Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 04:33:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

GITBOOK-3869: change request with no subject merged in GitBook

Browse source
This commit is contained in:
CPol 2023-04-07 00:41:31 +00:00 committed by gitbook-bot
parent dc61908373
commit 972364b176
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
network-services-pentesting/6000-pentesting-x11.md
View file

@ -43,6 +43,16 @@ nmap -sV --script x11-access -p <PORT> <IP>
msf> use auxiliary/scanner/x11/open_x11
```
#### Local Enumeration
The file **`.Xauthority`** in the users home folder is **used** by **X11 for authorization**. From [**here**](https://stackoverflow.com/a/37367518):&#x20;
> MIT-magic-cookie-1: Generating 128bit of key (“cookie”), storing it in \~/.Xauthority (or where XAUTHORITY envvar points to). The client sends it to server plain! the server checks whether it has a copy of this “cookie” and if so, the connection is permitted. the key is generated by DMX.
{% hint style="warning" %}
In order to **use the cookie** you should set the env var: **`export XAUTHORITY=/path/to/.Xauthority`**
{% endhint %}
## Verfy Connection
```bash
@ -155,7 +165,7 @@ Now as can be seen below we have complete system access:
* `port:6000 x11`
``
\`\`
<figure><img src="../.gitbook/assets/image (7).png" alt=""><figcaption></figcaption></figure>