At the Defcon hacker conference, which ended on Sunday, New Zealand security specialist Paul Craig released version 5 of iKAT (Interactive Kiosk Attack Tool). iKAT is a free web service that tries to bypass the protective mechanisms of internet kiosk PCs and gain control of the systems.
Such computers can usually be found in hotel lobbies, airport lounges and other public spaces. Kiosk operators can use iKAT to test the resilience of their systems.

The Linux- or Windows-based kiosk systems are usually protected and only allow specific applications to be launched. The primary aim of iKAT is to start a Windows or Linux shell. To achieve it, iKAT tries to exploit known vulnerabilities in a number of different ways. For example, when opening the iKAT page from a Windows-based kiosk system, users are presented with a "1Click PWN" button

The link for this article located at H Security is no longer available.