LUCY

User Tools

Site Tools

Trace:
set_a_password_for_the_archive_in_file_based_attacks_or_change_the_file_name

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
set_a_password_for_the_archive_in_file_based_attacks_or_change_the_file_name [2016/09/06 18:32] – [Change the file name of the executable or word file] lucyset_a_password_for_the_archive_in_file_based_attacks_or_change_the_file_name [2017/08/08 15:46] – [Change the file type (e.g. use an excel instead of word)] lucy
Line 29: Line 29:
 {{ rename_file.png?600 }} {{ rename_file.png?600 }}
  
 +
 +===== Change the layout of the word file =====
 +
 +In LUCY < 3.2 you can change the layout of the word file by:
 +
 +1) Downloading the original word file within the generic file based template section and locally change the design to the desired layout
 +2) Deleting the original file name on LUCY by clicking on "X" (e.g. delete "info.doc")
 +3) Uploading the file with the modified file name
 +4) Use the word modified word file in your campaign
 +
 +
 +===== Change the file type (e.g. use an excel instead of word) =====
 +
 +In LUCY < 3.2 you can change the file type by simply copying the macro from the word file to the desired file format (e.g. excel) and upload it back to LUCY as a generic file template.
 +
 +
 +===== Change the file icon =====
 +
 +If you want to change the icon of the executable, you need to manually do that using a free tool (e.g. http://www.angusj.com/resourcehacker/, https://github.com/electron/rcedit/releases, http://winrun4j.sourceforge.net/ etc.). Those tools allow you to download the exe, set a custom icon and then download it back to LUCY. After LUCY 3.8 we will provide the possibility to change the icon within the UI.
 +
 +
 +
 +
 +
 +===== Issues with files that get filtered by AV or any other security software =====
 +
 +Our malware simulations are non malicious and are intended only for educational use. We can ensure that they are non-persistent (run only in memory) and free of any malicious code. On request we also allow clients to access the source code for each malware simulation. Still we noticed in the past that AV vendors or content filter added virus signatures for certain file based simulations from LUCY. We are working together with those vendors to remove them from their signature lists. But we cannot guarantee that we cover all products. Therefore we kindly ask our clients to report us if our malware simulations are getting filtered (send us a mail with the vendors signature ID to info@lucysecurity.com). 
  
set_a_password_for_the_archive_in_file_based_attacks_or_change_the_file_name.txt · Last modified: 2019/07/25 12:49 by 127.0.0.1