Gerhard KlostermeierI was giving a talk at @BalCCon about breaking out of kiosk mode environments. The conference was an fantastic experience! You can find the full write-up with tips & tricks, slides, etc. here: https://github.com/ikarus23/kiosk-mode-breakout
Mänu@iiiikarus @BalCCon Yeah, nice collection, thanks!
Some input:
I once managed a breakout on an Android Kiosk by finding a link to Google Search, then clicking on the camera icon in the search field which opens Google Lens. Lens was not installed, so the Play Store opened where I could install additional apps and finally access the entire system. When I now think about it, clicking a link to https://play.google.com/store/apps/details?id=com.google.android.apps.maps would also directly open the Play Store.
@emanuelduss Yeah, quite often it all comes down to links. But as you noticed, Android is a bit different from e.g. Windows when it comes to handling links referring to apps.
Thanks for sharing your story. I will add a extra hint to the Android section regarding links!
@iiiikarus Really cool talk and nice stories :)
I was also able to bypass badly configured McAffee / Trellilx DLP systems using external SSDs and DVD drives (since these are also other device classes). These were no Kiosk systems but "hardened" clients. Since you mentioned the MTP trick, this could also be useful.
I could also once use the Windows mobile hotspot feature to bypass a NAC system and connect my own device to the internal network. Could also be useful for Kiosk systems.
I opened a PR if you like to include this info.
THX for your presentation 🤘