iKAT – Interactive Kiosk Attack Tool v3


iKAT was designed to aid security consultants with the task of auditing the security of a Windows based internet Kiosk terminal. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality. This tool should be (and is) used by Kiosk vendors/developers/suppliers to test the security of their own Kiosk products.

Designed as a SaaS, iKAT features many methods of escaping out of a browser jailed environment and gaining command execution. iKAT is a website you visit from a Kiosk, its quick, free, and aims to please. iKAT is solely developed by myself (Paul Craig) a Kiosk hacking enthusiast from New Zealand.

Whats New in iKAT v3

Signed Code
All iKAT tools, VBScripts, ActiveXs, ClickOnce, SilverLight apps are now signed by a trusted CA! Four months ago i placed a “Donate Now” button on the front page of iKAT, hoping to raise money for a code signing certificate Sadly only two people donated cash (Enrique Exposito Martinez and Gerald Fehringer, you guys rock) Luckily a Kiosk vendor was willing to come to the party and donate the remaining cash. Big thanks to Kioware Kiosks, who kindly donated the remaining money. All iKAT tools are now signed by a trusted CA.

More Tools
iKAT now contains more tools packaged in different containers, file formats, PDFs, and even silent installers. More Java Applets, More VBScript, More WMI!


iKAT ActiveX
A newly developed ActiveX which focuses on Windows Shell hacking and process spawning. The ActiveX is signed and provides a mad amount of functionality.

iKAT OfficeKAT
Thanks to Didier Stevens who donated his “Excel Spawn CMD in Memory” trick to the iKAT project OfficeKAT allows you to pop shell in environments where you can run Excel, what’s more you don’t need to write to the file system.

iKAT SilverLight
SilverLight (and mono) are now supported by iKAT, and provide yet another attack vector for your pleasure

Improved URI + File Handler Enumeration
Vastly improved enumeration code, more URI’s, more instant “One click magic”. I also added support some of the more interesting Microsoft based URI handler vulnerabilities released this year.

Emo Kiosking – Crashing the Kiosk
The fastest way to get out of a browser jail environment is to simply CRASH IT. Oddly enough this is also the easiest thing to do to a browser, and Emo-Kiosking has become a personal favourite trick of mine. iKAT now supports over 60 different methods of crashing a browser, or a browser add-on This allows you to quickly drop back to the desktop, often with only one click required.

To use iKat just visit the following URL in a kiosk system browser:

http://ikat.ha.cked.net

Posted in: Hacking Tools, Hardware Hacking


Latest Posts:


GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.


Comments are closed.