Penetration Testing mailing list archives
Re: sniffing X traffic.
From: "BS" <bsshuhart () onemain com>
Date: Mon, 13 Aug 2001 22:15:31 -0400
I put a whitepaper together on this topic about 1 year ago. You can find it in the whitepapers\archives section on http://www.securityhorizon.com if interested. Two of my favorite tools to use for capturing info from exported X resources are xkeys and xwatchwin. I have problems getting xwatchwin to capture window images from Exceed and etc. but xkeys works great. (Thanks to who ever put that piece of work together.) The amazing thing is that after over 1 year of notification there are several companies that still have the default installation, of X window software, exporting X resources to the world. Besides Exceed, Chameleon, Xvision, and (I believe the other was) PC Xware, all install vulnerable. good luck bs ----- Original Message ----- From: "Joshua Wright" <Joshua.Wright () jwu edu> To: "'Power Steve'" <steve.power () barclaycard co uk>; <PEN-TEST () securityfocus com> Sent: Monday, August 13, 2001 8:30 AM Subject: RE: sniffing X traffic.
You should be looking at dsniff by Dug Song (http://www.monkey.org/~dugsong/). Included is an X11 decoder to display clear-text passwords. You can probably modify this to fit your needs. -Joshua Wright Joshua.Wright () jwu edu -----Original Message----- From: Power Steve [mailto:steve.power () barclaycard co uk] Sent: Friday, August 10, 2001 10:45 AM To: 'PEN-TEST () securityfocus com' Subject: sniffing X traffic. Hey all long time listener, first time caller. Anyone know if you can meaningfully sniff Exceed ( I guess it's the same
as
X) traffic? Im being a bit lame, my personal test lab is down atm, and I cant find anything on the net re sniffing and interpreting X traffic. If anyone would be so kind as to answer a specific question, could I see passwords etc in the traffic? thanks in advance. Steve Power Security Consultant Legal Disclaimer:- Please be aware that messages sent over the Internet may not be secure and should not be seen as forming a legally binding contract unless otherwise stated. --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/ --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- sniffing X traffic. Power Steve (Aug 12)
- Re: sniffing X traffic. Mike Craik (Aug 13)
- Re: sniffing X traffic. Anders Thulin (Aug 13)
- Re: sniffing X traffic. Don Bailey (Aug 15)
- <Possible follow-ups>
- RE: sniffing X traffic. Lodin, Steven {GZ-Q~Mannheim} (Aug 13)
- RE: sniffing X traffic. Joshua Wright (Aug 13)
- Re: sniffing X traffic. BS (Aug 14)