Your Kiosk, My Kiosk presented at KiwiCon 2007

by Delf (,

Tags: Security

Summary : Internet Kiosks. We have all seen them in Airports, Lobbies and Army/Navy recruiting stations. Computers designed to run a browser inside a 'protected shell'. Often plugged directly into a company LAN. Just machines running Windows XP...
The only thing stopping 'Casual Hacker Paul' from compromising your box and getting access to the LAN is the Kiosk software. A $50-$100 "Shareware" product, who's owning company outsourced all development to Mumbai, India.
This presentation will focus on new methods of Internet Kiosk exploitation. Additionally architecture and design flaws in the "Software Internet Kiosk" product as a whole.
... and various 0-day in different kiosk applications, just for good measure.