Tracking Image

[ghost]

Hello,

How do I get the tracking image to work? Do I just need to add {{ tracking_dot_image_tag }} to my html file?

[coldfusion39]

Yes, here is an example html email message with the tracking dot image on line 19. If a user receives the phishing email and clicks the "Download External Links" in Microsoft Outlook. At this point the opened timestamp will be set in King Phisher. Fun fact, iOS automatically downloads external images. https://github.com/securestate/king-phisher/blob/master/data/client/king_phisher/email_templates/hr_benefits_update.html#L19

[ghost]

Okay, so it does not track it until the user clicks on "Download External Links" in Microsoft Outlook? I thought that it would begin tracking as soon as the user opens up the email. Good to know. Thank you!

[ghost]

Is there a way to add an image to it? That way the tracking image doesn't show up as a small box in the email? This is okay for easy to detect emails. But if we want to create more difficult to detect emails, having that small box in the email just seems to make the email seem suspicious.

[zeroSteiner]

To answer your first question. The default behavior of King Phisher is to set the Opened field to either when the tracking image is requested (because someone clicked "Download External Links" in MS Outlook) or when the first visit is created. Which ever of those two events happen first is when the Opened field will be set.

The tracking image must be a remote image for the server to be able to determine if the email was opened. If you would like to insert inline images that will appear without being downloaded, you need to be running King Phisher version 0.1.5 or later. This added a feature that lets users right click in the messaged editor and insert an inline image to be sent with the email. Images sent this way will show up regardless of if the user opts to download external content so it makes for a much more realistic message.

If you're concerned with what the tracking image looks like before it is downloaded, we usually put it at the very bottom of the message after numerous blank lines so the user must scroll to see it.

[ghost]

That image feature is sweet. I was originally using image tags but the image wouldn't load every time on certain machines.

For the tracking image, how do I configure this? I am assuming that it might need to be configured within the server.config file?

[zeroSteiner]

Nope, no configuration necessary. The default server configuration sets the tracking image to email_logo_banner.gif. Everything for the tracking image should work out of the box so long as the {{ tracking_dot_image_tag }} is correctly used in the HTML of the email.

[ghost]

Here is what I have:

Hello {{ client.first_name }} {{ client.last_name }},<br />
<br />

This is to remind that a new version of Adobe Reader with enhanced features for viewing, 
creating, editing, printing and internet-sharing PDF documents has been released.
To upgrade your application click here: <br/>
<br/>

To view and enroll in the new benefits packages use the following link:<br />
<a href="{{ url.webserver }}">{{ client.company_name }} Adobe Upgrade</a><br />
<br />

If you do not wish to enroll at this time use this link:<br />
<a href="{{ url.webserver }}">{{ client.company_name }} Adobe Upgrade</a><br />
<br />

Remember, you must select an option today!<br />
<br />

{{ tracking_dot_image_tag }}

[zeroSteiner]

Blank lines are not used in HTML you need to do something like:

<html>
<body>
    Hello {{ client.first_name }} {{ client.last_name }},<br />
    <br />
    This is to remind that a new version of Adobe Reader with enhanced features for viewing, 
    creating, editing, printing and internet-sharing PDF documents has been released.
    To upgrade your application click here: <br/>
    <br/>
    To view and enroll in the new benefits packages use the following link:<br />
    <a href="{{ url.webserver }}">{{ client.company_name }} Adobe Upgrade</a><br />
    <br />
    If you do not wish to enroll at this time use this link:<br />
    <a href="{{ url.webserver }}">{{ client.company_name }} Adobe Upgrade</a><br />
    <br />
    Remember, you must select an option today!<br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    {{ tracking_dot_image_tag }}
</body>
</html>

[ghost]

Alright, let me try without the blank lines.

[ghost]

hmmm...

Well the email content and everything works perfect other than the tracking image reporting feature. The little tracking image does show up in the email, it just isn't reporting it. The only thing that seems to be reporting are the emails that were sent. We are going to troubleshoot on our end.

[knc331]

I am also facing the same issue. The only thing that seems to be reporting are the emails that were sent. Check my HTML code below.

<html>
<a href="{{ url.webserver }}">
{{ inline_image('/root/Desktop/PhisihngMessage.png') }}

</a>

<br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    <br />
    {{ tracking_dot_image_tag }}
</body>
</html>

[wolfthefallen]

The tracking dot will only work if you have a valid Web Server URL that points to your King Phisher Server. Make sure your Web Server URL is correct and your url.webserver link is working correctly and taking you to your landing page, and also being tracked by King Phisher.

[zeroSteiner]

@knc331 If you still have questions, please open a new ticket.

[knc331]

Can you please help me with the point highlighted by you "The tracking dot will only work if you have a valid Web Server URL that points to your King Phisher Server". Please share some links on that if any.

[knc331]

I need to run the apache server and as well to host the website or if i point the webroot to /var/www will be suffice ? Still tracking thing is not working on my system. Website and the KingPhisher server on the same machine. Please help.

[ogpadre]

I need to run the apache server and as well to host the website or if i point the webroot to /var/www will be suffice ? Still tracking thing is not working on my system. Website and the KingPhisher server on the same machine. Please help.

I have the same question
Can you help me with this?

[ogpadre]

@knc331 @wolfthefallen
Can you please help me to make the tracking dot working step by step?

[wolfthefallen]

@ogpadre KingPhisherServer is its own Web Server. if you are running apache, ngix or another webserver you will not be able to gather any information to track. You need to utilize KingPhishers webserver to track images, clicks, landings, username/password entries etc.

Please Visit the wiki and watch the How To Vidoes for additional information.