Vulnerability Development mailing list archives
Re: X Server Test/Exploit
From: "Matthew F. Caldwell" <mattc () GUARDED NET>
Date: Thu, 31 Aug 2000 08:36:03 -0400
Try using the X tool, "xwd" it allows you to dump the current window that is open (via xhost + anyways) to a image file that can be read by xview and some other readers. syntax: xwd -root -display (victim ip):0.0 > dump.xwd Have fun Crist Clark wrote:
Does anyone have a quick tool to test for open X servers? I have an 'xkey' style program which eavesdrops keystrokes and mouse actions, but that has some drawbacks. If I attempt to watch a server and it fails, I know the server is not promiscuous. However, if it does not fail, that does not mean the server is promiscuous... For example, there may be no server running or even no machine at all. Anyone seen something that can get a more definitive response on the status of an X server? (Kind of surprised there is no Nessus plugin that does more than just detect the server... Maybe if someone finds me a test proggie I can translate it into a plugin. I'm here begging since I figure it could take some serious time to learn enough Xlib calls to get a C program, perl script, or NASL script working from scratch.) Thanks. -- Crist J. Clark Network Security Engineer crist.clark () globalstar com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926
-- Matthew F. Caldwell, CISSP - Senior Consultant -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Guarded.Net - An Information Security Company Email: matt.caldwell () guarded net -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- http://www.guarded.net --------------------------------------------------------------------------- This e-mail may contain proprietary commercial information and is intended for the addressed recipient(s) only. If you are not an addressed recipient of this e-mail and have received it in error, you must delete it. You may not forward or disseminate information contained in this e-mail without permission from Guarded.Net. Questions? Contact legal () guarded net ---------------------------------------------------------------------------
Current thread:
- X Server Test/Exploit Crist Clark (Aug 30)
- Re: X Server Test/Exploit Ghandi (Aug 31)
- Re: X Server Test/Exploit M ixter (Aug 31)
- Re: X Server Test/Exploit Massimo Fubini (Aug 31)
- Re: X Server Test/Exploit Sebastian Schreiber (Aug 31)
- Re: X Server Test/Exploit Matthew F. Caldwell (Aug 31)