Thin Client Kiosk – malerisch.net: Owning a thin client in less than two minutes

By | April 1, 2016

RT @m3g9tr0n: Pwning a thin client in less than two minuteshttps://t.co/Y9FK57uVy2Source: blog.malerisch.netNormally, HP ThinPro OS interface is configured in a kiosk mode, as the concept of a thin/zero client is based on using a thick client to connect to another resource. For this purpose, a standard user does not need to authenticate to the thin client per se and would just need to perform a connection – e.g. VMware Horizon View. The user will eventually authenticate through the connection. The point of this blog post is to demonstrate that a malicious actor can compromise such thin clients in a trivial and quick way provided physical access, a standard prerequisite in an attack against a kiosk.

Source: thinclient.org

Tutorial on breaking and entering a thin client configured for kiosk mode.

Author: Kiosk Industry

Kiosk manufacturer experience since 1993. Engineer for Verizon Bill Pay kiosks while at KIS in Colorado. Extensive device knowledge for printers, scanners, currency, PCI, ADA, touch screen technology, outdoor, biometrics such as fingerprint and IRIS. Runs and manages the current kiosk association, KMA. Works with U.S. Access Board on ADA and accessibility. PCI SSC participating organization. Member of National Retail Federation (NRF) and National Restaurant Association.