oxeo0/selfhosting-blogposts
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/selfhosting-blogposts.git synced 2025-05-16 12:16:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
selfhosting-blogposts/xrdp/index.md

178 lines
6.2 KiB
Markdown
Raw Permalink Blame History

---
search:
exclude: true
---
# xrdp Setup
![](0.png)
In this tutorial we're going to look at how to setup XRDP on a kali VM
## **Initial Setup**
So i currently have a VM running kali linux at the local IP 10.77.77.77:
![](1.png)
And my current issue is that i cannot for some reason get this machine to copy paste IN and OUT, even with vmware's poorly made vmware tools implementations on debian-based VMs, therefore i decided to install RDP on it, because i know that this will work. Now RDP is very easy to install on linux. First step is to get the xrdp package:
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ apt search xrdp
Sorting... Done
Full Text Search... Done
libxrdposix3/kali-rolling 5.0.3-4 amd64
Posix interface library for xrootd
xorgxrdp/kali-rolling,now 1:0.2.12-1 amd64 [installed,automatic]
Remote Desktop Protocol (RDP) modules for X.org
xrdp/kali-rolling,now 0.9.12-1.1 amd64 [installed]
Remote Desktop Protocol (RDP) server
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ apt install xrdp -y
And then we simply start it with systemctl:
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl enable --now xrdp
Synchronizing state of xrdp.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable xrdp
Created symlink /etc/systemd/system/multi-user.target.wants/xrdp.service → /lib/systemd/system/xrdp.service.
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ systemctl status xrdp
● xrdp.service - xrdp daemon
Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2021-07-08 18:00:03 CEST; 12min ago
Docs: man:xrdp(8)
man:xrdp.ini(5)
Main PID: 39814 (xrdp)
Tasks: 1 (limit: 4597)
Memory: 772.0K
CPU: 12.854s
CGroup: /system.slice/xrdp.service
└─39814 /usr/sbin/xrdp
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ netstat -alntup | grep 3389
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp6 0 0 :::3389 :::* LISTEN -
And now that we enabled the xrdp service, we can basically test it out, i will connect to my kaliVM using a RDP client called remmina, from debian or arch you install it as follows:
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo apt install remmina freerdp2-x11
[ 10.66.66.2/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo pacman -S remmina freerdp
It's fairly popular so it shouldn't be a problem to find it on most repositories. and then we add a RDP host to connect to after we start remmina:
![](2.png)
Once we connect however, we see that we are not getting into i3, but rather the other default DE that's on kali by default, XFCE
![](4.png)
So in order to fix that, we edit **/etc/xrdp/startwm.sh**
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo vim /etc/xrdp/startwm.sh
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ cat /etc/xrdp/startwm.sh
#!/bin/sh
# xrdp X session start script (c) 2015, 2017 mirabilos
# published under The MirOS Licence
if test -r /etc/profile; then
. /etc/profile
fi
if test -r /etc/default/locale; then
. /etc/default/locale
test -z "${LANG+x}" || export LANG
test -z "${LANGUAGE+x}" || export LANGUAGE
test -z "${LC_ADDRESS+x}" || export LC_ADDRESS
test -z "${LC_ALL+x}" || export LC_ALL
test -z "${LC_COLLATE+x}" || export LC_COLLATE
test -z "${LC_CTYPE+x}" || export LC_CTYPE
test -z "${LC_IDENTIFICATION+x}" || export LC_IDENTIFICATION
test -z "${LC_MEASUREMENT+x}" || export LC_MEASUREMENT
test -z "${LC_MESSAGES+x}" || export LC_MESSAGES
test -z "${LC_MONETARY+x}" || export LC_MONETARY
test -z "${LC_NAME+x}" || export LC_NAME
test -z "${LC_NUMERIC+x}" || export LC_NUMERIC
test -z "${LC_PAPER+x}" || export LC_PAPER
test -z "${LC_TELEPHONE+x}" || export LC_TELEPHONE
test -z "${LC_TIME+x}" || export LC_TIME
test -z "${LOCPATH+x}" || export LOCPATH
fi
if test -r /etc/profile; then
. /etc/profile
fi
#test -x /etc/X11/Xsession && exec /etc/X11/Xsession
#exec /bin/sh /etc/X11/Xsession
exec /usr/bin/i3
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl restart xrdp
[ 10.77.77.77/24 ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl status xrdp
● xrdp.service - xrdp daemon
Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2021-07-08 18:19:00 CEST; 4s ago
Docs: man:xrdp(8)
man:xrdp.ini(5)
Process: 168045 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, status=0/SUCCESS)
Process: 168053 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 168054 (xrdp)
Tasks: 1 (limit: 4597)
Memory: 760.0K
CPU: 18ms
CGroup: /system.slice/xrdp.service
└─168054 /usr/sbin/xrdp
#if you get the "cannot read private key /etc/xrdp/key.pem:permission denied"
do this:
adduser xrdp ssl-cert ; systemctl restart xrdp
here you see i basically just edited the last part of /etc/xrdp/startwm.sh to execute i3 instead of the default Xsession. Now when we test it we get the following:
![](3.png)
And that's it! We managed to connect to a VM via RDP and spawning a non-default DE to navigate it.
If you can't use any alt+gr keystrokes once connected via rdp, you need to run the following command:
setxkbmap -layout fr
If your xrdp service has a TLS error "cannot accept TLS connection because certificate or private key file is not readable" do the following:
![](5.png)
## **Setup**
Reference in a new issue View git blame Copy permalink