Do you know your Android phone have a shell?. Do you know that it is a reduced version of busybox?. Do you know you can recompile it and add some important missing applets?
If you don’t, keep reading. This is gonna be quick and easy!
NOTE: This a rewrite of something I wrote some time ago for other forum… Anyway, there are not much more ways of doing this, and I think it is interesting to share
Chose your Toolchain
The first thing you need is to get a toolchain to be able to cross-compile your own version of busybox. This use tho be a hard task, but with the popularity of ARM devices these latest now you can just install a debian package in your debian based preferred distro
apt-get install gcc-arm-linux-gnueabi
apt-get install gcc-arm-linux-gnueabihf
Chose the first one for old phones with a processor that does not support hardware floating point operations. Any recent smartphone or Android device should be fine with the hf version.
Configure busybox
Now go to the busybox website ( https://busybox.net/) and grab the latest version, uncompress and configure:
$ wget https://busybox.net/downloads/busybox-1.25.0.tar.bz2 -O - | tar xj
$ cd busyb0x-1.25.0
$ make menuconfig
This will bring up a text interface similar to the one used by to compile the Linux Kernel. Select the first option (Busybox Settings) and then second (Build Options).
In that screen select the first option to build busybox as a static binary and then enter the prefix to your selected toolchain, the one you installed in the previous step. At the end it should look like this:
Then you can go back to the top level screen and select the apples you want. By default most of then are selected so you may, actually, want to remove some…
When you are done, leave the configuration tool, save your config file and type:
make
or
make -j 8 # If you have 8 cores in your machine!
Deploying
When make is done, you will get a file named busybox. A static binary for ARM:
$ file busybox
busybox: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, for GNU/Linux 2.6.31, BuildID[sha1]=0x873b15e8aa14397bd5ed72a482117a5893f2ca64, stripped
Now we have to deploy or new busybox on our phone. For this you need the adb tool that comes with the Android SDK. You need to download the Android SDK, uncompress the package somewhere, figure out the path to the adb tool and add it to the PATH. That is roughly it.
Once we have adb we can copy our busybox version into the phone. Connect the phone via USB, enable debug mode, accept the dialog popping up in the phone (unless you had already accepted it permanently) so you can run:
adb push busybox /data/local/tmp
Then, we just need to log into our phone, change some permissions and install busybox:
host $ adb shell
phone $ cd /data/local/tmp
phone $ chmod 777 busybox
phone $ mkdir bb
phone $ ./busybox --install ./bb
phone $ export PATH=/data/local/tmp/bb:$PATH
The folder /data/local/tmp have write and execution permissions for all users. That is why we chose it.
That is it. Just try ls to get the familiar coloured directory listing you have in your linux box. Now you can use:
- netcat
- wget
- httpd
- vi
- awk
…and most of the basic tools you are used to (with more options that the ones provided by the default Android shell). Note that some tools may require root access. Exactly the same that when you use them in your normal linux box.
One think you may try is:
nc -l -p 5000 -e /system/bin/sh
Simple
You should be able to run the process above in any Android device. It does not require root and that is why, you have to update your PATH env variable, everytime you want to use the tools provided by your own busybox.
If your phone is rooted you can enable write permissions in your system partition and install busybox there, so it is always in the path.
As I said, quick and easy 
Hack Fun!
I knew about the Android Shell, but not that I could recompile it.