W 30: CanaryTokens (5 pts)

What You Need

Any computer with Web access.

Background

Canary Tokens are email addresses, URLs, and other objects which can be detected when they are used. A defender puts them on servers, among other data that might be stolen.

If they are used, that indicates that someone has stolen that data.

Making a Web Bug

In a browser, go to

http://canarytokens.org/generate

Enter these values, as shown below, replacing YOURNAME with your own name.

Web bug / URL token
An email address you can access
Web bug from YOURNAME

Click the "Create my Canarytoken" button.

On the next page, click the little green icon to copy the token to the Clipboard, as shown below.

Click the "Create my Canarytoken" button.

Testing the Web Bug

Paste the token into a browser and press Enter to visit that URL.

It's just blank page, as shown below.

Read the email address you specified. You get a message titled "Your Canarytoken was Triggered", as shown below.

Flag W 30.1: Message (5 pts)
The flag is covered by a green box in the image below.

References

How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions

Posted 10-2-17