Description: Tokens can be hidden as images on a webpage too.
The token works by uploading an image of your choice (GIFs supported too!) to your console.
The image is then given a reference URL, and you can link to this image on your existing web page.
Once the image will be loaded alongside the page by a browser and you'll get an alert.
Use this to place a tripwire on a landing page after an admin login, and you'll know when someone has logged in.
Note: The image is hosted externally to your web host, and will need to be referenced as a URL in your HTML file.
Follow the steps below to create a web image token.
Step 1:
Log in to your Console.
Step 2:
Click Add a new Canarytoken.
Step 3:
Create a new token by selecting Custom Web Image from the drop-down list.
Step 4:
Modify the reminder text to your desired scenario, upload the image you'd like to tokenize, and click on Create token.
Step 5:
Go ahead and download your token for placement.
Step 6:
Place the token in your HTML.
<!DOCTYPE html>
<html>
<head>
CANARYTOKEN IMAGES IN HTML.
</head>
<body>
<div>
<img src="ENTER LINK TO WEB IMAGE TOKEN HERE" width="256" height="256">
</div>
</body>
Alerts:
An alert is created once the binary has been run.