On Wed, Apr 17, 2002 at 01:45:09AM +0200, martin f krafft wrote: > also sprach Halil Demirezen <[EMAIL PROTECTED]> [2002.04.16.1911 +0200]: > > > > I am planning to write code that will load the users terminal screens to > > my screen. And root will surely manage that. Is there anyone to tell me > > any link which contains information about this subject. > [...] > /dev/tty* and /dev/pts/* shall be your friend.
If you want to see what's currently displayed, you have to have captured the terminal traffic that produced it, so you have to start capturing ahead of time. To get what's actually displayed on a Linux text console, you can use /dev/vcs* and/or /dev/vcsa*. (I'm not sure what the difference is.) To do this with an xterm, you would have to modify the code to add a feature that allows you to ask it for it's contents. Alternatively, if you talk to the X server directly, you can capture what's displayed on the screen with any program you like. xwd(1) is probably a good choice, because it doesn't have a GUI which would get displayed on the screen of the user you're spying on. To get access to the X server, get the X authorization stuff from ~user/.xauth. Use xauth(1) to copy the auth key, instead of just symlinking /root/.xauth to the user's file, so a well-constructed .xauth can't subvert a program running as root. (I wouldn't trust X software to be secure when I don't have to, and this would be an uncommon attack channel, and thus not so likely to be well secured.) Err, happy hacking, Big Brother. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , ns.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BCE -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
