Post Fri Jul 27, 2007 4:44 am

Old Skool - Logging keystrokes on an X11 server

Hi,
An oldie but a goodie, here's how an insecure X server can really ruin your day. X11 is here to stay for the foreseeable future, so this trick is still relevant today.

http://www.techesolution.com/swf/keylogging/

I still can't believe how much mileage I've got from this particular exploit in the past. This demo was created using Cygwin and I've uploaded a copy of the cygwin-ported source for xscan to my web site.

http://www.techesolution.com/tools/xscan_cygwin.tgz

Enjoy!
Jim