While SSH is a powerful tool for remotely controlling a computer, not all applications can be run from the command line. Some apps (like Firefox) and hacking tools (like Airgeddon) require you to open multiple X windows in order to work. This can be achieved by using the integrated graphical X-forwarding for SSH.
SSH or the secure shell is de facto access or remote access to a computer, so anyone can log in and manage a computer over a local or remote network. Many useful apps can be controlled this way, but those who need an interactive window can not be opened when they are accessed through SSH. To do this, we need to forward the data from the remote computer to a server on our local computer, where the remote application will be displayed in a window on our local screen.
Without what is not? x1
Most hackers are familiar with the basic use of SSH, from remote access to your Linux system to transferring files over a network. For command-line applications, SSH gives you complete control without modification, and easily runs programs such as Besside-ng, Bettercap, and Kismet.
The limitations of SSH become clear as we try to do this Perform something like Airgeddon, which requires you to open multiple windows and run programs to return data to the main program. Without launching these programs in additional graphics windows, Airgeddon will not work, making it seemingly useless to a hacker with only one remote SSH connection.
Trusted or untrusted X graphical redirection
If you want to do something more complicated Unlike a command-line utility, SSH offers redirection over x11. This means that if a graphical X window is running on the remote computer, we can forward the data from the application running on the remote computer to make it look like it's running on the local device instead.
There are two types of X graphical redirection, trusted and untrusted. With trusted X forwarding, we ensure that the application we run does not crash by disabling certain security checks that will crash the connection if the app violates certain security policies. In an untrusted connection, we have higher security when connecting to an untrusted computer network, but also more likely to crash the application.
Because X graphical redirection is enabled by default on most Linux systems, running applications over SSH is a problem. This is much easier than setting up a VNC server from scratch. This makes it a useful skill for any hacker who wants to do something, from inserting websites into the web history of a target, to running tools that require multiple windows to open, and two computers connected to the same network. Both must have SSH installed and running.
An SSH server must be enabled and running on your remote computer. If you are using Linux, no changes should be required. However, under MacOS or Windows, these changes need to be made in a later step.
Linux should come with a preinstalled X graphical window on your local computer. You need to install one for macOS to work on Windows. If your local computer is a MacBook or MacOS device, you can download and install XQuartz to run a graphical X Window Server. On Windows, you can use Xming to do the same.
The first step is to enable X graphical redirection on the server that you want to run remotely on the computer you are using. This depends slightly on the operating system you are using.
If the remote computer is running Linux, X11 forwarding is enabled by default and you do not have to do anything. If macOS is running on the remote computer you are logging on to, you need to edit your sshd_config file.
~ $ nano / etc / ssh / sshd_config
If sshd_config contains # X11Forwarding no (or simply X11Forwarding no ), change it to X11Forwarding yes instead and you can see below:
# $ OpenBSD: sshd_config, v 1.103 2018/04/09 20: 41:22 tj Exp $ # This is the system-wide configuration file of the SSHD server. See # sshd_config (5) for more information. # This sshd was compiled with PATH = / usr / bin: / bin: / usr / sbin: / sbin # The strategy used for options in the default sshd_config that ships with # OpenSSH should specify options with their default value where # possible, but leave comment. Un-annotated options override the # Default value. ... #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts No # X11 forwarding yes # X11DisplayOffset 10 # X11UseLocalhost yes #PermitTTY yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 # UseDNS No. #PidFile /var/run/sshd.pid #MaxStartups 10: 30: 100 #PermitTunnel No #ChrootDirectory none #VersionAddendum none # Pass locale information AcceptEnv LANG LC_ * # No standard banner path # Banner no # Overwrite default value without subsystems Subsystem sftp / usr / libexec / sftp-server # Example of overriding user-based settings #Match user anoncvs # X11Forwarding yee # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server
Press Ctrl-X and then Y to save the changes to this file in Nano. The computer should now have x11 forwarding enabled.
If you are using Windows, you must make some changes to PuTTY. The program is the easiest way to work with SSH on Windows. It can be downloaded for free from the official website .
You can enable X11 forwarding on PuTTY by selecting "Enable X11 forwarding" in the "PuTTY Configuration" menu under the "Connection" tab, located under the "SSH" options. Once this option is enabled, you should be able to forward graphical X sessions from your Windows computer to remote devices.
Let's start with a trusted graphical session X Session Session Since untrusted sessions can crash relatively easily, this is the default option that is currently enabled in Ubuntu.
The difference between a trusted session and an untrusted session is critical in terms of security In a trusted session, we may be able to give the remote computer the opportunity to take screenshots create keylogs and write input to the windows of other programs.
In our first example, we use the default trusted connection to start a Firefox window. First let's look at the command you need to start any graphical application over SSH.
~ $ ssh -Y username @ LOCAL_IP_ADDRESS
If you log on to a remote computer with the username "root" at 192.168 .0.3, our command to start Firefox will be:
~ $ ssh -Y root @ 192.168.0.3 firefox
If we started our graphical X Window Server (like XQuartz), we should see On our local computer a Firefox window opens.
This should be possible with any graphical application on the system.
By default, Linux systems such as Ubuntu are configured to minimize application redirection via x11 crashes by defaulting them to trust. This is not always desirable because you may not really trust a computer you are connecting to remotely.
The command to handle a remote system while forwarding a graphical X window is -X However, this does not change anything until we access the ssh_config file and change it to trusted x11 remote connections by default be deactivated. To do this, we can reopen our ssh_config file with Nano to change the line ForwardX11Trusted to look like this.
Now we can re-run Firefox as untrusted app with the following command:
~ $ ssh -X email@example.com firefox
This application is more prone to crashes but causes No security issues on your computer depending on the situation you want.
Easy to use graphical X applications over SSH
There are some limitations to using SSH to access a remote computer. However, there are many ways to get around these. Graphical X redirection is an incredibly useful way to run programs that can not otherwise be executed and to prevent VNC or other complicated protocols from being installed. With the graphical X-forwarding almost any application can be executed from anywhere.
I hope you liked this guide to opening graphical X applications via SSH! If you have questions about this tutorial on SSH or have a comment, ask below or contact me on Twitter @KodyKinzie .
Do Not Miss: How to Hide MacOS Payloads Inside Photo Metadata