iKAT – Interactive Kiosk Attack Tool v3

Use Netsparker


iKAT was designed to aid security consultants with the task of auditing the security of a Windows based internet Kiosk terminal. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality. This tool should be (and is) used by Kiosk vendors/developers/suppliers to test the security of their own Kiosk products.

Designed as a SaaS, iKAT features many methods of escaping out of a browser jailed environment and gaining command execution. iKAT is a website you visit from a Kiosk, its quick, free, and aims to please. iKAT is solely developed by myself (Paul Craig) a Kiosk hacking enthusiast from New Zealand.

Whats New in iKAT v3

Signed Code
All iKAT tools, VBScripts, ActiveXs, ClickOnce, SilverLight apps are now signed by a trusted CA! Four months ago i placed a “Donate Now” button on the front page of iKAT, hoping to raise money for a code signing certificate Sadly only two people donated cash (Enrique Exposito Martinez and Gerald Fehringer, you guys rock) Luckily a Kiosk vendor was willing to come to the party and donate the remaining cash. Big thanks to Kioware Kiosks, who kindly donated the remaining money. All iKAT tools are now signed by a trusted CA.

More Tools
iKAT now contains more tools packaged in different containers, file formats, PDFs, and even silent installers. More Java Applets, More VBScript, More WMI!


iKAT ActiveX
A newly developed ActiveX which focuses on Windows Shell hacking and process spawning. The ActiveX is signed and provides a mad amount of functionality.

iKAT OfficeKAT
Thanks to Didier Stevens who donated his “Excel Spawn CMD in Memory” trick to the iKAT project OfficeKAT allows you to pop shell in environments where you can run Excel, what’s more you don’t need to write to the file system.

iKAT SilverLight
SilverLight (and mono) are now supported by iKAT, and provide yet another attack vector for your pleasure

Improved URI + File Handler Enumeration
Vastly improved enumeration code, more URI’s, more instant “One click magic”. I also added support some of the more interesting Microsoft based URI handler vulnerabilities released this year.

Emo Kiosking – Crashing the Kiosk
The fastest way to get out of a browser jail environment is to simply CRASH IT. Oddly enough this is also the easiest thing to do to a browser, and Emo-Kiosking has become a personal favourite trick of mine. iKAT now supports over 60 different methods of crashing a browser, or a browser add-on This allows you to quickly drop back to the desktop, often with only one click required.

To use iKat just visit the following URL in a kiosk system browser:

http://ikat.ha.cked.net

Posted in: Hacking Tools, Hardware Hacking


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


Comments are closed.