6000 - Pentesting X11
Join HackenProof Discord server to communicate with experienced hackers and bug bounty hunters!
Hacking Insights Engage with content that delves into the thrill and challenges of hacking
Real-Time Hack News Keep up-to-date with fast-paced hacking world through real-time news and insights
Latest Announcements Stay informed with the newest bug bounties launching and crucial platform updates
Join us on Discord and start collaborating with top hackers today!
Basic Information
X Window System (X) is a versatile windowing system prevalent on UNIX-based operating systems. It provides a framework for creating graphical user interfaces (GUIs), with individual programs handling the user interface design. This flexibility allows for diverse and customizable experiences within the X environment.
Default port: 6000
Enumeration
Check for anonymous connection:
Local Enumeration
The file .Xauthority
in the users home folder is used by X11 for authorization. From here:
MIT-magic-cookie-1: Generating 128bit of key (“cookie”), storing it in ~/.Xauthority (or where XAUTHORITY envvar points to). The client sends it to server plain! the server checks whether it has a copy of this “cookie” and if so, the connection is permitted. the key is generated by DMX.
In order to use the cookie you should set the env var: export XAUTHORITY=/path/to/.Xauthority
Local Enumeration Session
In the example, localhost:0
was running xfce4-session.
Verfy Connection
Keyloggin
xspy to sniff the keyboard keystrokes.
Sample Output:
Screenshots capturing
Remote Desktop View
Way from: https://resources.infosecinstitute.com/exploiting-x11-unauthenticated-access/#gref
Way from: https://bitvijays.github.io/LFF-IPS-P2-VulnerabilityAnalysis.html
First we need to find the ID of the window using xwininfo
XWatchwin
For live viewing we need to use
Get Shell
Other way:
Reverse Shell: Xrdp also allows to take reverse shell via Netcat. Type in the following command:
In the interface you can see the R-shell option.
Then, start a Netcat listener in your local system on port 5555.
Then, put your IP address and port in the R-Shell option and click on R-shell to get a shell
References
Shodan
port:6000 x11
Join HackenProof Discord server to communicate with experienced hackers and bug bounty hunters!
Hacking Insights Engage with content that delves into the thrill and challenges of hacking
Real-Time Hack News Keep up-to-date with fast-paced hacking world through real-time news and insights
Latest Announcements Stay informed with the newest bug bounties launching and crucial platform updates
Join us on Discord and start collaborating with top hackers today!
Last updated