Windows Terminal PenTesting

Hello everyone,
This article is going to focus on setting up WSL 2 and gaining a full GUI access to Kali Linux
along with Windows terminal configuration.

Youtube: https://www.youtube.com/watch?v=8sowYFeD5P0

Link to Original post: http://blankdash.ninja/2020/07/27/windows-terminal-pentesting/

May 2019, Microsoft announced about their windows terminal which has a lot of features
focusing on user interaction with the terminal and managing multiple terminals.
Original Link to Announcement: https://devblogs.microsoft.com/commandline/introducingwindows-terminal/

Links to download Windows Terminal:


We are going to take a look into how to set up the kali machine in windows terminal.
STEP 1:
visit the microsoft store and install the windows terminal.

STEP 2:
Open Windows Terminal from the start menu, you will be able to open Powershell & CMD by
default.
In order to have any other linux distro such as kali linux, you need to have it installed for
which WLS2 is required.

STEP 3:
Enable WSL2 & Install Kali linux from microsoft store.
To install WSL2 open powershell as admin and run the following commands.
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all
/norestart
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

STEP 4:
Open Kali Linux or Ubuntu that you have installed from the menu

Input the user name and password to configure your device.
Make sure to update your machine by running the following commands
sudo -i
sudo apt-get update && sudo apt-get upgrade -y

STEP 5:
Setting up the desktop environment, you can install any Desktop Environment you want but
we are going to focus in XFCE.
Kali Linux Doc for DE (Reference)

Open your kali linux terminal and run the following commands:
sudo apt install -y xrdp
apt-get install kali-defaults kali-root-login desktop-base xfce4 xfce4-places-plugin xfce4-
goodies

STEP 6:
Setting up RDP protocol to connect to an RDP session using XORG
inorder to set up the rdp connection follow the steps below
sudo cp /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.ini.bakup
sudo sed -i ‘s/3389/3390/g’ /etc/xrdp/xrdp.ini
sudo sed -i ‘s/max_bpp=32/#max_bpp=32\nmax_bpp=128/g’ /etc/xrdp/xrdp.ini
sudo sed -i ‘s/xserverbpp=24/#xserverbpp=24\nxserverbpp=128/g’ /etc/xrdp/xrdp.ini
echo xfce4-session > ~/.xsession

STEP 7:
Configuring the XFCE DE
We need to edit the startwm.sh to get xfce up & running
comment the following lines in the startwm.sh file:

# test -x /etc/X11/Xsession && exec /etc/X11/Xsession
# exec /bin/sh /etc/X11/Xsession

add the following lines in the startwm.sh:

# xfce

startxfce4

Start the RDP service:
sudo /etc/init.d/xrdp start

STEP 8:
Connect to RDP
Open windows RDP Client and connect to localhost:3390 which we have configured in
the linux device.

Input the user name and password of kali linux to login

Once done you will be logged into the Kali RDP session running on your localhost

you need to remember that this ia a base install of kali linux that we have installed in
which we don’t really have a lot of pre installed tools that you might find in a regular kali install. However, i am not a person that uses every tool in kali linux either for which this
could be a potential regular use device for my workflow.

STEP 9:
Configuring Kali linux to open in windows terminal
Once you are done setting up kali linux you will find it in your windows terminal

If you do not find it there all you need to do is add it the settings file, when you click on
the settings icon on windows terminal it gives you a config file to which you can add the
following lines, along with the guid, finding the guid:
open kali linux and run the following commands to install the program and run the
program.
sudo apt-get install uuid-runtime
uuidgen

Note down the number and add it to the setting file as follows

Once adding all the informatin, you can save the file Note: “GUID is the ID you
obtained from kali linux”
you will not find kali linux in your windows terminal.

STEP 10:
Theming the Windows Terminal:
Windows terminal has a bunch of default custom themes that you can make use off, the
link to the official documentation can be found below.
Doc: https://docs.microsoft.com/en-us/windows/terminal/customize-settings/colorschemes

Choose a color from the above link, once you open settings you will have to add the
name of the theme you have chosen like this:
“colorScheme”: “One Half Dark”,

Save the file and now you will find your kali linux terminal themed, you can do the
same to your other profiles such as CMD, Powershell, etc.

As you can see that we have an neat terminal and a GUI if its required, since i am gonna
be spending most of my time in the terminal.
Thank you for reading, hope it was useful, please consider subscribing.
– blankdash

5 Likes

Nice man.

I love that Windows Terminal Pentesting is installing Linux and using WSL :smiley:

Would you be able to compare this to say something native like Mandiant Commando?

Interested to see what people’s experiences have been…

2 Likes

This cannot be compared to stuff like Commando VM or any other Linux PenTest Distro, as far as now i am just happy that what was once called cancer by Microsoft is now being integrated within it. We have statements from Microsoft that they will be providing a full support along with the GUI to Linux Distros inside WSL.

Also, i thought people should know about Windows Terminal since the workflow has been damn good as far as i’ve used. We might see more from Microsoft in the long run.

1 Like

I’ll hopefully get into WSL development in the future, right now I have way too many things going on. But just for completeness I think it’s wise to note that we all should be upgrading to WSL 2.0, and it’s worth noting that they already do provide full support, just not a native GUI.


2 Likes

Nice article !
But never use windows store or uwp apps for pentesting. Windows is a backdoored operating system. Be careful !

You should debloat the windows totally. And install uwp app using developer mode (don’t use shitty ms-store)(Intelligence MotherFu*kers are everywhere) !

Check out MS store alternative

3 Likes