Wednesday, May 5, 2010

X11 forwarding after running su

I needed to forward a Wireshark session over X11 as the root user. The training virtual machine in question doesn't allow remote logins via SSH.
This authentication mechanism works on a cookie..an encrypted bit of data identifying the user. We can easily replicate this and allow root to forward sessions over X11 when escalating privileges from another user.
sp00k@carapace ~ $ xauth list $DISPLAY
carapace/unix:10 MIT-MAGIC-COOKIE-1 aee3eb981908d182d190f65ae01e9665
sp00k@carapace ~ $ su
Password:
carapace sp00k # xauth add carapace/unix:10 MIT-MAGIC-COOKIE-1 aee3eb981908d182d190f65ae01e9665
xauth: creating new authority file /root/.Xauthority
And just like that success, as long as everything is setup correctly for X11 forwarding initially this should work.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)