iKAT – Interactive Kiosk Attack Tool v3


iKAT was designed to aid security consultants with the task of auditing the security of a Windows based internet Kiosk terminal. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality. This tool should be (and is) used by Kiosk vendors/developers/suppliers to test the security of their own Kiosk products.

Designed as a SaaS, iKAT features many methods of escaping out of a browser jailed environment and gaining command execution. iKAT is a website you visit from a Kiosk, its quick, free, and aims to please. iKAT is solely developed by myself (Paul Craig) a Kiosk hacking enthusiast from New Zealand.

Whats New in iKAT v3

Signed Code
All iKAT tools, VBScripts, ActiveXs, ClickOnce, SilverLight apps are now signed by a trusted CA! Four months ago i placed a “Donate Now” button on the front page of iKAT, hoping to raise money for a code signing certificate Sadly only two people donated cash (Enrique Exposito Martinez and Gerald Fehringer, you guys rock) Luckily a Kiosk vendor was willing to come to the party and donate the remaining cash. Big thanks to Kioware Kiosks, who kindly donated the remaining money. All iKAT tools are now signed by a trusted CA.

More Tools
iKAT now contains more tools packaged in different containers, file formats, PDFs, and even silent installers. More Java Applets, More VBScript, More WMI!


iKAT ActiveX
A newly developed ActiveX which focuses on Windows Shell hacking and process spawning. The ActiveX is signed and provides a mad amount of functionality.

iKAT OfficeKAT
Thanks to Didier Stevens who donated his “Excel Spawn CMD in Memory” trick to the iKAT project OfficeKAT allows you to pop shell in environments where you can run Excel, what’s more you don’t need to write to the file system.

iKAT SilverLight
SilverLight (and mono) are now supported by iKAT, and provide yet another attack vector for your pleasure

Improved URI + File Handler Enumeration
Vastly improved enumeration code, more URI’s, more instant “One click magic”. I also added support some of the more interesting Microsoft based URI handler vulnerabilities released this year.

Emo Kiosking – Crashing the Kiosk
The fastest way to get out of a browser jail environment is to simply CRASH IT. Oddly enough this is also the easiest thing to do to a browser, and Emo-Kiosking has become a personal favourite trick of mine. iKAT now supports over 60 different methods of crashing a browser, or a browser add-on This allows you to quickly drop back to the desktop, often with only one click required.

To use iKat just visit the following URL in a kiosk system browser:

http://ikat.ha.cked.net

Posted in: Hacking Tools, Hardware Hacking


Latest Posts:


dSploit APK Download - Hacking & Security Toolkit For Android dSploit APK Download – Hacking & Security Toolkit For Android
dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities.
Scallion - GPU Based Onion Hash Generator Scallion – GPU Based Onion Hash Generator
Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor's hidden services).
WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords
WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine.
truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.


Comments are closed.