User Tools

Site Tools


create_a_phishing_campaign_with_a_word_macro

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
create_a_phishing_campaign_with_a_word_macro [2018/01/13 17:59]
lucy [Available Macro File Templates]
create_a_phishing_campaign_with_a_word_macro [2019/08/07 14:51] (current)
lucy
Line 9: Line 9:
  
   * **Macro Simulation "​Financial Bonus":​** This Macro simulation will access the command shell of a windows system and execute some commands (can be configured in the according template) and then use the browser to send back the output of those commands. Please note that this type of Macro that tries to access the client'​s file system is often detected as malicious in antivirus solutions.   * **Macro Simulation "​Financial Bonus":​** This Macro simulation will access the command shell of a windows system and execute some commands (can be configured in the according template) and then use the browser to send back the output of those commands. Please note that this type of Macro that tries to access the client'​s file system is often detected as malicious in antivirus solutions.
-  * **Macro Simulation "POST ONLY":​** ​This Macro simulation is working in LUCY 3.0 only. It will do a simple http or https connection back to LUCY upon opening which will notify the LUCY administrator that the word has been opened and the Macro has been activated. The Macro can be used in any file based or mixed attack scenarios either as a mail attachment or as a file that can be downloaded from a landing page created by LUCY.+  * **Macro Simulation "POST ONLY":​** It will do a simple http or https connection back to LUCY upon opening which will notify the LUCY administrator that the word has been opened and the Macro has been activated. The Macro can be used in any file-based or mixed attack scenarios either as a mail attachment or as a file that can be downloaded from a landing page created by LUCY. 
 +  * **Macro Simulation "GET ONLY":​** This Macro simulation is working in LUCY 4.6 and newer. This macros template just pings back to Lucy when the user opens the document, without sending and collecting any data. "​Get"​ template can be an alternative to "​Post"​ request in campaigns where you need to check only the fact of opening a file. //Note:// In the campaign settings for the "​Get"​ macro, you need to select type "​Click"​ in "​Success action"​ for a correct statistic. 
  
 Please note, that those are only two samples. **You can create your own template**. Please check the tutorial at the bottom of this page. Please note, that those are only two samples. **You can create your own template**. Please check the tutorial at the bottom of this page.
Line 18: Line 20:
 After the login, you can create your first phishing campaign by pressing the button “**New**”.\\ After the login, you can create your first phishing campaign by pressing the button “**New**”.\\
 \\ \\
-{{ 14.jpg?direct&600 }}\\+{{:macro_1.png?600|}}\\
 \\ \\
 +
 +We recommend using the Setup Wizard when used for the first time.
 +
 +{{:​macro_15.png?​600|}}
  
 ===== STEP 2 - Select or Create a Client ===== ===== STEP 2 - Select or Create a Client =====
  
-Create a client or choose the built in client (a client can be your own organization or the company who asked you to perform a phishing test). This is important because you can also create [[user_management|view only accounts]] which are associated with those clients.+Create a client or choose the built in the client (a client can be your own organization or the company who asked you to perform a phishing test). This is important because you can also create [[user_management|view only accounts]] which are associated with those clients.
  
  
-{{ 16.jpg?direct&600 }}+{{:macro_2.png?600|}}
  
-New clients can be created under "​clients"​. In LUCY v. 2.5 and higher this is created under settings/​clients.\\+New clients can be created under **Settings>​Clients**.\\
  
-{{ 17.jpg?direct&600 }}+{{:macrot_3.png?600|}}
 \\ \\
 \\ \\
 ===== STEP 3 - Choose Your Configuration Mode ===== ===== STEP 3 - Choose Your Configuration Mode =====
  
-You may either continue with the **Expert Setup**, the **Setup Wizard** or a **Start with predefined campaign Template ** (called sample campaign in LUCY < 3.0) configuration. We recommend using the Setup Wizard when used for the first time. Another optional is to set a [[benchmark|Benchmark]] for a campaign. \\+You may either continue with the **Expert Setup** or a **Start with predefined campaign Template ** configuration. \\
  
-{{ 15.jpg?direct&600 }}\\+{{:macro_4.png?600|}}\\
  
-Sometimes a remote Firewall, Spam filter or Virus Filter might automatically scan all the URL's within a link. As a result you end up with false positives and LUCY will show all link clicked (success). To avoid such automatic link requests by some 3rd party application you can enable the antivirus/​firewall protection and LUCY will ignore all GET requests for the first 30 or 60 seconds:+Sometimes a remote Firewall, Spam filter or Virus Filter might automatically scan all the URL's within a link. As a resultyou end up with false positives and LUCY will show all link clicked (success). To avoid such automatic link requests by some 3rd party application you can enable the antivirus/​firewall protection and LUCY will ignore all GET requests for the first 30 or 60 seconds:
  
-{{ ignorefw1.png?600 }}+{{:macro_5.png?600|}}
  
 \\ \\
Line 47: Line 53:
 ===== STEP 4 - Select a Phishing Template that supports Macro'​s ===== ===== STEP 4 - Select a Phishing Template that supports Macro'​s =====
  
-Now you need to select one or multiple phishing scenarios that supports ​Macro'​s (make sure you have [[download_templates|downloaded all the latest scenarios]] first). Please check out what [[scenario_types|different scenario types are available]]. A Macro attack is a file based attack simulation. Therefore, you can only use the following template types:+Now you need to select one or multiple phishing scenarios that support ​Macro'​s (make sure you have [[download_templates|downloaded all the latest scenarios]] first). Please check out what [[scenario_types|different scenario types are available]]. A Macro attack is a file-based attack simulation. Therefore, you can only use the following template types:
  
   * File Based Templates   * File Based Templates
Line 55: Line 61:
 Most templates will enable you to place the Macro on a landing page from where it can be downloaded. If you only want to send the file as a mail attachment without involving a landing page you can choose the file based scenario "​Financial Bonus (Word Macro in email Attachment)":​ Most templates will enable you to place the Macro on a landing page from where it can be downloaded. If you only want to send the file as a mail attachment without involving a landing page you can choose the file based scenario "​Financial Bonus (Word Macro in email Attachment)":​
  
-{{ macro_mail.png?600 }}+{{:macro_17.png?600|}}
  
-This is an email only template that will send the users an email with a Word document file attachment that contains a macro. The macro has the ability to execute a list of harmless commands (e.g. "​whoami"​) and send the output back to LUCY using the built in browser (HTTP). The commands can be configured with the email settings. You may also leave a copy of the output on the Desktop of the user (a text file called lucy_results.txt). If you don't wish to leave any traces, you can select "​Delete Temporary File" in the Macro options. **Please note:** at the bottom drop down menu you can still switch between the different file templates and have the ability to pick a different Macro simulation (e.g. "POST ONLY", which most likely will generate less alerts on a possible AV solution).+This is an email only template that will send the users an email with a Word document file attachment that contains a macro. The macro has the ability to execute a list of harmless commands (e.g. "​whoami"​) and send the output back to LUCY using the built in browser (HTTP). The commands can be configured with the email settings. You may also leave a copy of the output on the Desktop of the user (a text file called lucy_results.txt). If you don't wish to leave any traces, you can select "​Delete Temporary File" in the Macro options. **Please note:** at the bottom drop-down menu you can still switch between the different file templates and have the ability to pick a different Macro simulation (e.g. "POST ONLY", which most likely will generate less alerts on a possible AV solution).
  
-{{ 65754.png?600 }}+{{:macro_6.png?600|}}
  
  
Line 65: Line 71:
 \\ \\
  
-{{ macro_mixed.png?​600 }}\\+\\
  
-**Note:** If you attach ​Office file to an email there is a much higher chance it will get filtered opposite to campaigns, where the Office File has to be downloaded from a web page. The "POST ONLY" Macro has the highest chance of not getting filtered as it is not accessing the local file system from the tested target. ​+**Note:** If you attach ​an Office file to an email there is a much higher chance it will get filtered opposite to campaigns, where the Office File has to be downloaded from a web page. The "POST ONLY" Macro has the highest chance of not getting filtered as it is not accessing the local file system from the tested target. ​
  
 \\ \\
 ===== STEP 6 - Configure the Base Settings of Your Campaign ===== ===== STEP 6 - Configure the Base Settings of Your Campaign =====
  
-Once you have selected the scenario, you need to configure the **Base Settings** of the campaign. First give your campaign a name and then choose how your recipients will be able to access LUCY by defining the [[domain_configuration|Domain]]. Finding the appropriate domain name is a very important step for the success and it depends very much on your campaign scenario. If you plan to create a fake web mail login you might try to reserve a domain like "​webmail-server365.com"​ and point it to LUCY.\\ +Once you have selected the scenario, you need to configure the **Base Settings** of the campaign. Firstgive your campaign a name and then choose how your recipients will be able to access LUCY by defining the [[domain_configuration|Domain]]. Finding the appropriate domain name is a very important step for the success and it depends very much on your campaign scenario. If you plan to create a fake web mail login you might try to reserve a domain like "​webmail-server365.com"​ and point it to LUCY.\\ 
- +{{:macro_18.png?600|}}\\
-{{ 24.jpg?direct&600 }}\\+
 \\ \\
 **Note**: Each scenario has its own Base Settings. **Note**: Each scenario has its own Base Settings.
Line 83: Line 88:
 There a few **Optional Settings** that you can apply within the Base Settings. Lucy comes with certain Default Settings. You can change these setting as you like. The settings are: There a few **Optional Settings** that you can apply within the Base Settings. Lucy comes with certain Default Settings. You can change these setting as you like. The settings are:
  
-  ​* **Setup Wizard**: You can always Unselect the Setup Wizard and continue with the Expert Mode. +  * **Track Opened Emails**: Inserts an invisible image into outgoing emails to track if users opened the message. Use this feature carefullyas some email servers may put such emails into the spam folder. 
-  * **Use SSL**: If you decide to use SSL for the campaign (either generate a certificate or import a trusted certificate) you can do this via the [[ssl_configuration|SSL Wizard]]. +  * **Disable Landing**: Check to disable landing page for this scenario
-  * **Anonymous Mode**: Use this mode to hide all "​Victim"​ data (IP address, login details, etc.) from statistics and reports. +  * **Send Link to Awareness Website Automatically**:​ Send a link to the [[awareness_e-learning_settings|Awareness Website]] after the user has been successfully attacked. Please note that the Awareness Website should be published for this feature to work. 
-  * **Success Action**: Defines what LUCY considers as an successful attack. There are [[success_actions|four options]]. +  * **Advanced ​Information Gathering**:​ Check this option to enable ​advanced visitor ​information gathering More details ​can be found here: [[Advanced information gathering]] 
-  ​* **Track Opened Emails**: Inserts an invisible image into outgoing emails to track if users opened the message. Use this feature carefully as some email servers may put such emails into the Spam FolderAlso some email clients (like Outlook) block the automatic downloading of images in the Preview window+  * **Success Action**: Defines what LUCY considers as a successful attack. There are [[success_actions|four options]].
-  * **Send Link to Awareness Website Automatically**:​ Send a link to the [[awareness_e-learning_settings|Awareness Website]] after user has been successfully attacked. Please note that the Awareness Website should be published for this feature to work. +
-  * **BeEF Information Gathering** : Check this option to enable information gathering ​using BeEF.(http://​beefproject.com/​). BeEF is a penetration testing tool that focuses on the web browser - it helps LUCY collect advanced information about your users. ​More background info can be found [[beef_integration|here]].+
   * **Collect Data**: Choose "​Full"​ if you want to record all entered logins and passwords, "​Partial"​ to record only the first 3 letters (remaining letters will be masked with asterisks) or "​No"​ to skip user data collection.   * **Collect Data**: Choose "​Full"​ if you want to record all entered logins and passwords, "​Partial"​ to record only the first 3 letters (remaining letters will be masked with asterisks) or "​No"​ to skip user data collection.
-  * **Double Barrel Attack**: When using Double Barrel Attack, the system first sends a "​Lure"​ email containing some teaser text. After that the system waits for a while (you can configure that time in settings below) and sends an actual phishing email. The "​Lure"​ delay defines, in seconds, the time frame between the Lure and the attack emails for a Double-Barrel Attack. +  * **Double Barrel Attack**: When using Double Barrel Attack, the system first sends a "​Lure"​ email containing some teaser text. After thatthe system waits for a while (you can configure that time in settings below) and sends an actual phishing email. The "​Lure"​ delay defines, in seconds, the time frame between the Lure and the attack emails for a Double-Barrel Attack. 
-  * **Login Regexp**: Another option is to define some login filters to only catch valid logins (you could define ​the Domain Name in the User Name field or say that the Password has to be at least 8 characters to be accepted from LUCY)ExampleThis filter here ^(?=.*\d)(?=.*[A-Za-z])[A-Za-z0-9].{8,​}$ would only allow logins with minimum 1 alphabetic character, minimum 1 digit & minimum length 8+  * **URL Shortener**: When you place the %link% variable within ​the message body and your scenario uses a public domain name, it will automatically ​be shortenedThe link will look like “http://is.gd/​9VjDKF” to fit into one text messageIf you use an IP address for your landing page the link will be not shortened
   * **Redirect URL**: This is used for [[create_a_phishing_campaign_with_only_a_hyperlink_in_mail_no_landing_page|hyperlink based scenarios]] or within a landing page to redirect to an awareness page.   * **Redirect URL**: This is used for [[create_a_phishing_campaign_with_only_a_hyperlink_in_mail_no_landing_page|hyperlink based scenarios]] or within a landing page to redirect to an awareness page.
-  * **Compress Executable**: This setting is irrelevant for a Macro Based Campaign as a word file is not an executable.+  * **File Type**: In this drop-down list you can select the type of file that will be attached to the email.
  
  
 ===== STEP 8 - Edit your Landing Web Page within Your Campaign ===== ===== STEP 8 - Edit your Landing Web Page within Your Campaign =====
  
-After saving the Base Settings, you can now [[Edit_Landing_Page|Edit the Landing Page]], [[Upload_Your_Web_Page|Upload Your Own Webpage]] or simply [[copy_web_page|copy any website on the internet]]. The Landing Page is the webpage that the users will see when they click on the link in the email they receive. First select the drop-down menu at the top the page where you want to edit. Please note that the same landing page may be available in different languages. So make sure you [[dealing_with_multiple_languages_in_your_recipient_group|edit the correct language]]. ​+After saving the Base Settings, you can now [[Edit_Landing_Page|Edit the Landing Page]], [[Upload_Your_Web_Page|Upload Your Own Webpage]] or simply [[copy_web_page|copy any website on the internet]]. The Landing Page is the webpage that the users will see when they click on the link in the email they receive. Firstselect the drop-down menu at the top the page where you want to edit. Please note that the same landing page may be available in different languages. So make sure you [[dealing_with_multiple_languages_in_your_recipient_group|edit the correct language]]. ​
  
-As we want to include a download to a Macro we need to make sure the Macro is selected at the bottom of the configuration page. This drop down menu will tell LUCY what malware simulation should be attached to the download bottom on this page:+As we want to include a download to a Macro we need to make sure the Macro is selected at the bottom of the configuration page. This drop-down menu will tell LUCY what malware simulation should be attached to the download bottom on this page:
  
-{{ macro_mixed2.png?600 }}+{{:macro_8.png?600|}}
  
 If you save the landing page with the settings displayed in the screenshot above LUCY will create a Word file for each user which can be downloaded from the phishing simulation. If you save the landing page with the settings displayed in the screenshot above LUCY will create a Word file for each user which can be downloaded from the phishing simulation.
Line 111: Line 114:
 It’s time to setup email communication (if you want you can also use [[smishing|SMS]] as an alternative). Choose your sender'​s name, email address and subject. Please also choose the language for each group. If you configured an English landing page, then select English also within that recipient group. If you have different groups with different languages within your company you can simply create a group and select a language for each recipient. LUCY then will direct each user to an individual landing page that [[dealing_with_multiple_languages_in_your_recipient_group|matches that language]]. Please read the [[Mail_Settings|Mail Settings Chapter]] for more configuration options. It’s time to setup email communication (if you want you can also use [[smishing|SMS]] as an alternative). Choose your sender'​s name, email address and subject. Please also choose the language for each group. If you configured an English landing page, then select English also within that recipient group. If you have different groups with different languages within your company you can simply create a group and select a language for each recipient. LUCY then will direct each user to an individual landing page that [[dealing_with_multiple_languages_in_your_recipient_group|matches that language]]. Please read the [[Mail_Settings|Mail Settings Chapter]] for more configuration options.
  
-{{ 42.jpg?direct&600 }}+{{:macro_9.png?600|}}
  
 **Note**: The most common reason for emails not arriving at your Recipient'​s Inbox are SPAM filters. When using a known email domain (e.g. test@microsoft.com) or a non-existing email domain (e.g. test@nonexistant.com) your email might get deleted by SPAM filters. Some public email providers (like Gmail, Hotmail, etc.) are very restrictive concerning possible SPAM emails and might not even forward emails to your Recipient'​s SPAM folder (based on the emails SPAM reputation). To verify this you can use LUCY's built in [[Spam_Check|SPAM Checker]]. **Note**: The most common reason for emails not arriving at your Recipient'​s Inbox are SPAM filters. When using a known email domain (e.g. test@microsoft.com) or a non-existing email domain (e.g. test@nonexistant.com) your email might get deleted by SPAM filters. Some public email providers (like Gmail, Hotmail, etc.) are very restrictive concerning possible SPAM emails and might not even forward emails to your Recipient'​s SPAM folder (based on the emails SPAM reputation). To verify this you can use LUCY's built in [[Spam_Check|SPAM Checker]].
Line 120: Line 123:
 You need to create the Recipients List in the Menu item "​Recipients"​. ​ You need to create the Recipients List in the Menu item "​Recipients"​. ​
  
-{{ 47.jpg?direct&600 }}+{{:macro_10.png?600|}}
  
 This is the list of users that will get the phishing emails. You can add them manually, import a file with all your recipients or even search them on the internet. Once you have created that group, you can select it in your campaign and map them to a specific scenario. You can also define if they should be used only for the Landing Page link, the [[Awareness_E-learning_settings|Awareness site link (e-learning)]] or both.  ​ This is the list of users that will get the phishing emails. You can add them manually, import a file with all your recipients or even search them on the internet. Once you have created that group, you can select it in your campaign and map them to a specific scenario. You can also define if they should be used only for the Landing Page link, the [[Awareness_E-learning_settings|Awareness site link (e-learning)]] or both.  ​
  
-{{ 49.jpg?direct&600 }}+{{:macro_11.png?600|}}
  
 Please read the [[Add_Mail_Recipients|Recipients Settings Chapter]] for more configuration options. ​ Please read the [[Add_Mail_Recipients|Recipients Settings Chapter]] for more configuration options. ​
Line 136: Line 139:
 ===== Step 12 - Add E-learning Content to Your Campaign ===== ===== Step 12 - Add E-learning Content to Your Campaign =====
  
-There is the option to have LUCY automatically send some e-learning content to all users or only users who have failed the phishing test. This configuration setting is part of an [[Awareness_E-learning_Settings|Separate Chapter (E-learning).]] If you want the users to get an e-mail with a link to the awareness content, you need make sure that in "STEP 7 - Configure Basic Settings"​ the checkbox "Send Link to Awareness Website Automatically"​ is selected and you configured an awareness template (mail and optional landing page). It is also important that you define what you consider as an [[success_actions|successful attack]] because only those who have been successfully tested will receive the mail. If you don't want the e-learning content to be delivered via mail you can also [[redirecting_users|redirect the user directly to a landing page with the awareness content]]. ​+There is the option to have LUCY automatically send some e-learning content to all users or only users who have failed the phishing test. This configuration setting is part of an [[Awareness_E-learning_Settings|Separate Chapter (E-learning).]] If you want the users to get an e-mail with a link to the awareness content, you need to make sure that in "STEP 7 - Configure Basic Settings"​ the checkbox "Send Link to Awareness Website Automatically"​ is selected and you configured an awareness template (mail and optional landing page). It is also important that you define what you consider as an [[success_actions|successful attack]] because only those who have been successfully tested will receive the mail. If you don't want the e-learning content to be delivered via mail you can also [[redirecting_users|redirect the user directly to a landing page with the awareness content]]. ​
  
  
Line 143: Line 146:
 Now you are ready to start. Although we recommend performing a test run with a single recipient before you start attacking all users, additionally it is a good idea to use the [[Spam_Check|LUCY SPAM Checker]]. Just click “Real Attack” and LUCY will test your settings before starting the campaign. If you want to skip the checks, press "Skip Checks"​. Your first recipients should receive the emails within seconds. Please read the [[Start_a_Campaign_Campaign_Checks|Start Campaign Settings Page]] for more configuration options. If you experience any problems with starting/​running your campaign, please [[Troubleshooting_Known_Issues|Consult the Troubleshoot Section]] first. Now you are ready to start. Although we recommend performing a test run with a single recipient before you start attacking all users, additionally it is a good idea to use the [[Spam_Check|LUCY SPAM Checker]]. Just click “Real Attack” and LUCY will test your settings before starting the campaign. If you want to skip the checks, press "Skip Checks"​. Your first recipients should receive the emails within seconds. Please read the [[Start_a_Campaign_Campaign_Checks|Start Campaign Settings Page]] for more configuration options. If you experience any problems with starting/​running your campaign, please [[Troubleshooting_Known_Issues|Consult the Troubleshoot Section]] first.
  
-{{ 59.jpg?direct&600 }}+{{:macro_12.png?600|}}
  
  
Line 150: Line 153:
 The progress of the campaign can always be monitored in Real-Time. Click "​Statistics"​ within your campaign. ​ Please read the [[Monitor_a_Campaign_Statistics|Statistics Chapter]] for more configuration options. The progress of the campaign can always be monitored in Real-Time. Click "​Statistics"​ within your campaign. ​ Please read the [[Monitor_a_Campaign_Statistics|Statistics Chapter]] for more configuration options.
  
-{{ 63.jpg?600 }}+{{:macro_13.png?600|}}
  
-You will be able to track if the macro has been activated if you enabled the [[success_actions|success action]] as "file data receive"​. The actual output of the macro'​s ​can be found within the campaign under statistics/​collected data.+You will be able to track if the macro has been activated if you enabled the [[success_actions|success action]] as "file data receive"​. The actual output of the macros ​can be found within the campaign under statistics/​collected data.
  
 ===== Step 15 - Create Reports ===== ===== Step 15 - Create Reports =====
Line 158: Line 161:
 Once you have finished the campaign, you may create different types of reports (PDF, HTML or raw export). Please read the [[Create_Campaign_Reports|Creating Reports Chapter]] for more configuration options. Once you have finished the campaign, you may create different types of reports (PDF, HTML or raw export). Please read the [[Create_Campaign_Reports|Creating Reports Chapter]] for more configuration options.
  
-{{ 69.jpg?600 }}+{{:macro_14.png?600|}}
  
  
Line 165: Line 168:
 You can create your own template in two ways: You can create your own template in two ways:
  
-  - based on a copy of an existing template +  - Based on a copy of an existing template 
-  - create ​a new template from scratch+  - Create ​a new template from scratch
  
 **Example: create a copy of an existing template** **Example: create a copy of an existing template**
-Lets say you want to create a new macro template based on the existing template "​info.doc"​ (POST only) called mydocument.doc,​ you need to go through the following steps:+Let'​s ​say you want to create a new macro template based on the existing template "​info.doc"​ (POST only) called mydocument.doc,​ you need to go through the following steps:
   * Step 1: Select the template "​Macros (POST only)   * Step 1: Select the template "​Macros (POST only)
   * Step 2: Press the copy button   * Step 2: Press the copy button
Line 179: Line 182:
  
 **Example: create a new template from scratch** **Example: create a new template from scratch**
-You can create your own file based macro templates using any MS office file (ppt, doc, xls...):+You can create your own file-based macro templates using any MS office file (ppt, doc, xls...):
  
-  * 1) create a VB macro with main function named AutoOpen+  * 1) create a VB macro with the main function named AutoOpen
   * 2) use all variables you will pass from lucy in this form - "​%my_variable%###################"​ - don't forget to pad the value with "#"​ symbols, so the string is long enough to hold all possible values (Lucy replaces #s with actual data when running a campaign)   * 2) use all variables you will pass from lucy in this form - "​%my_variable%###################"​ - don't forget to pad the value with "#"​ symbols, so the string is long enough to hold all possible values (Lucy replaces #s with actual data when running a campaign)
   * 3) use %lucy_url% as Lucy URL   * 3) use %lucy_url% as Lucy URL
   * 4) use variables in macro only after you process them with "​Clean"​ function (see attached bas file) - it cleans excess # in the end before using the actual data passed from Lucy   * 4) use variables in macro only after you process them with "​Clean"​ function (see attached bas file) - it cleans excess # in the end before using the actual data passed from Lucy
-  * 5) open word, excel or powerpoint document, go to developer tab and hit "Edit Macro"+  * 5) open word, excel or powerpoint document, go to the developer tab and hit "Edit Macro"
   * 6) there choose "​AutoOpen"​ function or create it and press "​Edit"​   * 6) there choose "​AutoOpen"​ function or create it and press "​Edit"​
   * 7) paste your macro code, save the document and quit   * 7) paste your macro code, save the document and quit
Line 195: Line 198:
 ===== Macro Template for Mac ===== ===== Macro Template for Mac =====
  
-Existing Macro Templates are more focused on Windows systems. If you want to attack Mac OS system, please use {{ :​macos-sample.zip |this file}}.+Existing Macro Templates are more focused on Windows systems. If you want to attack ​the Mac OS system, please use {{ :​macos-sample.zip |this file}}.
  
  
create_a_phishing_campaign_with_a_word_macro.1515862791.txt.gz · Last modified: 2019/07/25 12:51 (external edit)