Differences

This shows you the differences between two versions of the page.

--- create_a_phishing_campaign_with_malware_simulations [2016/10/21 12:05] – lucy
+++ create_a_phishing_campaign_with_malware_simulations [2016/12/05 19:06] – lucy
@@ Line 39: / Line 39: @@
   *   **Microphone**: Get audio recording from microphone for a short period. Display GUI option may have a value of 0 to 4: 0 - no GUI, 1 - Progress Bar, 2 - Decryptor Window, 3 or 4 - Error Message Window.
   * **WebRecorder**: Records screenshots and tries to access the webcam to record a few seconds as a PoC.
+  * **Ransomware Screenlocker**: Will lock the PC screen and ask the user to enter a password that can be set in the backend. The idea is to have the user call some helpdesk to ask for the password to have a better learning effect.
   * **ConsoleInteractive**: This tool allows you to establish a reverse HTTP/HTTPS channel to LUCY. Once the file has been executed, you can see the session in “Sessions”. The tool only runs in the memory (called “file” in Process View). After the termination, the session can no longer be established. You can click on the IP and start executing commands within the Windows shell. The output should appear after a few seconds automatically. This Tool only works with Windows 7/8 in combination with IE and Firefox. More background info can be found [[interactive_reverse_http_s_sessions|here]].
@@ Line 101: / Line 102: @@
 **STEP 8 - Edit your Landing Web Page within Your Campaign:** After saving the Base Settings, you can now [[Edit_Landing_Page|Edit the Landing Page]], [[Upload_Your_Web_Page|Upload Your Own Webpage]] or simply [[copy_web_page|copy any website on the internet]]. The Landing Page is the webpage that the users will see when they click on the link in the email they receive. First select the drop-down menu at the top the page where you want to edit. Please note that the same landing page may be available in different languages. So make sure you [[dealing_with_multiple_languages_in_your_recipient_group|edit the correct language]]. When you choose a file based attack scenario you will see some additional configuration options appearing at the bottom of the page. Those settings define what file is provided within the download button for the recipient and what the executable should do upon opening. We recommend starting with a "harmless", non-intrusive trojan simulation that doesn't violate the recipients data privacy. A harmless simulation is for example the ConsolePost" Trojan, which will stealthy execute a few pre-defined commands (like "whoami") in the users shell and send the output back to LUCY. You have a few additional options:
-  * Decide if the user should see some fake GUI upon execution or not
+  * Decide if the user should see [[file_based_gui_options|some fake GUI]] upon execution or not
   * Specify a specific error message that will appear upon execution
   * Specify the Trojan settings (e.g. enable/disable specific Trojan features or define custom commands)
@@ Line 151: / Line 152: @@
-===== File based templates =====
+===== Edit File based templates =====
 All attachments can be edited within LUCY. The Attachments Settings can be stored as Default templates under Settings/Attachment templates.
@@ Line 158: / Line 159: @@
 {{ 84.jpg?600 }}
+You can rename the file templates from file.exe to any filename. In LUCY < 3.2 you can do that by downloading the file.exe, renaming it & the uploading it back to the generic file template.