Differences

This shows you the differences between two versions of the page.

--- create_a_phishing_campaign_with_a_word_macro [2019/08/07 14:31] – lucy
+++ create_a_phishing_campaign_with_a_word_macro [2019/08/07 14:51] – lucy
@@ Line 10: / Line 10: @@
   * **Macro Simulation "Financial Bonus":** This Macro simulation will access the command shell of a windows system and execute some commands (can be configured in the according template) and then use the browser to send back the output of those commands. Please note that this type of Macro that tries to access the client's file system is often detected as malicious in antivirus solutions.
   * **Macro Simulation "POST ONLY":** It will do a simple http or https connection back to LUCY upon opening which will notify the LUCY administrator that the word has been opened and the Macro has been activated. The Macro can be used in any file-based or mixed attack scenarios either as a mail attachment or as a file that can be downloaded from a landing page created by LUCY.
-  * **Macro Simulation "GET ONLY":** This Macro simulation is working in LUCY 4.6 only. This macros template just pings back to Lucy when the user opens the document, without sending and collecting any data. "Get" template can be an alternative to "Post" request in campaigns where you need to check only the fact of opening a file.
+  * **Macro Simulation "GET ONLY":** This Macro simulation is working in LUCY 4.6 and newer. This macros template just pings back to Lucy when the user opens the document, without sending and collecting any data. "Get" template can be an alternative to "Post" request in campaigns where you need to check only the fact of opening a file. //Note:// In the campaign settings for the "Get" macro, you need to select type "Click" in "Success action" for a correct statistic.
 Please note, that those are only two samples. **You can create your own template**. Please check the tutorial at the bottom of this page.
@@ Line 33: / Line 34: @@
 {{:macro_2.png?600|}}
-New clients can be created under settings>clients.\\
+New clients can be created under **Settings>Clients**.\\
 {{:macrot_3.png?600|}}
@@ Line 78: / Line 79: @@
 Once you have selected the scenario, you need to configure the **Base Settings** of the campaign. First, give your campaign a name and then choose how your recipients will be able to access LUCY by defining the [[domain_configuration|Domain]]. Finding the appropriate domain name is a very important step for the success and it depends very much on your campaign scenario. If you plan to create a fake web mail login you might try to reserve a domain like "webmail-server365.com" and point it to LUCY.\\
-{{:macro_16.png?600|}}\\
+{{:macro_18.png?600|}}\\
 \\
 **Note**: Each scenario has its own Base Settings.
@@ Line 90: / Line 91: @@
   * **Disable Landing**: Check to disable landing page for this scenario.
   * **Send Link to Awareness Website Automatically**: Send a link to the [[awareness_e-learning_settings|Awareness Website]] after the user has been successfully attacked. Please note that the Awareness Website should be published for this feature to work.
-  * **Awareness Delay**:
+  * **Advanced Information Gathering**: Check this option to enable advanced visitor information gathering More details can be found here: [[Advanced information gathering]]
   * **Success Action**: Defines what LUCY considers as a successful attack. There are [[success_actions|four options]].
   * **Collect Data**: Choose "Full" if you want to record all entered logins and passwords, "Partial" to record only the first 3 letters (remaining letters will be masked with asterisks) or "No" to skip user data collection.
   * **Double Barrel Attack**: When using Double Barrel Attack, the system first sends a "Lure" email containing some teaser text. After that, the system waits for a while (you can configure that time in settings below) and sends an actual phishing email. The "Lure" delay defines, in seconds, the time frame between the Lure and the attack emails for a Double-Barrel Attack.
-  * **Login Regexp**: Another option is to define some login filters to only catch valid logins (you could define the Domain Name in the User Name field or say that the Password has to be at least 8 characters to be accepted from LUCY). Example: This filter here ^(?=.*\d)(?=.*[A-Za-z])[A-Za-z0-9].{8,}$ would only allow logins with minimum 1 alphabetic character, minimum 1 digit & minimum length 8.
+  * **URL Shortener**: When you place the %link% variable within the message body and your scenario uses a public domain name, it will automatically be shortened. The link will look like “http://is.gd/9VjDKF” to fit into one text message. If you use an IP address for your landing page the link will be not shortened.
   * **Redirect URL**: This is used for [[create_a_phishing_campaign_with_only_a_hyperlink_in_mail_no_landing_page|hyperlink based scenarios]] or within a landing page to redirect to an awareness page.
-  * **Compress Executable**: This setting is irrelevant for a Macro Based Campaign as a word file is not executable.
+  * **File Type**: In this drop-down list you can select the type of file that will be attached to the email.
@@ Line 167: / Line 168: @@
 You can create your own template in two ways:
-  - based on a copy of an existing template
+  - Based on a copy of an existing template
-  - create a new template from scratch
+  - Create a new template from scratch
 **Example: create a copy of an existing template**