THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

[Solved] Unable to launch Wireshark GUI on Kali (rPi 4)

Hi All,

Here are the details of my config:

  • Linux kali 5.4.83-Re4son-v7l+
  • Raspberry Pi 4
  • Wireshark 3.4.8
  • Using TightVNC in a headless setup

In order to allow my non-root user to run the wireshark GUI, I've done the following:

  1. sudo groupadd wireshark
  2. sudo usermod -a -G wireshark $USER
  3. sudo chgrp wireshark /usr/bin/dumpcap
  4. sudo chmod o-rx /usr/bin/dumpcap
  5. sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
  6. sudo getcap /usr/bin/dumpcap

However, I get the following errors:

$wireshark
09:28:56.233   Main Warn XKeyboard extension not present on the X server
09:28:56.244   Main Warn QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-kali'
09:28:56.255   Main Warn The X11 connection broke: Maximum allowed requested length exceeded (code 4) X connection to :1 broken (explicit kill or server shutdown).

I think the first two warnings are just a red herring. Not sure why the wireshark GUI is not launching. Any ideas?

Thanks, Randy

randye007's avatar
1
randye007
asked 2021-10-14 13:49:49 +0000, updated 2021-10-15 10:58:28 +0000
edit flag offensive 0 remove flag close merge delete

Comments

It's the official Kali for Raspberry Pi 4?
"The Raspberry Pi images use Re4son’s kernel,..."
32-bit or 64-bit?

Chuckc's avatar Chuckc (2021-10-15 03:47:08 +0000) edit
more
  • delete

rPi 4 uses 32-bit image for Kali. It's the official image from kali.org.

randye007's avatar randye007 (2021-10-15 08:17:18 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Ok - after TONS of troubleshooting, I managed to successfully launch a new wireshark GUI. For the benefit of others experiencing the same issue, here's my steps.

New configuration:

  • OS: Linux kali 5.4.83-Re4son-v7l+
  • Desktop: LXDE (lightweight X11 Desktop Environment)
  • HW: Raspberry Pi 4
  • Wireshark 3.4.9
  • VNC: x11vnc 0.9.16
  • Dummy monitor: xserver-xorg-video-dummy

Step 1: Install Dummy Monitor.

sudo apt install xserver-xorg-video-dummy

Create xorg.conf file in /etc/X11/xorg.conf.d and /usr/share/X11/xorg.conf.d with the following contents for 1920x1080 resolution:

Section "Monitor"
  Identifier "Monitor0"
  HorizSync 28.0-80.0
  VertRefresh 48.0-75.0
  # https://arachnoid.com/modelines/
  # 1920x1080 @ 60.00 Hz (GTF) hsync: 67.08 kHz; pclk: 172.80 MHz
  Modeline "1920x1080_60.00" 172.80 1920 2040 2248 2576 1080 1081 1084 1118 -HSync +Vsync
EndSection

Section "Device"
  Identifier "Card0"
  Driver "dummy"
  VideoRam 256000
EndSection

Section "Screen"
  DefaultDepth 24
  Identifier "Screen0"
  Device "Card0"
  Monitor "Monitor0"
  SubSection "Display"
    Depth 24
    Modes "1920x1080_60.00"
  EndSubSection
EndSection

Reboot

sudo reboot now

Step 2: Make sure Xorg is running.

ps wwwwaux | grep auth

You will get output like the following:

root       546  6.4  3.1 614984 122828 ?       Sl   06:14   1:52 /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch

Note the X Display is :0.

Step 3: Start x11vnc.

First create a VNC password.

x11vnc -storepasswd

Use the directory ~/.vnc to store the password file in.

Run the following command as sudo.

sudo x11vnc -xkb -noxrecord -noxfixes -noxdamage -display :0 -auth /var/run/lightdm/root/:0 -usepw -scale 1920x1080 -forever

Step 4: Launch VNC client session.

On the computer you want to VNC from, open the VNC client. I use macOS, so Go > Connect to Server ...

vnc://192.168.91.235:5900

Note we are using port 5900 as displayed when you ran the x11vnc command on the remote computer.

That's it!

The VNC session should be successful and you should be able to launch wireshark from the LXDE desktop.

HTH - There was tons of info out there using Google. This was a culmination of that info gathering.

Cheers, Randy

randye007's avatar
1
randye007
answered 2021-10-15 10:57:50 +0000, updated 2021-10-15 11:58:31 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer