Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 

Home / Attack Strategies / Con�gure / Information Gathering Tools / Canarytokens -- Danger For Attackers
FOLLOW BY EMAIL

Enter your email address to subscribe to this blog

Canarytokens -- Danger For and receive noti�cations of new posts by email.

Email address...
Attackers SUBMIT
 Attack Strategies, Con�gure, Information Gathering Tools

Canarytokens are one type of customisable unique links that someone click or access this
links we can get many information of target like the IP, location, browser, target is using tor or CATEGORIES
not and many more information.
Attack Strategies Con�gure
The main use of canarytokens is track malicious activity on our own network, application, web
server and start an alert. Custom Tools For Kali Linux

Information Gathering Tools

Now these days cyber crimes are increasing day by day and new vulnerabilities and bugs in
software is founding every single day. This is very challenging job to save our application or Metasploit Tutorial Nmap Tutorials

website from cyber criminals, here canarytokens can help. Obviously this can't save us, but it
Password Attacks
can alert us on suspicious activities on our system.

POPULAR POSTS

Modlishka -- Advanced
Phishing | Bypass Two Factor
Authentication

Trape -- People Tracker On

Internet

Shellphish -- Simple Phishing

Image Copyright : stationx.net Toolkit | Phishing Page Creator

Previously we have covered about Honeypots. Honeypots are used to trap the attackers.
Canarytokens are also one type of honeypots, with the help of canarytokens we can set
trigger on our system networks website, application. Whenever someone trying to do
anything wrong canarytokens can send send noti�cations to us.

Let's start some practical of canarytokens. First we see how we can �nd someones
information with canarytokens. To start this we open this link on browser
https://canarytokens.org/generate

The screenshot is following :

RECENT POSTS

CCM
MSSeeeeKK ---- DDeetteecctt CCM
MSS aanndd EExxppllooiittaattiioonn SSuuiitt
CMS stands for Content Management System. Using
CMS people can create...
Aug 06 2019 | Read more

KKaallii LLiinnuuxx EEaassyy IInnssttaallllaattiioonn oonn AAnnyy AAnnddrrooiidd

SSmmaarrttpphhoonnee
In some condition, in the way of pentest, a client may
ask us to do a...
Aug 05 2019 | Read more

CCtt--EExxppoosseerr ---- FFiinndd HHiiddddeenn aanndd IInntteerrnnaall SSuubb--

DDoommaaiinnss
After clicking "Select your token" we got following screen:
A company or organization may have some hidden sub-
domains not listed...
Jul 27 2019 | Read more

UUsseerrrreeccoonn ---- FFiinndd SSoocciiaall M

Meeddiiaa AAccccoouunnttss
Now days Social media is getting very popular. Their
are lots of...
Jul 24 2019 | Read more

EEtttteerrccaapp ---- DDNNSS SSppoooo��nngg iinn KKaallii LLiinnuuxx

Today we gonna learn DNS spoo�ng in our Kali Linux
system with the...
Jul 22 2019 | Read more


Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 

Here we can see we can generate canarytokens for different type of works like :

 Web-bug / URL token (Alert when URL is visited)

 DNS token (Alert when a hostname is required)
 Unique email address token (Alert when an email is send to a unique address)
 Custom Image Web bug token (Alert when an image you uploaded is visited)
 Microsoft Word Document token (Get alerted when a document is opened is Microsoft Word)
 Acrobat Reader PDF Document token (Get alerted when a PDF document is opened in Acrobat
Reader)

 Windows Folder token (Be noti�ed when a windows folder is browsed in Windows explorer)
 Custom exe / binary token (Get noti�ed when an EXE or DDL is executed)
 Cloned website token (Get an alert when your website is cloned)
 SQL Server token (Get noti�ed when MS SQL server databases is accessed)
 QR Code token (Generate QR Code for physical token)
 SVN token (Alert when someone checks out an SVN repository)
 AWS keys token (Alert when AWS key is used)
 Fast Redirect token (Alert when url is visited. User is redirected)
 Slow Redirect token (Alert when url is visited. User is redirected, grab more information)
Here we choose web-bug or url token, then we need to type our e-mail address for alert
noti�cation. Then we need to put a note that when the alert comes we can identify from
which tokens alert comes. This note is totally depends on us that what note we typed here.

Now we click on "Create my Canarytoken", see the screenshot:

After clicking on create canarytokens we can see our canarytokens for web-bug is ready. See
in the following screenshot:

Now we can copy and send this link to victim. Here is some idea about how to send this link.
Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 

 We also can set this link on any web page image with <img src=""> , we need to
make sure that the image must be attractive so victim will click on it.
 We can use social engineering to track someone by sending this link.
When our target clicks on this link we will get various information. I have clicked on my own
link and for checking the information we are going "Manage this token" as shown in the
following screenshot:

Check the next screenshot that we have successfully triggered our token, and we can now
check the history.

Now we got many information on target here we got

 Targets IP.
 Location of ISP.
 Target is using tor or not.
 User agent information.
 Browser have enabled java script or not.
 Platform and Operating System.
Check the following screenshot:

We also get same information on our provided email address.


So, we have successfully created and triggered our url canarytoken. Even we choose Microsoft
word document , then we got Microsoft word �le to download. After Downloading we can
give the �le a juicy name and send this word �le by email or any other way or we can save it in
Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 

Same we can choose windows folder token, here we got a zip �le and we need to extract the
folder and rename with a spicy name, whenever someone opens our this folder in windows
explorer canary token will triggered and we got all the information. So this is the way to use
Canarytokens.

If it happens with us means someone send us canarytokens link then how save our identity
and privacy.

If someone sen the direct link like

Here clearly seen that it is a canarytoken link but when someone use url shortner to short the
link then before clicking the link we can expand the link with the help of some online services
like :

 http://checkshorturl.com/
 https://www.expandurl.net/
 www.getlinkinfo.com/
And there is a tool on Github that detects canarytoken link on Microsoft of�ce document. We
can clone this tool by applying following command:

git clone https://github�com/techchipnet/CanaryTokensDetector

 The screenshot is following :

 Then we go to the cloned folder and we also need to copy the Microsoft Word document into
the same directory.
And give the �le execute permission using the following command:

chmod +x canarytokendetector�sh

Then we can run the script by using following command :

�/canarytokendetector�sh

 The screenshot is following :

And then we type the name of the Microsoft Word �le and hit Enter.


 Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 

We can clearly see in the above screenshot the our this �le is contains Canarytoken link.

This is how we can be safe from this type of links. Share this tutorial on social media to save
the privacy of your friends. And tell us in comment how you are gonna use this Canarytokens
?

SHARE THIS:  Facebook  Twitter  Google+  Pinterest  Linkedin

YOU MAY ALSO LIKE

CMSeeK -- Detect CMS and Ct-Exposer -- Find Hidden Userrecon -- Find Social
Exploitation Suit and Internal Sub-Domains Media Accounts

PREVIOUS NEXT
Set Up Honeypot in Kali Linux | Trap For Hackers Facebook Account Hacking -- The Truth in Details

POST COMMENT BLOGG ER D ISQUS FACEBOOK

1 Comment:

Unknown May 31, 2019 at 11:11 PM

Awasome
Reply

RANDOM POSTS TAGS FEATURED POST

Shellphish -- Simple
Phishing Toolkit | Phishing
Page Creator
Attack Strategies Con�gure Kali Linux For Con�guring In Windows
Custom Tools For Kali Linux Kali Linux For Windows Kali Linux is the upgraded
version of BackTrack Linux. It was �rst raised in
Information Gathering Tools
2012 with a total new architecture....

Modlishka -- Advanced Metasploit Tutorial Nmap Tutorials 

Phishing | Bypass Two
Password Attacks
Home Con�gure Information Gathering Attack Strategies Password Attacks Metasploit Nmap Custom Tools 