Social Engineering : USB Key Campaigns : Executables : Generating an Executable File

Generating an Executable File
1.)
From within a project, select Campaigns from the Tasks bar. The Manage Campaigns page appears.
2.)
Click the New Campaign button.
3.)
4.)
Select the Custom setup.
5.)
Click the Add e-mail, web page, portable file button. A set of buttons for campaign components appears.
6.)
Click the Portable File button.
7.)
In the Component name field, enter a unique name for the portable file component. This name displays under the portable file icon on the campaign configuration page.
8.)
In the Generated file name field, enter a name for the executable file. This is the file name that the human target sees when they look at the contents of the USB drive. You want to give the file a name that entices the user to click on it. For example, a name like “Payroll” or “Company Bonuses” may work well.
9.)
Select the Payload type for the executable file.
10.)
Verify that Executable file is selected as the File generation type.
11.)
12.)
When the Configure a Campaign area reappears, you will see a Download link located beneath the USB Key icon. Click the Download link and save the executable file to a location on your local machine. The Desktop or Downloads folder is a good location.
13.)
Click the Launch Campaign button to start the campaign. The campaign must be online in order for you to get a session on the human target’s system.
14.)
The USB key is now ready for you to drop off. You should select an area that has high traffic volume or a location where people are more likely to set things down and forget them, such as bathrooms, copy rooms, and break rooms. This increases the chances of someone finding the USB key and installing it on their system. If you are able to successfully create a backdoor on the victim’s machine, you can use it to pivot to other machines on the network and collect information from the victim.