User Tools

Site Tools


Sidebar

LUCY MANUAL Applies to LUCY versions above 2.2.

domain_configuration

Introduction

LUCY works with virtualized servers. That’s why you can run multiple campaigns with different domain names in parallel on the same IP. There is no limitations on the number of domains you can map to LUCY. When you buy our VPS option you already have 1 domain included. You can add more domains to the VPS yourself using the registration wizard in LUCY or ask us configuring this for you. Depending on the license model you will already have credits within your installation which you can use to reserve new domains. The prices vary between 0.15 cent per domain (e.g. .xyz or .online) to 15 USD per domain (e.g. TLD like .com).

If you define a domain in LUCY's web GUI, it can only be used for the phishing campaign – not the Admin access. By default the administrative access works only with an IP address; however LUCY’s administrative access can still be reached using a domain name in the browser. This works only if you have defined Domain Name in the Initial Setup Script. Please note that this can be done only if you choose the Manual Setup instead of the Automatic Setup.

DNS Records for the admin interface

In order to reach the admin interface with your custom domain you need to configure this domain within the Linux setup script. Choose the domain configuration and enter the FQDN of your server in there:

10.jpg

LUCY will generate the according certificate for that domain and you will be able to access LUCY using this domain name. If you want to create a trusted certificate for this domain you can go to the ssl settings menu and choose “Lets Encrypt” which will automatically display the domain name created in the setup script. The field is always greyed out as it cannot be configured within the web interface:

Access LUCY from remote

The DNS record determines under which name or IP address LUCY can be reached in a campaign from the internet/intranet. If you want remote users to be able to access LUCY with a domain name, you need to define a DNS entry. You have four options:

  • Use the Public IP from LUCY
  • Use the Private IP from LUCY
  • Use a Public Domain for LUCY
  • Use a Dynamic Domain for LUCY

Use the Public IP from LUCY

You can select this option if LUCY is located on a server on the internet that can be reached with a fixed public IP address.

25.jpg

Use the Private IP from LUCY

If LUCY is located on a private network, you have to select the option “Custom Domain” and enter the private IP address which you see in the browser into the proper field. Using Port Forwarding on your firewall you still might be able to make LUCY accessible from the internet.

26.jpg

Use a Dynamic Domain for LUCY

This option allows you to run LUCY in a private network (e.g. on your laptop) and make it accessible from the internet (assuming your firewall allows port forwarding rules for a specific host). Service like DynDNS will allow you to run LUCY on a private IP behind a NAT Device. The Dynamic DNS account information can be saved in Settings/DynamicDNS.

First define the Dynamic Domain in “Settings/Domain” and mark the domain as “Dynamic”. 29.jpg

After selecting your Dynamic DNS service you can save your authentication details and the domain will become available in the Base Settings of the campaign.

30.jpg

Use a Public Domain for LUCY

  1. Option 1: You don't have a domain yet: If you don't have a domain registered yet, you can use the integrated LUCY Domain Registration Wizard. This feature is only available for commercial licenses, allowing you to reserve all the available domain names for an affordable price. Commercial clients have a built in budget for using the domain API and are also able to later add credits for the domain reservation.
  2. Option 2: You already have a domain: In order to use a Public Domain you need to add the domain in the settings menu “Domain Settings”. The domain has to be saved without the subdomain (correct domain: “example.com” | wrong domain: “www.example.com”). The subdomain can be defined in the campaign at a later stage.

Note: If you defined a domain within the Settings like example.com, you can select it in the drop down menu “Domain”. Once you have selected the domain, another drop down menu appears where you can add the subdomain like “www”.

If you configure as a domain “example.com” the phishing campaign will be only reachable via: http(s):example.com but not http(s):www.example.com-

Configuring Sub Domains (A-records)

LUCY allows you to allocate specific subdomains for a given Domain Name. Let's assume you have registered the domain “example.com” and want traffic only for the A-Record “phishing” to be redirected to LUCY. You need to first enter the Domain Name “example.com” in the Domain Settings (create a new record called “example.com” without the subdomain).

The subdomain can be later defined in the specific campaign (see screenshot) under General Settings.

Please note: you can host campaigns with multiple subdomains using the same domain name in different campaigns within LUCY (e.g. domain1.example.com & domain2.example.com). In order to map multiple a-records to LUCY you need to create the according DNS record (usually providers offer you to save a wildcard DNS A-record like *.yourdomain.com which allows you to use any subdomain you want). If you registered the domain through LUCY's API, then we have automatically created such a wildcard subdomain record for you and it will work immediately.

Register a New Domain through LUCY

Introduction: LUCY offers a Domain Registration Wizard (either within a campaign or by accessing the DNS settings). Most commercial licenses come with a 20 $ deposit which usually will allow you to reserve 1-3 domains. You can see your current balance within the license (under settings/license).

How to reserve your domain You can look for specific domain names and buy them using the Domain Wizard. LUCY will automatically create a DNS record for your domain and register LUCY's Public IP for the domain. We also automatically reserve a wildcard domain. So if you would reserve a domain like “webmailaccess24.com” we would make sure that all subdomains (like access.webmailaccess24.com, test.webmailaccess24.com, www.webmailaccess24.com etc.) also point to LUCY. Make sure you leave a valid e-mail address within the domain reservation form. Our provider will send you a confirmation mail to the registered address. If you don't confirm that e-mail within 14 days the domain will become inactive.

Can all domains be reserved through LUCY? No. Some domains, especially those with a country code (like .us, .fr etc) require additional information (e.g. proof of residence) which cannot be provided through the API. Domain names that contain typosquatted versions known brands (like dropbox, amazon etc.) will also cause problem as those brands are actively monitored.

How long does it take before the domain can be used in a campaign? When you make a DNS change, it takes time for the changes to take effect. This is called DNS propagation. It is the time it takes for the domain DNS to refresh the cache on the network. DNS will refresh according to the “TTL” or “Time To Live”. When the DNS refreshes according to its TTL. When you create new DNS records i, it can take up to 48 hours for those updates to propagate throughout the Internet.

Will my registration information be available to anyone in the internet? Your info from the registration form will not appear within the WHOIS database as we automatically add the WHOIS protection package to your order (free of charge).

How can the domains be renewed? You will get a notification on the LUCY dashboard before a domain expires. Additionally, our provider will send you an expiry notification. If you want to renew the domain you can drop us an email (in LUCY < 3.9) and we will renew it for you.

Will you be able to manually take control over the DNS settings/administration? No. The API will create all the necessary DNS settings (SPF, wildcard a-record, MX record etc.) so there will be no need to do any DNS settings yourself. But if you still need to take control over the domain purchased through LUCY, you can contact us and we will transfer the ownership.

I see an error message “error creating domain” - what can I do? This error appears if our DNS provider is not accepting the registration. There are many reasons for such an error (temporary network issue on the providers side, the domain requires an additional verification process which cannot be provided via API, the domain syntax is incorrect and cannot be reserved, you dient provide the necessary Information etc.). Try the following steps:

  • You can re-try a few minutes later.
  • Please try again filling out ALL fields in the registration form
  • If it still fails please try to register the domain directly at a provider (e.g. www.namecheap.com) and enter all the necessary registrant information manually.

Which license is required to reserve a domain through LUCY? The domain registration feature is only available for commercial clients (clients who bought a variable or fixed priced license).

Note: you can always create an e-mail forwarding account. Lets assume you reserved the domain example.com. You can create here a e-mail forwarding service for one mail account (e.g. [email protected]) and have our provider forward all answers to that mail account to a specific address (e.g. [email protected]).

Register a New Domain through your provider

You can register the desired domain with your own provider and point the DNS records to LUCY. You should create the following DNS records (the name of the fields may vary from provider to provider. Please check the online documentation of your provider to learn how to set those DNS records):

  1. Create a wildcard subdomain record: this record will allow you to use any type of subdomain in LUCY (e.g. www.yourdomain.com, test.yourdomain.com, access.yourdomain.com etc.). All subdomains will point to the same IP address. To create a wildcard record click “create new a-record” in your domain administration panel and as a host choose “*” (without the quotes) and as a value use the public IP of LUCY.
  2. Optional: Create an a-record with a host field set to “@” and as a value use your public LUCY IP address.
  3. Optional: create s SPF record. In your domain administration panel click “new TXT record”, then set the host field to “@” and insert the TXT Value field with your SPF record (if your IP is 208.112.99.55 then your SPF could be “v=spf1 mx a ptr ip4:208.112.99.55 ?all”).
  4. Optional: create a MX record by selecting “create custom MX”. As a host you should use “@” and as a value an a-record like “mail.yourdomain.com” (any a-record will work, since you created a wildcard dns record before). If necessary set a priority (e.g. “10”).
domain_configuration.txt · Last modified: 2018/08/30 01:59 by lucy