Previous Page

nothing@nowhere - 2021-07-08

xrdp Setup

In this tutorial we're going to look at how to setup XRDP on a kali VM

Initial Setup

So i currently have a VM running kali linux at the local IP

And my current issue is that i cannot for some reason get this machine to copy paste IN and OUT, even with vmware's poorly made vmware tools implementations on debian-based VMs, therefore i decided to install RDP on it, because i know that this will work. Now RDP is very easy to install on linux. First step is to get the xrdp package:

[ ] [ /dev/pts/1 ] [~/HTB]
→ apt search xrdp
Sorting... Done
Full Text Search... Done
libxrdposix3/kali-rolling 5.0.3-4 amd64
  Posix interface library for xrootd

xorgxrdp/kali-rolling,now 1:0.2.12-1 amd64 [installed,automatic]
  Remote Desktop Protocol (RDP) modules for

xrdp/kali-rolling,now 0.9.12-1.1 amd64 [installed]
  Remote Desktop Protocol (RDP) server

[ ] [ /dev/pts/1 ] [~/HTB]
→ apt install xrdp -y

And then we simply start it with systemctl:

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl enable --now xrdp
Synchronizing state of xrdp.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable xrdp
Created symlink /etc/systemd/system/ → /lib/systemd/system/xrdp.service.
[ ] [ /dev/pts/1 ] [~/HTB]
→ systemctl status xrdp
● xrdp.service - xrdp daemon
     Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
     Active: active (running) since Thu 2021-07-08 18:00:03 CEST; 12min ago
       Docs: man:xrdp(8)
   Main PID: 39814 (xrdp)
      Tasks: 1 (limit: 4597)
     Memory: 772.0K
        CPU: 12.854s
     CGroup: /system.slice/xrdp.service
             └─39814 /usr/sbin/xrdp

[ ] [ /dev/pts/1 ] [~/HTB]
→ netstat -alntup | grep 3389
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp6       0      0 :::3389                 :::*                    LISTEN      -

And now that we enabled the xrdp service, we can basically test it out, i will connect to my kaliVM using a RDP client called remmina, from debian or arch you install it as follows:

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo apt install remmina freerdp2-x11

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo pacman -S remmina freerdp

It's fairly popular so it shouldn't be a problem to find it on most repositories. and then we add a RDP host to connect to after we start remmina:

Once we connect however, we see that we are not getting into i3, but rather the other default DE that's on kali by default, XFCE

So in order to fix that, we edit /etc/xrdp/

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo vim /etc/xrdp/

[ ] [ /dev/pts/1 ] [~/HTB]
→ cat /etc/xrdp/
# xrdp X session start script (c) 2015, 2017 mirabilos
# published under The MirOS Licence

if test -r /etc/profile; then
        . /etc/profile

if test -r /etc/default/locale; then
        . /etc/default/locale
        test -z "${LANG+x}" || export LANG
        test -z "${LANGUAGE+x}" || export LANGUAGE
        test -z "${LC_ADDRESS+x}" || export LC_ADDRESS
        test -z "${LC_ALL+x}" || export LC_ALL
        test -z "${LC_COLLATE+x}" || export LC_COLLATE
        test -z "${LC_CTYPE+x}" || export LC_CTYPE
        test -z "${LC_IDENTIFICATION+x}" || export LC_IDENTIFICATION
        test -z "${LC_MEASUREMENT+x}" || export LC_MEASUREMENT
        test -z "${LC_MESSAGES+x}" || export LC_MESSAGES
        test -z "${LC_MONETARY+x}" || export LC_MONETARY
        test -z "${LC_NAME+x}" || export LC_NAME
        test -z "${LC_NUMERIC+x}" || export LC_NUMERIC
        test -z "${LC_PAPER+x}" || export LC_PAPER
        test -z "${LC_TELEPHONE+x}" || export LC_TELEPHONE
        test -z "${LC_TIME+x}" || export LC_TIME
        test -z "${LOCPATH+x}" || export LOCPATH

if test -r /etc/profile; then
        . /etc/profile

#test -x /etc/X11/Xsession && exec /etc/X11/Xsession
#exec /bin/sh /etc/X11/Xsession
exec /usr/bin/i3

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl restart xrdp

[ ] [ /dev/pts/1 ] [~/HTB]
→ sudo systemctl status xrdp
● xrdp.service - xrdp daemon
     Loaded: loaded (/lib/systemd/system/xrdp.service; enabled; vendor preset: disabled)
     Active: active (running) since Thu 2021-07-08 18:19:00 CEST; 4s ago
       Docs: man:xrdp(8)
    Process: 168045 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, status=0/SUCCESS)
    Process: 168053 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, status=0/SUCCESS)
   Main PID: 168054 (xrdp)
      Tasks: 1 (limit: 4597)
     Memory: 760.0K
        CPU: 18ms
     CGroup: /system.slice/xrdp.service
             └─168054 /usr/sbin/xrdp

#if you get the "cannot read private key /etc/xrdp/key.pem:permission denied"
do this:

adduser xrdp ssl-cert ; systemctl restart xrdp

here you see i basically just edited the last part of /etc/xrdp/ to execute i3 instead of the default Xsession. Now when we test it we get the following:

And that's it! We managed to connect to a VM via RDP and spawning a non-default DE to navigate it.

If you can't use any alt+gr keystrokes once connected via rdp, you need to run the following command:

setxkbmap -layout fr 

If your xrdp service has a TLS error "cannot accept TLS connection because certificate or private key file is not readable" do the following:



Until there is Nothing left.

About nihilist

Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8

Contact: (PGP)