Remote Desktop

  1. Remote desktop - A feature that enables users to remotely access and control a computer or virtual machine over a network connection. This is widely used in enterprise and IT environments for convenience and efficiency.
  2. Commonly Used Remote Desktop Services:
    1. Native Support: Offers the best performance, but you need to be on the same network to use these features except screen share from MacOS
      1. Windows -RDP (available only for paid users).
      2. Linux - xrdp
      3. MacOS - No native support. Use screen sharing if you have a Mac or VNC if you don’t have an iOS device.
    2. Browser-Based Remote Desktop: Ideal for terminal-based applications or lightweight browsing of remote machines.
      1. Apache Guacamole
      2. Kasm Workspace
    3. Software Enabled remote desktops: Provides near-native performance with full functionality
      1. VNC - Configuration Overhead
      2. TeamViewer - Paid model; relies on their servers for relaying connections
      3. Anydesk - Free for personal use. Subscription required for personal relay servers
    4. Here is where our new hero shines, RustDesk, a free, open-source remote desktop service written in Rust and designed with Flutter. This makes it compatible with major operating systems like iOS, Windows, Linux, and Android
    5. RustDesk - Enables remote desktop access on any operating system. It offers self-hosting capabilities, allowing you to host your own relay and signaling servers, providing full authority and control over your data.

Setting up RustDesk and relay server:

  1. Install Clients on Target Machines: In this guide, we use a Kali Linux and a Windows machine as examples

    1. Installing RustDesk client

      1. Link to download the installation packages - https://rustdesk.com/

      2. Windows - Install on the user you want to log in as, i.e. I have installed it on user arbaa so whenever I use the RustDesk I will login as user arbaa. The installation process is straightforward, use the installation wizard to install the client on the machine

      3. Linux - Update and upgrade the repository. Download and install the latest RustDesk Linux package using your distribution’s package manager

        sudo apt-get update && apt-get upgrade -y
#install dependencies
sudo apt install -y pkg-config libssl-dev openssl libxcb-shape0-dev libxcb-xfixes0-dev
#at the time of installation this is the latest version available
wget https://github.com/rustdesk/rustdesk/releases/download/1.3.7/rustdesk-1.3.7-x86_64.deb
# the package manager on Kali Linux is dpkg
sudo dpkg -i rustdesk-1.3.7-x86_64.deb
# this will install and enable RustDesk service and GUI

    2. Configuring RustDesk signaling and relay server:

      1. Note - The server must be accessible to the client machines. Two approaches are possible:

        1. VPN Approach: Use a VPN to connect to an isolated network that contains the relay server and client machines. This is the most secure option, as only authorized users can access the relay server.
        2. Cloud-Based Relay Server: Set up the relay server in the cloud, making it accessible to all users. Note: This is less secure; if the server’s IP or public key is leaked, unauthorized users may gain access.

      2. For this guide, we’ll follow the cloud-based approach and set up a relay server on AWS. The server requirements are: 1 CPU, 1 GB RAM, and 10 GB storage.

        1. Create an EC2 Instance: Choose Ubuntu as the operating system. Assign a publicly accessible IP address and configure the security group to open these ports: - 21116 (TCP/UDP) - 21117 (TCP) - Optional: Open 21118 and 21119 for web-based remote desktop access.

        2. SSH into the machine update the repositories and install docker:

          sudo apt-get update && apt-get upgrade -y

# install docker:
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
          1. While in the machine, use the following docker-compose file to start all the required services:

            1. Note - -net=host only works on Linux, which makes hbbs/hbbr see the real incoming IP Address rather than the Container IP (172.17.0.1). If -net=host works fine, the p options are not used. If on Windows, leave out sudo and -net=host

              1. Please remove --net=host if you are having connection problems on your platform.
              2. If you cannot see logs with -td, you can see logs via docker logs hbbs. Or you can run with -ithbbs/hbbr will not run as daemon mode.
              3. Docker Compose File for Configuring the Relay Server:

                1. RustDesk provides a pre-configured docker-compose.yml file in its official GitHub repository. Use this file as a reference for your deployment

                2. Create a Directory for the Relay Server:

                  mkdir rustdesk && cd rustdesk

                3. Use the following to create the compose manifest:

                  services:
  hbbs:
    container_name: hbbs
    image: rustdesk/rustdesk-server:latest
    command: hbbs
    volumes:
      - ./data:/root
    network_mode: "host"

    depends_on:
      - hbbr
    restart: unless-stopped

  hbbr:
    container_name: hbbr
    image: rustdesk/rustdesk-server:latest
    command: hbbr
    volumes:
      - ./data:/root
    network_mode: "host"
    restart: unless-stopped

            2. After saving the manifest, use docker-compose to start the services:

              sudo docker compose up -d # sudo if you have not added docker to sudo user

            3. This will create a data directory, take note of the public key (id_****.pub) from the data directory and the public IP address of the ec2 instance

            4. Open the RustDesk application in Kali and Windows,

              1. Windows:

                1. Click on the 3 dots present on your ID

                2. Go to security and Unlock security settings

                  1. Setup a permanent password (so that you can access the machine without the need of OTP)

                  2. Enable direct IP access (if you want to access the machine through LAN)

                3. Go to Network and Unlock network settings

                  1. Paste the public IP of the ec2 instance for both relay and signaling servers
                  2. Paste the public key in the public key section and click OK

              2. Similarly setup the client for Linux

      3. The relay server acts as a phone dial middleman ( it translates the ID to IP address and connects you to the respective machine)

        1. Copy and paste the ID of the machine you want to operate remotely and enter the permanent password you have set or a one-time password, this will connect you to the respective machine

        2. Here I am using my Kali through the windows, the 161 482 756 is the ID for my Kali machine, the relay will translate the ID and connect automatically to my Kali machines