While writing up my mxconns post, I ran across the *ease of (ab)using X11" articles (1 and 2) Brian Hatch posted in 2004. In the first part, he walks you through DISPLAY and xauth, which I'd seen before, but the second part contained more nice tricks. The difficulty here is remembering all the useful little utilities for manipulating X. Here's a quick list:

• xmessage for popping up dialog windows
• xlsclients -l for listing all connected clients (this is how you get those window ids!)
• xwininfo -id windowid to get more info on a given window
• xwd for taking screenshots
• xev, the classic X event monitor
• xkey, non-standard keysniffer
• x2x to connect your mouse and keyboard to another display
• xdpyinfo to get information about an X display.

Here are some examples:

Grab whole desktop as a png:

$ xwd -root -silent -out /dev/stdout | convert - root.png

Grab single window as a png:

$ xwd -id windowid -silent -out /dev/stdout | convert - win.png

Determine which window has the focus:

$ xdpyinfo | grep focus

Brian's subsequent article discusses malicious sysadmins abusing X to log keystrokes on your home computer.

Everyone should read these before they start using X, which would help avoid exposure to simple attacks.