User Tools

Site Tools


create_a_phishing_campaign_with_a_java_dropper_applet

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
create_a_phishing_campaign_with_a_java_dropper_applet [2017/03/04 16:36] lucycreate_a_phishing_campaign_with_a_java_dropper_applet [2019/07/25 12:49] (current) – external edit 127.0.0.1
Line 27: Line 27:
  
  
-  * **Step 2 -Select the appropriate file type** within the scenario settings. +  * **Step 2 -Select the appropriate file type** within the scenario settings. "Tunnel Executable" is the java dropper and "java applet" is the applet that gathers system information: 
  
 {{ s1_choose_filetype.png?600 }} {{ s1_choose_filetype.png?600 }}
Line 40: Line 40:
 {{ javapath.png?600 }} {{ javapath.png?600 }}
  
-In case you selected the java dropper, you still need to select the malware simulation that should be loaded & executed with the Applet on landing page template. This is all it needs to configure a Applet based attack. If the user opens the link to the landing page he now will get a popup that will ask him to run the applet. If he accepts to run the applet, the selected malware simulation is loaded into the specified directory and executed.+In case you selected the java dropper, you still need to select the malware simulation that should be loaded & executed when the applet on landing page template is activated 
 + 
 +  * **Step 4 - Test your scenario:**: If everything is configured correctly, the user who opens the link to the landing page should now see a popup that will ask him to run an applet. If he accepts to run the applet, the selected malware simulation is loaded into the specified directory and executed OR the system commands are getting executed (depening on which applet you picked in Step 2):
  
 {{ javattackeditpage.png?600 }} {{ javattackeditpage.png?600 }}
Line 49: Line 51:
   * The applet requires the browser to have the java plugin installed and activated   * The applet requires the browser to have the java plugin installed and activated
   * Only executables can be transmitted from LUCY to the client (no word files)   * Only executables can be transmitted from LUCY to the client (no word files)
 +  * The applet can only run on file based & mixed template types (if mixed: it will only run on the second page like account.html)
create_a_phishing_campaign_with_a_java_dropper_applet.1488641762.txt.gz · Last modified: 2019/07/25 12:51 (external edit)