1 While writing up my [[mxconns]] post, I ran across the *ease of
2 (ab)using X11" articles ([1][] and [2][]) Brian Hatch posted in 2004.
3 In the first part, he walks you through `DISPLAY` and `xauth`, which
4 I'd seen before, but the second part contained more nice tricks. The
5 difficulty here is remembering all the useful little utilities for
6 manipulating X. Here's a quick list:
8 * `xmessage` for popping up dialog windows
9 * `xlsclients -l` for listing all connected clients (this is how you
10 get those window ids!)
11 * `xwininfo -id windowid` to get more info on a given window
12 * `xwd` for taking screenshots
13 * `xev`, the classic X event monitor
14 * `xkey`, non-standard keysniffer
15 * `x2x` to connect your mouse and keyboard to another display
16 * `xdpyinfo` to get information about an X display.
18 Here are some examples:
20 Grab whole desktop as a png:
22 $ xwd -root -silent -out /dev/stdout | convert - root.png
24 Grab single window as a png:
26 $ xwd -id windowid -silent -out /dev/stdout | convert - win.png
28 Determine which window has the focus:
30 $ xdpyinfo | grep focus
32 Brian's [subsequent article][3] discusses malicious sysadmins abusing
33 X to log keystrokes on your home computer.
35 Everyone should read these before they start using X, which would help
36 avoid exposure to [simple attacks][].
38 [1]: http://www.hackinglinuxexposed.com/articles/20040513.html
39 [2]: http://www.hackinglinuxexposed.com/articles/20040608.html
40 [3]: http://www.hackinglinuxexposed.com/articles/20040705.html
41 [simple attacks]: http://seclists.org/educause/2007/q1/138