How To: Use VNC to Remotely Access Your Raspberry Pi from Other Devices

Use VNC to Remotely Access Your Raspberry Pi from Other Devices

With Virtual Network Computing, you don't need to carry a spare keyboard, mouse, or monitor to use your headless computer's full graphical user interface (GUI). Instead, you can connect remotely to it through any available computer or smartphone.

Virtual Network Computing, better known as VNC, has been around for decades and can be used to control computers running a plethora of different operating systems including Windows, macOS, Linux, and even mobile platforms like Android.

By using VNC, you are able to see and control the host machine's desktop from another remote device. In our guide, we'll be using a headless Raspberry Pi with Kali Linux as the host machine. VNC relays the keyboard and mouse functions from your device with an interface, like a laptop or smartphone, to the Raspberry Pi while issuing graphical screen updates back to the interface device. The end result is as though you were sitting behind the screen of your Pi, even if it's miles away.

There are many reasons to use VNC to connect to a computer that doesn't come with its own screen or keyboard, such as our Kali Pi. A big reason is having discreet access to a Kali Linux box in environments where a smartphone may be the only tool you can visibly access.

In our Kali Pi tutorial, we set up the ability to SSH into the Pi, but this doesn't allow us to run multi-bash programs like Airgeddon which need to open multiple windows to function. Imagine easily creating Evil Twin networks and wreaking wireless havoc on your iPhone while controlling the full Kali Linux GUI of a discreetly placed Raspberry Pi.

This installation process will be similar across the various operating systems that support VNC, which is virtually all of them. In this tutorial, we will download and install the server portion of VNC on our headless Kali Pi, configure it to start at boot so we don't have to configure it each time, and finally install the VNC remote client on your laptop or smartphone you'll be controlling the Kali Pi through.

Requirements

  • Computer or smartphone: This will be the device you use to remotely connect to the Raspberry Pi.
  • Power supply: The Raspberry Pi uses a standard Micro-USB power supply from any typical phone charger.
  • Ethernet cable (optional): This allows you to bypass wireless authentication by directly interfacing with local networks to which you have physical access.
  • Local area network (LAN): This would be your router or modem if you are in a fixed position or your phone's wireless hotspot if you are mobile. In order for this to work, you need to be able to see your device on the same subnet, so ensure that the Raspberry Pi has an IP address and that you can ping. If you can't, it may mean you are not able to communicate with other devices on the network due to firewall or network settings.

Step 1: Update the Headless Kali Pi

First, let's load up Kali on our headless Raspberry Pi. Connect to it either via SSH or by accessing it directly. We always want to run the apt-get update command in a terminal window to ensure that all our dependencies are up to date and working properly. Make sure that the Pi and the device you are using to connect to the Pi are on the same wireless or wired local area network.

Step 2: Install the VNC Server Software on the Kali Pi

There are various versions of VNC, all with different purposes, but in this tutorial, we will be using TightVNC, as it's well-supported, has plenty of documentation in the Raspberry Pi community, and easy to install on any version of Pi.

Open a command window on your headless Raspberry Pi and type apt-get install tightvncserver. This will download and install the software. When that is complete, type tightvncserver. This enables the TightVNC service, and it will require you to create a password to access your device from another computer. Go ahead and create one now. You should note that TightVNC can only set up to an 8-character password when selecting one.

Once you enter a password, it will ask you "Would you like to enter a view-only password (y/n)?" Press N, because a view-only password will only allow you to see what is displayed on the machine, but not to be able to control it.

Step 3: Configure TightVNC Server on the Kali Pi

Now, to be able to access our Kali Pi remotely, we need to run TightVNC on it at boot. On our headless Kali Pi, we will navigate to the directory by typing cd /etc/init.d. Next, we want to create a startup script, so you can use whatever text editor you prefer, but I like Vim. If using Vim, type vim /etc/init.d/vncboot to create the startup script. Next, we want to insert the script below into the blank document.

#!/bin/sh
### BEGIN INIT INFO
# Provides: vncboot
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start VNC Server at boot time
# Description: Start VNC Server at boot time.
### END INIT INFO

USER=root
HOME=/root

export USER HOME

case "$1" in
start)
echo "Starting VNC Server"
#Insert your favoured settings for a VNC session
/usr/bin/vncserver :0 -geometry 1280x800 -depth 16 -pixelformat rgb565
;;

stop)
echo "Stopping VNC Server"
/usr/bin/vncserver -kill :0
;;

*)
echo "Usage: /etc/init.d/vncboot {start|stop}"
exit 1
;;
esac

exit 0

After all of that text is in place, we will save and quit by hitting the Esc key and typing :wq!. After the document is closed, we want to add permissions to this new startup script by typing chmod 755 /etc/init.d/vncboot. When that finishes, we want to add the dependencies to it by typing update-rc.d vncboot defaults.

Reboot the Kali Pi, and the VNC module will be added to the startup boot sequence.

Step 4: Download & Install the VNC Client

Now we can use any VNC client we want, but we are going to use RealVNC's "VNC Viewer" because it works on Linux, Android, and it's one of few that also works on Windows and iOS. You can download whichever version you want from the RealVNC website. Once downloaded, install it like you would any other program. In this guide, I'll be using Windows.

Step 5: Find the Kali Pi's IP Address

After installing the client software, we want to go back into our headless Kali Pi. Again, connect either by SSHing into it or accessing it directly, then open a terminal and type ifconfig. Write down the Kali Pi's local IP address; it should look something like "192.168.0.x."

Step 6: Connect to the Kali Pi via Our Computer

Next, let's jump back into our Windows machine and open up the VNC Viewer app. The following directions may be different if you are using it on another operating system.

In VNC Viewer, click the "File" option, and then click the "New Connection" tab. Now, let's add the Kali Pi's IP address to the VNC Server field. You can save this as any name that will help you remember this device in the Name field. Press "OK" to finish and save the settings.

Double-click on your new connection, and if successful, a window will pop up saying "The connection to this VNC server will not be encrypted." Because of this, it is not recommended to use this outside of your network if you are expecting privacy. Just press the "Continue" button. Another window will pop up asking for the password we created in the second step.

Finally, bam! If the connection was successful, you should see a screen like the one below.

Now we can work on our Kali Pi without the need to bring a separate keyboard, mouse, and monitor. These steps should be similar across the various operating systems RealVNC supports, but there will likely be small differences between the desktop and mobile versions. You can VNC into your Kali Pi any time both your Pi and the device you wish to control it with are on the same Wi-Fi or Ethernet local area network.

If you want to do this on an iPhone, your display will look something like below.

This is just one basic foundation of the toolset that compliments our hacking environment. In practice, VNC allows us to more quickly access our headless hacking computer from any device we have handy, allowing us to deploy Kali Linux tools in the most inconspicuous way possible.

If you have any questions, you can leave a comment here or send a message on Twitter at @Nitroux2. And don't forget to stay connected and check out our social media accounts!

Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:

Cover photo and screenshots by Nitrous/Null Byte

20 Comments

Thanks. A few typos though. Should be vim /etc/init.d/vncboot (I prefer nano).
Later in your commands you mistakenly refer to the script as "/etc/init.d/bootvnc" should be "/etc/init.d/vncboot".

When connecting to my RPi, the app returns a message that the listening port could not be contacted and that a connection is not established.

Probably a startup issue.

Any fixes ?

are you on the same network as the pi?

For some reasons it tells me that the connection is refused by the raspberry pi, even tought the processus is running.

Can I get some help, please?

Try connecting using ip address:port like this: 192.168.122.211:5901

To get the port number for your Kali Pi's VNC server, on it's terminal or ssh run:
cat /root/.vnc/kali\:1.log
or look at any log you can find at /root/.vnc/, it will have a line that says something like this:
Listening for VNC connections on TCP port 5901

On some other VNC clients you can use the format user@address:port, in this case it would look something like this:
root@192.168.122.211:5901

Hi! Once i run the tightvncserver command, this is what i get:

*Warning: kali-pi:1 is taken because of /tmp/.X1-lock
Remove this file if there is no X server kali-pi:1

Warning: kali-pi:2 is taken because of /tmp/.X2-lock
Remove this file if there is no X server kali-pi:2

New 'X' desktop is kali-pi:3

Starting applications specified in /etc/X11/Xvnc-session
Log file is /root/.vnc/kali-pi:3.log*

The kali-pi:2 is taken because before running the command for the last time (the above) i've been trying to set the tightvncserver but everytime i run it it won't even ask me for password and each time i run it it will add a kali-pi:2, kali-pi:3, etc with its correspondent kali-pi:x.log and .pid files.

I tried unistalling tightvncserver and its packages and removed as well the Xn files in /tmp/ and the kali-pi:n.log/pid files and install again tightvncserver but it will give me the above message as oposed to my ubuntu system from where i am sshing my kali-pi, which didn't present any problems. I installed vnc, run it and it asked me for password.

Also i run vncpasswd but it allows it to be longer than 8 characters even though it will ask me if i wanted it to be view-only password.

Finally if i try to connect on Remmina, even specifying the port it says unable to connect to VNC server and on my phone using VNC Viewer it says The port on which the computer is listening for a connection could not be contacted

Any hints on what could be happening on my pi?
-Thanks!

I have installed kali-linux-2018.2-rpi3-nexmon with no problems. Full direct access with Motorola Lapdock. Installed tightVNC per script.

When I try to connect with realVNC-client from windows10-pc I get the response "computer denies connection". Have tried all port-variations with no success.

Starting vncserver with "vncserver :1" I get full access from the PC with the
realVNC-client.
Running "service vncboot status" on the rpi returns:
vncboot.service - LSB: Start VNC Server at boot time
Loaded: loaded (/etc/init.d/vncboot; generated)
Active: inactive (dead)
Obviously I have missed something - or screwed it up. Please send me a hint.

Yeah, I couldn't get the automated script to start either :c ; I get the same error as you

  • I also couldn't get the VNC remote display to work on my mobile device

until I installed LXDE (apt-get install LXDE) ; thankfully it works now, but I have to launch vncserver manually everytime over SSH, I thought it would be more ideal to have an automated script that does it for ya, but I can't seem to find any information regarding a function script, I suppose I'm doing something wrong >.<

I found out something about having to add something in $HOME/.vnc/xstartup
in addition to /etc/init.d/vncboot (or whatever you named the file located in /etc/init.d/) so that the script could work properly but I don't know what to do -shrug-

Step 1:

Hi mischevious magus - did the same and installed lxde and then rebooted - and not automount, i.e. no connection from my vac-client to the kali-machine. When I run tightvncserver ot vncserver then the connection is possible. But no start of the vnc-server at boot.

It is so easy to publish a half-ass guide on the net - and then not care about it anymore. And there are too many guys with half-ass knowledge, who publish something. You and me spend hours combing through all that suff and going for something, which is no maintained anymore. We need some sort of quality-filter to find scripts/guides worth our time.

Yeah, I guess something must have changed after this guide was published ; you can't really hold the dude who wrote this post (and other posts?) responsible for not updating it every day of the week - I mean, I guess they just casually forgot or assume that nothing has been changed or simply have no idea how to correct this issue. You just have to fend for yourself and also "gotta get a grip" lmao

I need some help with this process. I followed all of the above steps and I can't get the VNC Viewer app for iOS to work. I connect to the Raspberry Pi via my phone hotspot, I enter it's IP address and I get an error in the app stating "the port on which the computer is listening for a connection could not be contacted". I even tried specifying the port after the IP address and still no luck. Can anyone walk me through this?

I can't even get it to work on a Windows laptop.

Am I not connecting to the pi appropriately (I.e. does it work over a hotspot connection) in step 5?

I'm not being asked to set a password when first running "tightvncserver"

Right now im connected via LAN cable to the router, and as im on VNC im trying to connect to the wifi with the wlan0 interface, but i cant, the loading icon keeps spinning once i select the network i want to connect to, do you guys have any ideas?

Hey, got an Error after hitting the last command in Step3
""update-rc.d vncboot defaults""
Error looked like this:
""insserv: script vncboot is broken incomplete LSB comment""
and a few more lines of errorcode. Dunno what to do just copied & pasted.
Thanks in advnace

doesn't work
vnc doesn't start listening automatically on port 5900
so I can't connect
have been trying to fix it for 4 days, given up

Having the same issues as the people above. Can't seem to find any how-To on getting this to work!

In the second step when I start tightvncserver it doesn't ask for a password but instead, it prompts me with the message :

New 'X' desktop is kali-pi:1

Starting applications specified in /etc/X11/Xvnc-session
Log file is /root/.vnc/kali-pi:1.log

What do I do? Can I still connect to the Pi with VNC viewer?

PLEASE delete this shit so no one else wastes as much fucking time as I just did.

It. Does. Not. Work.

I have just about given up on my raspberry pi 4. I get the same error E212 can't open file for writing. I have bought video capture devices to connect and use an android as a screen. I could not get 4 different androids to work. Is there any way possible to use any type of tablet as a screen for my PI. I can get raspian os to work with VNC but not kali Linux. Any ideas would be nice.

I want to remote to my phone and start monitor mode to hack WI-FI, Unfortunately, it kill the process and cut off connection and I disconnect from remoting. Please any Idea to remote and start WI-FI hack?

Share Your Thoughts

  • Hot
  • Latest