create_a_phishing_campaign_with_malware_simulations
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
create_a_phishing_campaign_with_malware_simulations [2019/07/25 12:49] – external edit 127.0.0.1 | create_a_phishing_campaign_with_malware_simulations [2019/09/10 09:09] – [Delivery Challenges] lucy | ||
---|---|---|---|
Line 169: | Line 169: | ||
**Note**: The current edition of LUCY will include tools that access files on shares and upload them to the campaign or access the email client via MAPI. These features have restricted configuration options in the community edition (like maximum number of files that can be uploaded, etc.) the same goes for the number of screenshots or length of videos. Only the Commercial Editions have no limitations. You can upload your own custom payload. But keep in mind that reverse channels to LUCY won’t work; only attachments from LUCY are compiled in Real Time with certain settings (IP, Domain Name, URL etc.). | **Note**: The current edition of LUCY will include tools that access files on shares and upload them to the campaign or access the email client via MAPI. These features have restricted configuration options in the community edition (like maximum number of files that can be uploaded, etc.) the same goes for the number of screenshots or length of videos. Only the Commercial Editions have no limitations. You can upload your own custom payload. But keep in mind that reverse channels to LUCY won’t work; only attachments from LUCY are compiled in Real Time with certain settings (IP, Domain Name, URL etc.). | ||
+ | |||
+ | |||
+ | ===== Delivery Challenges ===== | ||
+ | |||
+ | Executable files usually cannot be delivered to a user via e-mail attachment. These are blocked by most email programs. | ||
+ | |||
+ | In order to deliver a malware simulation to the user, the attachment should not be provided via email, but via download on a website. There you have the possibility to download the file: | ||
+ | |||
+ | * Inside an archve (zip, jar, rar etc.) | ||
+ | * Inside an encrypted file (e.g. zip with a password) | ||
+ | * [[pdf_attacks|Inside a PDF]] | ||
+ | * [[create_a_phishing_campaign_with_a_java_dropper_applet|Tunneled through an aplet]] | ||
+ | * Download as a plain exe | ||
+ | |||
+ | Those settings can be applied within the scenario settings of the specific template. Choose archive (1), Tunnel (2) or PDF (3) for the according method: | ||
+ | |||
+ | {{ sc_et_fil.png? | ||
+ | |||
+ | |||
create_a_phishing_campaign_with_malware_simulations.txt · Last modified: 2021/12/15 13:20 by lucy