home of the madduck/ blog/
Windows kiosks

They have kiosk PCs here at the airport, running Windows 2003 over Citrix MetaFrame. Apart from being ass-slow, these systems attempt to be highly "secured": only Internet Explorer is running, the task manager is disabled, and the Citrix MetaFrame apparently sits behind a fascist firewall, which seems to integrate with Windows to a point where Putty could not establish an SSH connection to a server running sshd on port 443 (HTTPs).

What the system administrators of course did not realise (and neither does Microsoft), is that Internet Explorer is such an insecure piece of crap that it's effectively no problem to do whatever you want through its holes and bugs.

It tooks me only about twenty minutes until I had access to my USB stick, and another five until Putty was negotiating SSH with the help of the Internet Explorer Java Console, which happily relayed my traffic as coming from the iexplore.exe process.

I always tend to smile when people talk about locking down Windows, and I regularly find new reasons to do so.