iKAT - Interactive Kiosk Attack Tool v2013 (Desktop Edition)

iKAT logo

iKAT was designed to aid security consultants with the task of auditing the security of browser controlled environments such as Kiosks, Citrix Terminals and WebTV's by providing methods to access the underlying operating system and automatically escalate local privileges.

This is the Desktop edition of iKAT and is 100% free to use - however, modifications to iKAT, the iKAT Logo, or any of the iKAT tools is explicitly not permitted. iKAT Professional is available from the iKAT Store and allows you to modify the look and feel of iKAT along with a suite of other new tricks and attacks.

Available Versions:

Windows // Linux



  • Reconnaissance → x

    Tools for determining information about your target.

    Target Information

    Detect as much as you can about your target and the available attack vectors.

    Remote Server Variables

    Remote server variables will disclose the remote address of the Kiosk and User Agent Value.

    Global Flash Settings

    Offsite link to Adobe's Global Storage Settings panel.

    File Reflection

    File reflection will allow you to use the iKAT server to view local system files, this is handy when you do not have the ability to load an external application such as a file viewer. Upload the file to iKAT, and iKAT will parse and return the files contents back to you. Don't worry, all files are deleted after being uploaded.

    Choose an option from the menu.

    Local Browser Variables

    Remote Server Variables

    File Reflection

    Select a plaintext or binary file and use iKAT to view the file contents through the magic of Reflection.

  • Common Dialogs→ x

    Spawn Common Dialogs such as File/Open, File/Print, File/Save etc.

    Common Dialogs via HTML

    Spawn Common Dialogs, these Dialogs contain SHELL32/Explorer functionality and can be used to browse the file system.

    Common Dialogs via Flash

    Spawn Common Dialogs via Flash.

    Choose an option from the menu.

    Common Dialogs via HTML

    Common Dialogs via Flash

  • URI Handlers → x

    Tools for determining information about your target.

    Manual Invocation

    Manual links to each known URI handler.

    Automatic Invocation

    Automatically invoke all known URI handlers and thier handling application through JavaScript.

    Choose an option from the menu.

    URI Handlers - Manual

    URI Handlers - Automatic

  • File Handlers → x

    Enumerate all registered File Handlers and spawn the handling application.

    Manual Invocation

    Manual links to each file type.

    Automatic Invocation

    Automatically invoke all known file types and spawn the handling application through JavaScript.

    Choose an option from the menu.

    File Type Handlers - Manual

    File Handlers - Automatic

  • Browser Addons → x

    Browser plugins and addons to aid your exploitation attempts.

    Java Applets

    Got Java? We have shells.

    JavaScript Console

    A full inline JavaScript console

    Firefox Addons

    Install the iKAT FireFox Addon and gain access to an extra right-click context menu. This menu contains new tools and the ability to spawn processs.

    Choose an option from the menu.

    Java

    JavaScript Console

    iKAT FireFox XPI

  • FireFox Resources→ x

    Tools for determining information about your target.

    FireFox XUL Paths

    Copy/Paste each of these links into the URL field to gain access to the FireFox tools/options and configurations.

    Choose an option from the menu.

    FireFox URL Paths

  • iKAT Tools→ x

    A complete armory of tools designed to aid your exploitation attempts.

    Binary Tools

    Native Linux Binaries for various exploitation tasks.

    Choose an option from the menu.

    iKAT Tools

  • Crash a Kiosk→ x

    Attempt to Crash the Kiosk and gain access to the underlying OS

    Crash the Kiosk using HTML Syntax Vulnerabilities

    Automatically spawn HTML content in an attempt to crash the Kiosk, crashing a Kiosk will often lead to the Kiosk application closing and underlying OS being exposed.

    Crash the Kiosk using browser addons/plugins.

    Automatically spawn browser addon content such as Flash and PDF files in an attempt to crash the Kiosk's main process.

    Choose an option from the menu.

    Crash the browser enviroment using HTML content.

    Crash the browser enviroment using Flash/PDF content.

  • Donate & Credits→ x

    Donations, Credits and Contact Information

    Donate to iKAT

    iKAT is 100% donateware, from the hosting, the code-signing certificate, the design, the graphics. Everything is donated. If you have used iKAT to pop shells, or appreciate the hard work invested in iKAT - Please donate.. Every dollar counts

    iKAT Credits

    Thanks to those who have made this project possible

    Contact iKAT

    Would you like to give some feedback to me regarding the project? Think you have a great idea, cool concept, or something to offer? Or just want to send abuse?

    Choose an option from the menu.

    Donate to iKAT

    Credits

    Contact iKAT / Feedback

©2013 Paul Craig // paul at ha.cked.net

Credits
Illustration // Vivien Masters
Website design // Melanie Wilke