Installing Kali Linux on EC2 in AWS for Pen Testing
TL:DR In part one a Kali Linux instance was created in AWS and in part two the dependencies and web services required were added to that instance. What follows is a step by step guide to getting remote desktop working with Apache Guacamole™ so that the Kali Linux graphical tools can be used.
Contents
- Installing Kali Linux on EC2 in AWS for Pen Testing
- Part 3
- Build Apache Guacamole
- Apache Guacamole Setup
- guacamole.properties
- user-mapping.xml
- guacd.conf
- enable the Tomcat user to see the guacamole properties
- Deploy the Apache Guacamole client application
- Assign a password to the kali account
- Apache Guacamole Sign in
- Apache Guacamole connections
- Apache Guacamole connected to Kali Linux over RDP
Part 3
Build Apache Guacamole
These commands are very verbose and lots and lots of logging will appear. Just let them finish. If you completed the earlier steps then they should complete successfully. If not check your locale settings from part one, and that you have the build tools correctly installed. Make sure you are in the directory you expanded the server archive into. First configure the build and review the status before proceeding.
┌──(kali㉿kali)-[~/guacamole-server-1.5.0]
└─$ ./configure --with-init-dir=/etc/init.d
...
------------------------------------------------
guacamole-server version 1.5.0
------------------------------------------------
Library status:
freerdp2 ............ yes
pango ............... yes
libavcodec .......... no
libavformat.......... no
libavutil ........... no
libssh2 ............. yes
libssl .............. yes
libswscale .......... no
libtelnet ........... no
libVNCServer ........ no
libvorbis ........... yes
libpulse ............ no
libwebsockets ....... no
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... no
RDP ........... yes
SSH ........... yes
Telnet ........ no
VNC ........... no
Services / tools:
guacd ...... yes
guacenc .... no
guaclog .... yes
FreeRDP plugins: /usr/lib/x86_64-linux-gnu/freerdp2
Init scripts: /etc/init.d
Systemd units: no
Looks right. RDP and SSH are all that is required. Now use the make command to compile and sudo make install to install the software. ldconfig creates the necessary links and cache to the shared libraries you just created and finally set the defaults for the guacd deamon.
┌──(kali㉿kali)-[~/guacamole-server-1.5.0]
└─$ make
$ sudo make install
$ sudo ldconfig
$ sudo update-rc.d guacd defaults
Apache Guacamole Setup
Thats not quite all. Apache Guacamole needs a little setup.
guacamole.properties
Create /etc/guacamole/guacamole.properties and set hostname and port using your favourite terminal editor.
┌──(kali㉿kali)-[~/guacamole-server-1.5.0]
└─$ sudo mkdir /etc/guacamole
$ sudo vi /etc/guacamole/guacamole.properties
guacd-hostname: localhost
guacd-port: 4822
user-mapping.xml
Now create /etc/guacamole/user-mapping.xml with details of the connections and users. Shown here with one user with a hardwired password. The Apache Guacamole documentation has far better hardened examples!
<user-mapping>
<authorize username="kali" password="kali">
<connection name="RDP Connection">
<protocol>rdp</protocol>
<param name="hostname">localhost</param>
<param name="port">3390</param>
</connection>
<connection name="SSH Connection">
<protocol>ssh</protocol>
<param name="hostname">localhost</param>
<param name="port">22</param>
</connection>
</authorize>
</user-mapping>
guacd.conf
You'll need a guacd configuration file /etc.guacamole/guacd.conf and pay special attention to the bind_host being the IPv4 localhost address of 127.0.0.1 as nothing properly worked for me until this was set.
[daemon]
pid_file = /var/run/guacd.pid
log_level = info
[server]
bind_host = 127.0.0.1
bind_port = 4822
enable the Tomcat user to see the guacamole properties
┌──(kali㉿kali)-[~]
└─$ sudo mkdir /usr/share/tomcat9/.guacamole
$ sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat9/.guacamole
Deploy the Apache Guacamole client application
The Apache Guacamole client application is a web application for Apache Tomcat. It just needs to be downloaded and moved into place in order to be deployed.
┌──(kali㉿kali)-[~]
└─$ wget https://apache.org/dyn/closer.lua/guacamole/1.5.0/binary/guacamole-1.5.0.war?action=download
$ sudo mv 'guacamole-1.5.0.war?action=download' /var/lib/tomcat9/webapps/guacamole.war
Now restart the services and you should be done!
┌──(kali㉿kali)-[~]
└─$ sudo service guacd restart
$ sudo service tomcat9 restart
Assign a password to the kali account
You will need to change the password to the default ‘kali’ account before connecting according to the Kali linux documentation on AWS.
Apache Guacamole Sign in
Apache Guacamole connections
Apache Guacamole connected to Kali Linux over RDP
