Comments on: Security weaknesses in airport internet kiosks http://www.securityninja.co.uk/data-loss/security-weaknesses-in-airport-internet-kiosks/ Security research, news and guidance Thu, 09 May 2013 14:59:42 +0000 hourly 1 http://wordpress.org/?v= By: Security Ninja http://www.securityninja.co.uk/data-loss/security-weaknesses-in-airport-internet-kiosks/comment-page-1/#comment-6214 Security Ninja Wed, 10 Nov 2010 09:11:23 +0000 http://www.securityninja.co.uk/?p=1585#comment-6214 Hi Paul, Thanks for leaving a comment on this blog post, it is nice to see a vendor taking security seriously and trying to address some of the issues you have found with iKAT. Angel Hi Paul,

Thanks for leaving a comment on this blog post, it is nice to see a vendor taking security seriously and trying to address some of the issues you have found with iKAT.

Angel

]]> By: Paul Craig http://www.securityninja.co.uk/data-loss/security-weaknesses-in-airport-internet-kiosks/comment-page-1/#comment-6212 Paul Craig Wed, 10 Nov 2010 08:08:24 +0000 http://www.securityninja.co.uk/?p=1585#comment-6212 Provisio (SiteKiosk guys) take their security rather seriously, and all of the newer versions actively try to fix all the bugs i have found and published in iKAT (which use to get shell) Local USB devices are a great way of getting in though as they will not fall under the host-hardening performed by SiteKiosk installs. FAT formatted USB disk with Metasploit or iKAT Portable would do the job very easily. Provisio (SiteKiosk guys) take their security rather seriously, and all of the newer versions actively try to fix all the bugs i have found and published in iKAT (which use to get shell)
Local USB devices are a great way of getting in though as they will not fall under the host-hardening performed by SiteKiosk installs.

FAT formatted USB disk with Metasploit or iKAT Portable would do the job very easily.

]]> By: Angel http://www.securityninja.co.uk/data-loss/security-weaknesses-in-airport-internet-kiosks/comment-page-1/#comment-5589 Angel Tue, 19 Oct 2010 09:14:11 +0000 http://www.securityninja.co.uk/?p=1585#comment-5589 Thanks for your comment Brian. I have in mind to test the tool you have commented with the SiteKiosk software in my lab. Angel. Thanks for your comment Brian.

I have in mind to test the tool you have commented with the SiteKiosk software in my lab.

Angel.

]]> By: Brian Honan http://www.securityninja.co.uk/data-loss/security-weaknesses-in-airport-internet-kiosks/comment-page-1/#comment-5185 Brian Honan Thu, 23 Sep 2010 11:27:50 +0000 http://www.securityninja.co.uk/?p=1585#comment-5185 Angel You should look at Paul Craig's Interactive Kiosk Attack Tool IKAT at http://ikat.ha.cked.net Brian Angel

You should look at Paul Craig’s Interactive Kiosk Attack Tool IKAT at http://ikat.ha.cked.net

Brian

]]>