Canary tokens and macros disabled in msword and adobe

I tried the Canary token generation tool and what I found was that the latest ms-word and adobe readers disable macros by default which would result in the canary token not activated, so if the hacker would have these versions while accessing my files he wouldn’t activate them.
Any suggestions on what type of tokens one should use in order to maximize chances of activation?

Macros enabled is not always required. It uses a different trick. As stated in the lecture not all OSs and version of Word/Adobe will work. This is because it uses a trick to make the applications do something they shouldn’t really. In the lecture, I explain you should use the web bug URL in a document. These will always work if clicked on.

1 Like