Rootstealer is an example of new attack using X11. This tool is used to detect when linux users open terminal with root and inject command with X11 lib.

Rootstealer Installation

# apt-get install libX11-dev libxtst-dev
# cd rootstealer/sendkeys; 

Edit file rootstealer/cmd.cfg and write your command to inject.

You can take that following:

# make; cd ..    #to back to path rootstealer/ 
# pip install gi
# pip install gir

Run the python script to spy all windows gui and search window with “root@” string in title.

$ python &
$ sudo apt-get install libwnck-dev
$ gcc -o rootstealer rootstealer.c `pkg-config --cflags --libs libwnck-1.0` -DWNCK_I_KNOW_THIS_IS_UNSTABLE -DWNCK_COMPILATION
$ ./rootstealer &

Also Read XAttacker – Website Vulnerability Scanner & Auto Exploiter Tool



We are not responsible for the evil use of that tool. Use that for a good purpose.