xrdp is to automate the process of using the default X toolset into an easy to use tool for exploiting unauthenticated X11 access. Our tool provides a streamlined method for connecting to an X server in order to send commands and receive output hijacking the remote host. The provided user interface is designed to resemble a remote desktop connection apart from the added user input fields. Before using the tool, a vulnerable host will need to be found using available scanners or using the Nmap script we developed to find vulnerable hosts with currently active displays that can be hijacked.
Usage and install dependencies:
sudo apt-get install python-gtk2 python-gtk2-dev xdotool -y
wget http://launchpadlibrarian.net/10770598/xwatchwin_1.1.1-2_i386.deb && && sudo dpkg -i xwatchwin_1.1.1-2_i386.deb && sudo apt-get install -f
wget http://old-releases.ubuntu.com/ubuntu/pool/universe/x/xwatchwin/xwatchwin_1.1.1-2_amd64.deb && sudo dpkg -i xwatchwin_1.1.1-2_amd64.deb && sudo apt-get install -f
git clone email@example.com:sensepost/xrdp.git && cd xrdp
python xrdp.py 10.2.10.190:0