Track a Target Using Canary Token Tracking Links [Tutorial]
HTML-код
- Опубликовано: 24 авг 2024
- How to Use Canary Tracking Token Links to Monitor Targets
Full Tutorial: bit.ly/Ctoken
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
For a hacker interested in phishing, being able to monitor whether the target took the bait is essential. On this episode of Cyber Weapons Lab, we'll show you how to use Canary token links to track how the links are interacted with and from where. You could mask these links using a URL shortener like Bitly or via a document such as a PDF. There are lots of avenues to explore.
Follow Null Byte on:
Twitter: / nullbytewht
Flipboard: flip.it/3.Gf_0
Weekly newsletter: eepurl.com/dE3Ovb
![Search for Vulnerable Devices Around the World with Shodan [Tutorial]](http://i.ytimg.com/vi/oDkg1zz6xlw/mqdefault.jpg)
![Search for Vulnerable Devices Around the World with Shodan [Tutorial]](/img/tr.png)
![Eminem - Somebody Save Me (feat. Jelly Roll) [Official Music Video]](http://i.ytimg.com/vi/Vwa0HenQMi4/mqdefault.jpg)
You should consider doing a video on inspecting links to see if there is anything malicious embedded.
I concur!
Please never change bro, you just don’t know how these videos helped some of us get the knowledge which made us get employed. Thanks man
You are SO UNDERRATED, bro.
no shit
2020-08-14T14:07:25Z
he likes it that way
Good that's why he hasn't been banned lol
Is it cuse eye contact is op
Kudos to you Kody. Whatever they’re paying you, you deserve double.
Null Byte Just wanted to say that all of your videos are very well done! You have an incredible knowledge of cyber operations! I have always been interested in cyber security and am taking some basic computer networking and programming and scripting courses at my university. Anyway, I just wanted to say that I enjoy watching your videos. Thank you for sharing your knowledge!
That’s easy to make, I coded something similar to make a joke on my friends, but instead of being a blank page it redirected to google and my pasarell wasn’t registred on the browser’s history, also I mentioned that in a technicall level with wireshark captures and other tools how it is done to a private course and what information it uses from http headers.
Cool video!
Y3llowl4bs Hackers yeah but if you won’t learn how it works or have that satisfaction that you made it🙄😂
@@Drakkofire made my own text editor and now I want to kill myself
Hi, just wanted to thank , Null Byte for all the great informative tutorials, just tested the pirate box in a raspberrypi 3 on one of your tutorials and it's working fine.
I thought i couldnt do anything in my life no more but i saw your video , thank you btw
Very interesting. Everyday I learn something new instead of watching music videos or movies.
so every web apps that gives previews of links would work ? like Facebook messenger , whatsapp .....
yeah but it will probably give you a location of one of thier proxies
@@arielnaveh507 huh yeah interesting
You can use it to log when they open or refresh the link
Best educational channel. Please create more vids like this. Glad I found this channel.
Got to say, you explain things so well. I really do enjoy watching your videos :-)
I saw that we can edit the name of the word document ... the document is clean .. can we change the content inside?
Great vid Kody ;)
greetings from portugal
is there a way to know if someone tracking you with canary tokens?
I'm wondering how we would modify the response when Skype, Instagram, Messenger, etc request the preview for the website (change it to whatever we want for phishing, etc). Shoot that's some backend server stuff..time to fire up Python
my best teacher ever
what about youtube? My friend youtuber WPEagle having problem with some botnet, as soon as he upload something to the youtube, bot immediately dislikes his videos, is there a way to exfiltrate that bot via canary token API and shut down that DLbotnet?
Interesting video. Great info for finding website vulnerabilities.
what's the reason of blurring the time?
ipod and ipad are read as mac
Great job Kody!
Can we just change the browser resolution to change device info leak, instead of using addon?
is there a way to track someones complete address? not just city or country, but possibly even street name? or at least smaller area? Thank you for the knowledge
Nope
But you can get close, but it's not possible to get the exact location of an IP.
Sir can you make a video about a mobile versions of your tutorials using android applications
Like if he’s the best RUclips teacher
So how is that different from a php code uploaded to a host web ?
Basically the an IP logger but with a fancy name.
* WhatsApp used to show users IP instead of the server's because thumbnail processing is/was (idk if it still) client-side
I get this error "This page didn't load Google Maps correctly. See the JavaScript console for technical details." after clicking History. To get to the JavaScript console in Microsoft Edge, click on the three black dots in the top right hand corner just below the exit button for the web browser, hover your cursor over the "More Tools" option, then click "Developer Tools". There's also keyboard shortcuts if you don't want to take the long way, Microsoft Edges keyboard shortcut is F12 and Google chromes keyboard shortcut is Ctrl+Shift+I.
Awesome tutorial !!
I tied to run it on my iPad and it says that google maps didn’t load correctly. See javaScrip ? Great tool hope you help to solve my problem
I love this channel ! Thank you for the great videos ...it would be really nice if you help us to get the right environment for our system ...( mac off course) I am usually try to follow but quite often unsuccessful because don’t have the right software.... thank you ....
I've been doing this since the early 2000's.
Good for you
Okay! Here is a tiny trumpet just for you.
🎺
I am assuming that is what you were requesting with your comment.
Everything being so easily manipulated via anything with a cpu gives me an ever intensifying paranoia of being watched
I just LOVE your videos. Keep up the super awesome work.
However... Let's say you wanted to track someone you were suspicious of. How could one do this?
I've for example used these kinds of tricks. A website I've used a lot is grabbify which you might be aware of.
But once i might have their IP, it's also possible to geo-locate them to see which country and hopefully city they might be from. IF i want to expand myself even more, how would i do this?
I know like... Talking to someone who might know this person might give off a name and such which will help out with the search, especially as most people seem to have social medias such as facebook, BUT what if you don't have someone close to the person you want to find. How does one search someone up even further? Would be super cool if you know any neat and fun tricks.
Have an awesome day, Null Byte! Your videos actually helps me a lot in school and with my studies (IT-Security and might continue studying towards IT-Forensics)
A canary token is kind of like an IP logger, right?
Respected sir ,
I want to send screen shots of public WiFi Registration page
To use public WiFi we need to authenticate email I'd as well as mobile phone number (Indian) so that they will send us otp .
After verifying we get 100 mb for 30 minutes . After the data has been used we can't use more data.
Is there any way to get data more than the limits (time &data)?
Hope u will give some solution.
Awaiting for your response.
Thankyou
Peace:)
Any more channels like this?
Nb already knew about it brother.....late....i use it daily....
You can also use grabbify which dose the same and you can edit the link to not make it suspicious . However using a VPN will block these types of things
So if the attacker scan the IP adress generated by the VPN to find vulnerabilities on my system I have nothing to worry about ? Because it dosn't dislpay my real IP adress am i right ?
Jordan correct but a skilled hacker can reverse engineer the VPN IP adress but unless its a script kitty or somone who knows nothing then there's nothing to worry about
@@jonathanvelazquez7176 how do you reverse engineer proxy like VPN? I believe its not really possible unless you are somewhere inside server
What information can this provide that standard web logs can't?
I am from indonesia . I like your videos.. all you videoss😊
Is this exact GPS location?
There should be a chrome exstension which blocks you from visiting ip loggers.
Thanks, Great tutorials!
hello
can you make a video about fixing the apt-get on kali 2018.4
Can you still be tracked if you used ip address change or location changer
'known tor exit node'
so, i'm guessing that if we can keep cycling the tor circuits , when we find not-known and are using tor we may have a rogue tor exit node? just an outside the box idea :)
Excellent video! Question: Will this work if it is no longer in the view of the user opening the chat? Ex. It is an older message in the chat so the user doesn't technically view the link but it's still in the chat
This was awesome!!!
Great video bro.
It doesnt give the ip ?
I am not able to see the incident map on canary tokens please help.
You are the best, keep going
it works
wait what do i have to write in the gmail thing ?
my email bc i wont
I can't see the map, why?
Mee tooo
I dont get the map when looking at the alert any suggestions?
What is the name of the user agent that you use? Awesome channel!
Chrome
If you paste the link in FB Messenger you will also see how many different bots click on the link and 1 "Non-Bot" to make a preview
Looks like Slack is making a request to retrieve the content-length header.
My friend 🙋♂️
I bet 10 bill nobody can beat you in a staring contest
where do i signup on there site im trying to login but dont have an account?
I want to know. How this tool work how its capable of doing this
Where i should look ??
The webpage code inside the link you create, if you mean Canary tokens tool :)
I mean to try write the code my self or at least read it may be its on githube
@@TOn-fx2gr I think there was a post on this how to do it on the website - wonderhowto.com
If you have your own server just create a link to your server and then use PHP to look at the user agent string and other $_SERVER vars whenever someone visits the link you created.
well, pdf, word and folder browsing ones don't work for me, maybe i have to wait half an hour? let's see...
i liked before i watch :)
I would love a video on how to back up or clone your kali linux install so you can move it to another computer without going through the hassle of reinstalling EVERYTHING. please and thank you.
Good idea Jason Malone, I've added it to the list of video ideas.
Hello again friend as always tugh stuff u shoot that from the hip bro
ins this token works in facebook messanger to send it and tack him him without clicking on it?
When he says track dose he mean location or cyber activity
Oh nvm both
Gps locaton is not accurate, it shows 1000km difference
its not gps its ip and true ipv6 is a location tracking downgrade from ipv4
why am i not getting the map......someone plss help mee😭😭
Mine don't give me accurate resultant
Am using Firefox
So how do we take it down....
yo i need help i clicked a discord link for nitro and my friend saying it’s probably a token logger but i don’t know what to do in scared i did it on my phone idk what to do
sir i tried this but google map is not loading what can i do
Bro please help me......I want to learn python for ethical hacking and tool making......Is they any video or books u know about....then pls reply
Just stumbled upon Canary Tokens today and tested it out. I have a question though. When the link is clicked, it shows my public PAT IP. Does anyone know how to set this up so it will report on the internal IP, assuming someone on my network is accessing the file?
I don't know how to set that up. You might also want to checkout Grabify: nulb.app/x4jjq
What if I share it on WhatsApp , and your videos are the best!
Its owned by Facebook. That should answer your question
So this just shows local city or town not gps location of phone.
he got my adrease
Sweet Video Bro :D Give Tut on how to create an image of this canarytokens pls :3
NVM i will find out myself xD
faaaa que rico tip! el servicio VPN tiene servidor uruguayo?
it is work with me but i can't see the map !!
If i use vpn!can it track my location & ip also???
Facts
Very useful)) thanks 👍
Good amico mio
yo so does anyone have a idea of how to trace someone’s exact location over snap chat or just how I can get info on them
bro doxxed himself
Bro can you do tuturials in UserLAnd -Kali linux? I'm a newbie pls
Hii Bro....
Make a video on how to be fully anonymous on internet please
Don't think its possible. You can be 99.99% but never fully anonymous in my opinion . There's always a risk to get caught
@@adnjordan So what max we can do from our side to do so
@@vinayk3839 well, linux things like anonsurf, proxychains should be the absolute best one can do. Then vpn is very helpful if you are torrenting, and tor + duckduckgo.com is a good, free combination if you want to find something without your isp knowing. and never use Tor to download torrents
it tracks the location of the service provider not you. But anyway, at least it get the right country and city
I'm not getting map there
How can I get an exact address?
Great vid!
VPN provider?
www.mullvad.net/
Mixed with grabify.
thanks bro :D
Hlo sir,
It shows victims public ip.... If we want private ip of victim then what we have to do??
Reply pls sir...
I don't quite understand the question. By private IP you mean the local IP? You would need to gain access through the public IP to the network then scan the local network.
@@NullByteWHT sir my question is... It is possible to grab the local ip address of any victim..
do a video on how to get into CCTV cameras please
Most cameras use http to transmit the requests so use a man in the middle attack to capture the frames of the feed