Skip to content

Instantly share code, notes, and snippets.

@patrickceg

patrickceg/install.sh

Forked from mimura1133/install.sh
Last active March 24, 2020 02:08
Show Gist options
  • Save patrickceg/e4b9b645ce14a3b16ff4989be2caad86 to your computer and use it in GitHub Desktop.
Save patrickceg/e4b9b645ce14a3b16ff4989be2caad86 to your computer and use it in GitHub Desktop.
Download ZIP
Enhanced Session for Kali Linux.
Raw
install.sh
#!/bin/bash
# Original : https://raw.githubusercontent.com/Microsoft/linux-vm-tools/master/arch/install-config.sh
###############################################################################
# Update our machine to the latest code if we need to.
#
if [ "$(id -u)" -ne 0 ]; then
echo 'This script must be run with root privileges' >&2
exit 1
fi
apt update && apt upgrade -y
if [ -f /var/run/reboot-required ]; then
echo "A reboot is required in order to proceed with the install." >&2
echo "Please reboot and re-run this script to finish the install." >&2
exit 1
fi
###############################################################################
# Install XRDP
#
apt install -y xrdp
###############################################################################
# Configure XRDP
#
systemctl enable xrdp
systemctl enable xrdp-sesman
# Configure the installed XRDP ini files.
# use vsock transport.
sed -i_orig -e 's/use_vsock=false/use_vsock=true/g' /etc/xrdp/xrdp.ini
# use rdp security.
sed -i_orig -e 's/security_layer=negotiate/security_layer=rdp/g' /etc/xrdp/xrdp.ini
# remove encryption validation.
sed -i_orig -e 's/crypt_level=high/crypt_level=none/g' /etc/xrdp/xrdp.ini
# disable bitmap compression since its local its much faster
sed -i_orig -e 's/bitmap_compression=true/bitmap_compression=false/g' /etc/xrdp/xrdp.ini
sed -n -e 's/max_bpp=32/max_bpp=24/g' /etc/xrdp/xrdp.ini
sed -i_orig -e 's/X11DisplayOffset=10/X11DisplayOffset=0/g' /etc/xrdp/sesman.ini
# Use vsock listener
sed -i_orig -e 's,port=3389,port=vsock://-1:3389,g' /etc/xrdp/xrdp.ini
# rename the redirected drives to 'shared-drives'
sed -i_orig -e 's/FuseMountName=thinclient_drives/FuseMountName=shared-drives/g' /etc/xrdp/sesman.ini
# Change the allowed_users
echo "allowed_users=anybody" > /etc/X11/Xwrapper.config
#Ensure hv_sock gets loaded
if [ ! -e /etc/modules-load.d/hv_sock.conf ]; then
echo "hv_sock" > /etc/modules-load.d/hv_sock.conf
fi
# Configure the policy xrdp session
cat > /etc/polkit-1/localauthority/50-local.d/45-allow-colord.pkla <<EOF
[Allow Colord all Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profile;org.freedesktop.color-manager.modify-device;org.freedesktop.color-manager.modify-profile
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF
###############################################################################
# .xinitrc has to be modified manually.
#
#echo "exec gnome-session" > ~/.xinitrc
echo "exec startxfce4" > ~/.xinitrc # thanks @rasschaert and @patrickceg.
echo "You will have to configure .xinitrc to start your windows manager, see https://wiki.archlinux.org/index.php/Xinit"
echo "Reboot your machine to begin using XRDP."
@patrickceg
Copy link
Author

patrickceg commented Dec 19, 2019
edited

Modification is to use xfce4-session instead of gnome-session for Kali 2019.4 as hinted at by @rasschaert

The steps to use this (by piecing together the comments from the original and testing under Kali 2019.4) are:

Prerequisite: Kali Linux is installed to a Generation 2 Hyper-V VM

  1. Copy or download this script to the Kali machine
    • I put it in my /root/Downloads folder, but it doesn't have absolute paths, so you can put it wherever you want
  2. Change the script to be executable: chmod 700 install.sh
  3. Run the install.sh: ./install.sh
    • This may take several minutes especially if it's doing the apt upgrade
  4. Shut down the Kali VM.
  5. Make sure the "Virtual Machine Connection" window to view your Kali VM is closed.
  6. Open an administrator's PowerShell on the Windows host.
  7. In that powershell, type, substituting myvm for your VM's name Set-Vm -Name myvm -EnhancedSessionTransportType HvSocket
  8. Close the Administrator's Powershell
  9. Open Hyper-V manager if it isn't open from before
  10. Start your Kali VM
  11. Wait for the VM to get to the login screen (you can see its progress in the thumbnail at the bottom of the VM)
  12. Click on the "Connect..." button for the VM
  13. You should now be able to log in as per https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/learn-more/use-local-resources-on-hyper-v-virtual-machine-with-vmconnect#choose-a-local-resource

Troubleshooting:

  1. If at step 11 you get the regular login screen instead of the "Connect To" window with the resolution slider, you can try rerunning the script (step 3) and rebooting the VM. I needed two reboots, but I'm not sure if it's because you really need two reboots and two runs of the script, or if I didn't wait long enough for the VM to get to the state where Enhanced Session is presented to Hyper-V socket.
  2. You may also want to reboot the host in case the usual Windows crazy stuff is happening.
  3. If those fail, go in to the VM and check for any errors from the xrdp service.

(I release the parts that I wrote of this little set of instructions into Public Domain. Have fun copy-pasting.)

@VictorXLR
Copy link

Hi Patrick,
I followed your instructions for setting up enhanced mode but currently it doesnt even run XRDP

This is the log from the VM, Do you have any idea how to fix this :(
image

@nathanVader
Copy link

Same error to me...

image

@patrickceg
Copy link
Author

patrickceg commented Jan 22, 2020
edited

Hmm I noticed there's updates to xrdp with updates to both .ini files, so I wonder if the newest Kali broke something.

EDIT: Confirmed after updates mine's broken in the same way. ...yay it's debugging time... The first thing I noticed is the update overwrote both /etc/xrdp/xrdp.ini and /etc/xrdp/sesman.ini so it would be useful to see what's changed in those.

EDIT 2: Also the error "address already in use" is not referring to IP address / port because there is nothing listening on port 3389 on my system. Therefore it's more likely referring to a "address" for a graphical system (like how VNC sessions have IDs :1, :2, etc). That's just speculation though; essentially it's just that xrdp is now crashing on startup.

@nathanVader
Copy link

I found a solution editing xrdp.ini and changing the port value to this:
port=vsock://-1:3389

That makes it work in Kali with Xfce

@VictorXLR
Copy link

VictorXLR commented Jan 22, 2020
edited

Im using the gnome display and after i made the change in /etc/xrdp/xrdp.ini suggested by @nathanVader. I was able to get the slider to connect from HyperV and get the xrdp connect screen but after i input my username and password i get this message.

image

The enhanced session button is now active but i am unable to use it due to ^. Any Ideas?

does sessman.ini and xrdp.ini listen on the same port?

@nathanVader
Copy link

In Kali with Xfce works well. It seems a different problem with Gnome environment... I'm looking for a solution...

@VictorXLR
Copy link

I posted this before in a wrong conversation. I apologize
This is what my .xinitrc file says

image

but when i run echo $DESKTOP_SESSION i get gnome

Im not used to desktop environments and im not sure what one im using atm?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment