Penetration Testing mailing list archives
RE: sniffing X traffic.
From: "Lodin, Steven {GZ-Q~Mannheim}" <STEVEN.LODIN () Roche COM>
Date: Mon, 13 Aug 2001 17:35:35 +0200
Anyone know if you can meaningfully sniff Exceed ( I guess it's the same as X) traffic? Im being a bit lame, my personal test lab is down atm, and I cant find anything on the net re sniffing and interpreting X traffic.
There is a program called xscan that does this. I have used this on Sol8 as well. Yes, you can see typed in passwords! From the readme.txt file: XSCAN for unix. Tested under SunOS 4.1.4 and Linux. What does this do? This proggie scans hosts or subnets looking for unsecured X clients. If it finds one it starts logging all keystrokes to that session. Very simple. Usage: xscan <host> | <subnet> [[<host>] [<subnet>] ...] Examples: Scan a single host: xscan wsx-nc1-14.ix.netcom.com Scan multiple hosts: xscan netcom6.netcom.com www.escape.com ... Steve Lodin Head of Global IT Security and Risk Management Roche Diagnostics (W) +49-621-759-5276 (M) +49-173-348-4974 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- sniffing X traffic. Power Steve (Aug 12)
- Re: sniffing X traffic. Mike Craik (Aug 13)
- Re: sniffing X traffic. Anders Thulin (Aug 13)
- Re: sniffing X traffic. Don Bailey (Aug 15)
- <Possible follow-ups>
- RE: sniffing X traffic. Lodin, Steven {GZ-Q~Mannheim} (Aug 13)
- RE: sniffing X traffic. Joshua Wright (Aug 13)
- Re: sniffing X traffic. BS (Aug 14)