NMAP FOR ANDROID CROSS COMPILE ARM
# easy install from android root prompt
wget http://rmccurdy.com/nmap.sh
sh nmap.sh
This
MAY work for other platforms but tested on cygonmod as of 2/18/2010 on
Android G1 plan to APK package this up with other security tools
ruby/metasploit etc ..
• SYN scans may not REALLY be working … along with other ‘features’ of nmap ..
•
Copy eveything in http://rmccurdy.com/stuff/G1/BINS/NMAP/ to
/data/local/bin on the Android and cd /data/local/bin
• You may need to ‘mount -o remount / /` and put sh or bash ( the busybox bash ) in /bin/sh
• Or alternative export SHELL=/system/bin/sh may work ..
• http://delicious.com/operat0r/android reference
• Some tips for cross compiling:
- Start with simple! bash or ‘hello world’
- Make sure the file is ARM / STATIC
nmap: ELF 32-bit LSB executable, ARM, version 1 (SYSV), for GNU/Linux 2.6.14, statically linked, not stripped
- If you get ‘not found’ it may be the /bin/sh issue or missing libs
- You can use strace and gdb from my site or http://ortegaalfredo.googlepages.com/android
-
For nmap and others I had to pre compile the libs and or hack up the
configure and/or make file so if something fails try to compile each
lib in the folder take it folder by folder
EXAMPLE OUTPUT:
uname -a
Linux localhost 2.6.29.6-cm42 #11 PREEMPT Sun Jan 3 23:10:50 EST 2010 armv6l GNU
/Linux
#
# nmap -v -iR 5 -PN -p 80 -n
nmap -v -iR 5 -PN -p 80 -n
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2010-02-18 17:47 UTC
Initiating SYN Stealth Scan against 5 hosts [1 port/host] at 17:47
The SYN Stealth Scan took 2.01s to scan 5 total ports.
Host 168.112.144.230 appears to be up ... good.
Interesting ports on 168.112.144.230:
PORT STATE SERVICE
80/tcp filtered http
Host 126.57.18.41 appears to be up ... good.
Interesting ports on 126.57.18.41:
PORT STATE SERVICE
80/tcp filtered http
Host 212.24.14.96 appears to be up ... good.
Interesting ports on 212.24.14.96:
PORT STATE SERVICE
80/tcp filtered http
Host 41.78.98.24 appears to be up ... good.
Interesting ports on 41.78.98.24:
PORT STATE SERVICE
80/tcp filtered http
Host 89.93.252.102 appears to be up ... good.
Interesting ports on 89.93.252.102:
PORT STATE SERVICE
80/tcp filtered http
Nmap finished: 5 IP addresses (5 hosts up) scanned in 2.104 seconds
MINI HOWTO:
# you need sun-java5-jdk
echo 'deb http://us.archive.ubuntu.com/ubuntu/ jaunty multiverse' >> /etc/apt/sources.list
echo 'deb http://us.archive.ubuntu.com/ubuntu/ jaunty-updates multiverse ' >> /etc/apt/sources.list
apt-get update
apt-get install build-essential -y
apt-get install m4 -y
aptitude install git-core git jfsutils xfsprogs quota isdnutils-base nfs-common oprofile -y
apt-get install sun-java5-jdk -y
# toolchain for cross compile
wget
"http://www.codesourcery.com/sgpp/lite/arm/portal/package3696/public/arm-none-linux-gnueabi/arm-2008q3-72-arm-none-linux-gnueabi-i686-pc-linux-gnu.tar.bz2"
http://zenmachine.wordpress.com/cross-compiling-ruby-to-arm-processors-the-not-so-zen-way/
http://android-dev.g.hatena.ne.jp/takuma104/
# download nmap-4.01.tar.gz
# precompile dftables cd ./libpcre/ ; ./configure ; make;cp dftables /usr/local/sbin/
# make clean and cp /usr/local/sbin/dftables ./libpcre/
#
precompile libpcap I got libpcap-0.7.1 to compile OK for AM '
--with-libpcap=/home/operat0r/libpcap-0.7.1/ ' change to your path
# before you make vi the Main Make file to STATIC = -static
# my last line after make looked like:
arm-none-linux-gnueabi-g++
-Llibpcap -Lnbase -Lnsock/src/ -static -o nmap main.o
nmap.o targets.o tcpip.o nmap_error.o utils.o idle_scan.o osscan.o
output.o scan_engine.o timing.o charpool.o services.o protocols.o
nmap_rpc.o portlist.o NmapOps.o TargetGroup.o Target.o
FingerPrintResults.o service_scan.o NmapOutputTable.o MACLookup.o tty.o
nmap_dns.o -lnbase -lnsock libpcre/libpcre.a -lpcap
libdnet-stripped/src/.libs/libdnet.a -lm
export ac_cv_linux_vers=2.6.31
export CC=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-gcc -static
export LD=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-ld
export AR=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-ar
export RANLIB=/usr/local/arm-2008q3/arm-none-linux-gnueabi/bin/ranlib
export PATH=$PATH:/usr/local/arm-2008q3/bin
export PATH=$PATH:/usr/local/arm-2008q3/
export PATH=$PATH:/usr/local/arm-2008q3/lib
export ac_cv_func_getpgrp_void=yes
export ac_cv_func_setpgrp_void=yes
./configure
--host=arm-none-linux-gnueabi --target=arm-none-linux-gnueabi
--with-libpcap=/home/operat0r/libpcap-0.7.1/ --without-nmapfe
--with-pcap=linux
more notes :
# you need sun-java5-jdk
echo 'deb http://us.archive.ubuntu.com/ubuntu/ jaunty multiverse'
>> /etc/apt/sources.list
echo 'deb http://us.archive.ubuntu.com/ubuntu/ jaunty-updates
multiverse ' >> /etc/apt/sources.list
apt-get update
apt-get install build-essential -y
apt-get install m4 -y
aptitude install git-core git jfsutils xfsprogs quota isdnutils-base
nfs-common oprofile -y
apt-get install sun-java5-jdk -y
# toolchain for cross compile
wget
"http://www.codesourcery.com/sgpp/lite/arm/portal/package3696/public/arm-none-linux-gnueabi/arm-2008q3-72-arm-none-linux-gnueabi-i686-pc-linux-gnu.tar.bz2"
http://zenmachine.wordpress.com/cross-compiling-ruby-to-arm-processors-the-not-so-zen-way/
http://android-dev.g.hatena.ne.jp/takuma104/
# download nmap-4.01.tar.gz
# precompile dftables cd ./libpcre/ ; ./configure ;
make;cp dftables /usr/local/sbin/
# make clean and cp /usr/local/sbin/dftables ./libpcre/
# precompile libpcap I got libpcap-0.7.1 to compile OK for AM
' --with-libpcap=/home/operat0r/libpcap-0.7.1/ ' change to
your path
# before you make vi the Main Make file to STATIC = -static ...
# my last line afer make looked like:
arm-none-linux-gnueabi-g++ -Llibpcap -Lnbase -Lnsock/src/
-static -o nmap main.o nmap.o targets.o tcpip.o nmap_error.o
utils.o idle_scan.o osscan.o output.o scan_engine.o timing.o charpool.o
services.o protocols.o nmap_rpc.o portlist.o NmapOps.o TargetGroup.o
Target.o FingerPrintResults.o service_scan.o NmapOutputTable.o
MACLookup.o tty.o nmap_dns.o -lnbase -lnsock
libpcre/libpcre.a -lpcap libdnet-stripped/src/.libs/libdnet.a
-lm
export ac_cv_linux_vers=2.6.31
export CC=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-gcc -static
export LD=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-ld
export AR=/usr/local/arm-2008q3/bin/arm-none-linux-gnueabi-ar
export RANLIB=/usr/local/arm-2008q3/arm-none-linux-gnueabi/bin/ranlib
export PATH=$PATH:/usr/local/arm-2008q3/bin
export PATH=$PATH:/usr/local/arm-2008q3/
export PATH=$PATH:/usr/local/arm-2008q3/lib
export ac_cv_func_getpgrp_void=yes
export ac_cv_func_setpgrp_void=yes
./configure --host=arm-none-linux-gnueabi
--target=arm-none-linux-gnueabi
--with-libpcap=/home/operat0r/libpcap-0.7.1/ --without-nmapfe
--with-pcap=linux