LUCY works with virtualized servers. That’s why you can run multiple campaigns with different domain names in parallel on the same IP. There is no limitations on the number of domains you can map to LUCY. When you buy our VPS option you already have 1 domain included. You can add more domains to the VPS yourself using the registration wizard in LUCY or ask us configuring this for you. Depending on the license model you will already have credits within your installation which you can use to reserve new domains. The prices vary between 0.15 cent per domain (e.g. .xyz or .online) to 15 USD per domain (e.g. TLD like .com).
If you define a domain in LUCY's web GUI, it can only be used for the phishing campaign – not the Admin access. By default the administrative access works only with an IP address; however LUCY’s administrative access can still be reached using a domain name in the browser. This works only if you have defined Domain Name in the Initial Setup Script. Please note that this can be done only if you choose the Manual Setup instead of the Automatic Setup. It is also only possible to map 1 domain for the administration UI.
In order to reach the admin interface with your custom domain you need to configure this domain within the Linux setup script. Choose the domain configuration and enter the FQDN of your server in there:
LUCY will generate the according certificate for that domain and you will be able to access LUCY using this domain name. If you want to create a trusted certificate for this domain you can go to the ssl settings menu and choose “Lets Encrypt” which will automatically display the domain name created in the setup script. The field is always greyed out as it cannot be configured within the web interface:
The DNS record determines under which name or IP address LUCY can be reached in a campaign from the internet/intranet. If you want remote users to be able to access LUCY with a domain name, you need to define a DNS entry. You have four options:
If LUCY is located on a private network, you have to select the option “Custom Domain” and enter the private IP address which you see in the browser into the proper field. Using Port Forwarding on your firewall you still might be able to make LUCY accessible from the internet.
This option allows you to run LUCY in a private network (e.g. on your laptop) and make it accessible from the internet (assuming your firewall allows port forwarding rules for a specific host). Service like DynDNS will allow you to run LUCY on a private IP behind a NAT Device. The Dynamic DNS account information can be saved in Settings/DynamicDNS.
First define the Dynamic Domain in “Settings/Domain” and mark the domain as “Dynamic”.
After selecting your Dynamic DNS service you can save your authentication details and the domain will become available in the Base Settings of the campaign.
Note: If you defined a domain within the Settings like example.com, you can select it in the drop down menu “Domain”. Once you have selected the domain, another drop down menu appears where you can add the subdomain like “www”.
If you configure as a domain “example.com” the phishing campaign will be only reachable via: http(s):example.com but not http(s):www.example.com-
LUCY allows you to allocate specific subdomains for a given Domain Name. Let's assume you have registered the domain “example.com” and want traffic only for the A-Record “phishing” to be redirected to LUCY. You need to first enter the Domain Name “example.com” in the Domain Settings (create a new record called “example.com” without the subdomain).
The subdomain can be later defined in the specific campaign (see screenshot) under General Settings.
Please note: you can host campaigns with multiple subdomains using the same domain name in different campaigns within LUCY (e.g. domain1.example.com & domain2.example.com). In order to map multiple a-records to LUCY you need to create the according DNS record (usually providers offer you to save a wildcard DNS A-record like *.yourdomain.com which allows you to use any subdomain you want). If you registered the domain through LUCY's API, then we have automatically created such a wildcard subdomain record for you and it will work immediately.
Introduction: LUCY offers a Domain Registration Wizard (either within a campaign or by accessing the DNS settings). Most commercial licenses come with a 20 $ deposit which usually will allow you to reserve 1-3 domains. You can see your current balance within the license (under settings/license).
How to reserve your domain You can look for specific domain names and buy them using the Domain Wizard. LUCY will automatically create a DNS record for your domain and register LUCY's Public IP for the domain. We also automatically reserve a wildcard domain. So if you would reserve a domain like “webmailaccess24.com” we would make sure that all subdomains (like access.webmailaccess24.com, test.webmailaccess24.com, www.webmailaccess24.com etc.) also point to LUCY. Make sure you leave a valid e-mail address within the domain reservation form. Our provider will send you a confirmation mail to the registered address. If you don't confirm that e-mail within 14 days the domain will become inactive.
Can all domains be reserved through LUCY? No. Some domains, especially those with a country code (like .us, .fr etc) require additional information (e.g. proof of residence) which cannot be provided through the API. Domain names that contain typosquatted versions known brands (like dropbox, amazon etc.) will also cause problem as those brands are actively monitored.
How long does it take before the domain can be used in a campaign? When you make a DNS change, it takes time for the changes to take effect. This is called DNS propagation. It is the time it takes for the domain DNS to refresh the cache on the network. DNS will refresh according to the “TTL” or “Time To Live”. When the DNS refreshes according to its TTL. When you create new DNS records i, it can take up to 48 hours for those updates to propagate throughout the Internet.
Will my registration information be available to anyone in the internet? Your info from the registration form will not appear within the WHOIS database as we automatically add the WHOIS protection package to your order (free of charge).
How can the domains be renewed? You will get a notification on the LUCY dashboard before a domain expires. Additionally, our provider will send you an expiry notification. If you want to renew the domain you can drop us an email (in LUCY < 3.9) and we will renew it for you.
Will you be able to manually take control over the DNS settings/administration? No. The API will create all the necessary DNS settings (SPF, wildcard a-record, MX record etc.) so there will be no need to do any DNS settings yourself. But if you still need to take control over the domain purchased through LUCY, you can contact us and we will transfer the ownership.
I see an error message “error creating domain” - what can I do? This error appears if our DNS provider is not accepting the registration. There are many reasons for such an error (temporary network issue on the providers side, the domain requires an additional verification process which cannot be provided via API, the domain syntax is incorrect and cannot be reserved, you dient provide the necessary Information etc.). Try the following steps:
Which license is required to reserve a domain through LUCY? The domain registration feature is only available for commercial clients (clients who bought a variable or fixed priced license).
Note: you can always create an e-mail forwarding account. Lets assume you reserved the domain example.com. You can create here a e-mail forwarding service for one mail account (e.g. [email protected]) and have our provider forward all answers to that mail account to a specific address (e.g. [email protected]).
You can register the desired domain with your own provider and point the DNS records to LUCY. You should create the following DNS records (the name of the fields may vary from provider to provider. Please check the online documentation of your provider to learn how to set those DNS records):