In this post, I walk you through the process of using the Parrot OS alternate install script to run HackTheBox's version of Parrot OS in a Proxmox Linux Container (LXC)
In another post, I went over the process of installing Kali Linux in a Proxmox Linux Container. I also discussed some of the potential pitfalls to doing so.
🛑
Please do take a moment review the information linked below, especially with regard to limitations and security mitigations surrounding unprivileged Linux Containers.
cd /tmp
git clone https://gitlab.com/parrotsec/project/installer-script
cd installer-script
chmod u+x installer.sh
Install Parrot OS Core
./installer.sh
Choose 1) Install Core Edition.
ℹ️
During the installation you may be asked a series of Y or N prompts. Just use the default selections.
Install HTB Edition
Once the Core installation finishes, you'll be re-routed to the installation prompt. Choose 4) Install Hack The Box Edition (or whichever flavor you prefer).
ℹ️
If you happen to see any kind of red error output on the first run of choosing option 4, just rerun the installer script again.
./installer.sh
Then, choose option 4 again and it should work this time.
ℹ️
This is going to install many large packages, so be patient while the installation completes. You may also see some error output regarding permissions issues to modify certain files, which is a result of running Parrot OS as an unprivileged container.
✅
Reboot your Linux Container once the installation completes.
Install Remote Desktop Server
ℹ️
The default desktop environment shipped with Parrot OS is MATE. If you would prefer to change that to something else, please refer to the official documentation linked below.
Take a Snapshot
Before making significant changes to the operating system, I like to take a snapshot of my guests, so that I can roll back to the last known good state just before those changes.
Click on your Proxmox node running Parrot OS
Click on your Parrot OS container
Click Snapshots
Click Take Snapshot
Name it something like pre_rdp_install and save the snapshot
Install XRDP Server
⚠️
Make sure you add the proper host and/or network firewall rules to allow the traffic to flow from your computer to your Parrot LXC.
Test RDP Connectivity
ℹ️
In my testing, it takes about 30 seconds for the desktop background to display after logging in. I haven't done any investigation as to why.
Set Your Time Zone
⚠️
Little Snitch — a host-based NIPS tool — may block ntpd from making the necessary UDP connections to the NTP server configured on your host. If that's the case, open Little Snitch, delete the block rule, and try running the command again.
Issue Workarounds
Again, referring you to my write-up on running Kali Linux in a LXC, I've already written about an issue experienced when trying to run the openvpn client to VPN servers (e.g. HackTheBox and TryHackMe).
Because Parrot OS is running as an unprivileged container, the container does not have permissions to create necessary device files on the Proxmox node. You will need to make some adjustments to the Linux Container's configuration to allow it to do so.
Conclusion
As mentioned in my write-up on running Kali in a Linux Container, if you experience stability issues, or find yourself inconvenienced by the multiple workarounds required to get Parrot OS running in an unprivileged Linux Container, I advise you to scrap the install and just run it in a VM.
In this module of the Proxmox cybersecurity home lab project, we are going to look at the process of setting up a dual-homed target to serve as a pivot point into an Active Directory network.
In this post, I walk you through steps of running an OpenCTI server in an unprivileged Linux Container in Proxmox to aggregate threat intelligence into a single interface.
In this post, I demonstrate the process of importing, installing, and configuring a Kali LXC image in Proxmox. I also discuss some of the potential challenges that may present.