x00\x00\x00' # Sequence Number
+tcp_header += b'\x00\x00\x00\x00' # Acknowledgement Number
+tcp_header += b'\x50\x02\x71\x10' # Data Offset, Reserved, Flags | Window Size
+tcp_header += b'\xe6\x32\x00\x00' # Checksum | Urgent Pointer
+
+packet = ethernet + ip_header + tcp_header
+s.send(packet)