Table of Contents
Lucy comes with various log files that can be accessed through the web gui. Here are a few examples:
System Logs (Apache Error Log, Apache Access Log & Postfix Mail Log)
Application Logs (Lucy specific logs)
Within the send log function (admin/help/logs) you have a download button that allows you to download all LUCY related log files.
- Lucy Core Application Logs
- BeEf Status & Error Logs
- Console Logs
- Rescue System & Worker Logs
- Scheduler Logs
- System Monitoring Logs
Campaign Logs
Within the campaign you can use the dashboard with its campaign monitoring to track all activities or use the reporting to export the campaign data. Other than that you have as well some campaign specific error logs you can access:
- Message log: contains all messages that have been successfully transmitted by LUCY
- Error log: contains all errors related to the campaign specific message transmission
Status logs
Under /admin/help/status LUCY keeps track of all user activities. You can filter for a specific date range. Each activity has a link. Details are visible when you click on the link. Example:
Mail communication logs when using external mail server (mail relay)
Communication with an external mail server is logged to the /opt/phishing/runtime/resque_worker.log. If there were any errors, they are displayed in more or less details.
Example 1 of communication error:
[notice] [11:55:05 2019-06-27] (Job{worker} | ID: 6064cd8dsdsd396d5b84c3e21d | AwarenessCampaignMailJob | [{"campaign":154,"id":"phish.campaign.154.awareness"}]) has finished
Failed to connect to ssl:clientserver.mail.protection.outlook.com:587 [SMTP: Failed to connect socket: Connection timed out (code: -1, response: )] #0 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(294): MailManager::send('test@phishing.s…', Array, 'phish:9300', Object(CampaignAwareness)) #1 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(881): ScenarioChecksJob→_mailCheck(Object(CampaignScenarioCheck)) #2 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(906): ScenarioChecksJob→_runCheck('mail_check') Failed to connect to ssl:smtp.server.mail.protection.outlook.com:587 [SMTP: Failed to connect socket: php_network_getaddresses: getaddrinfo failed: Name or service not known (code: -1, response: )] #0 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(294): MailManager::send('test@phishing.s…', Array, 'phish:8153', Object(CampaignAwareness)) #1 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(881): ScenarioChecksJob→_mailCheck(Object(CampaignScenarioCheck)) #2 /opt/phishing/versions/4.5/web/protected/jobs/ScenarioChecksJob.php(906): ScenarioChecksJob→_runCheck('mail_check')
Example 2:
[notice] [14:24:29 2019-06-18] Starting work on (Job{worker} | ID: ca6254f0362b003ad8b63a6b3c3159d1 | PostfixJob | [{"campaign":114,"id":"phish.smtp.postfix"}]) [notice] [14:24:31 2019-06-18] (Job{worker} | ID: ca6254f0362b003ad8b63a6b3c3159d1 | PostfixJob | [{"campaign":114,"id":"phish.smtp.postfix"}]) has finished [notice] [14:24:31 2019-06-18] Starting work on (Job{worker} | ID: 26425557e3b7b740a1476276a1854e34 | AwarenessCampaignMailJob | [{"campaign":114,"id":"phish.campaign.114.awareness"}]) PHP Error[8]: Undefined variable: php_errormsg in file /usr/share/php/Net/Socket.php at line 196 #0 /usr/share/php/Net/SMTP.php(440): Net_Socket→connect() #1 /usr/share/php/Mail/smtp.php(385): Net_SMTP→connect() #2 /usr/share/php/Mail/smtp.php(271): Mail_smtp→getSMTPObject() #3 /usr/share/php/Mail/smtp.php(258): Mail_smtp→send_or_fail() #4 /opt/phishing/versions/4.5/web/protected/components/MailManager.php(131): Mail_smtp→send() #5 /opt/phishing/versions/4.5/web/protected/components/CampaignAwarenessManager.php(748): send() #6 /opt/phishing/versions/4.5/web/protected/components/CampaignAwarenessManager.php(777): CampaignAwarenessManager→_prepareAndSendEmail() #7 /opt/phishing/versions/4.5/web/protected/jobs/AwarenessCampaignMailJob.php(90): CampaignAwarenessManager→sendAwarenessEmail() #8 /opt/phishing/versions/4.5/web/protected/vendor/chrisboulton/php-resque/lib/Resque/Job.php(198): AwarenessCampaignMailJob→perform() #9 /opt/phishing/versions/4.5/web/protected/vendor/chrisboulton/php-resque/lib/Resque/Worker.php(243): Resque_Job→perform() #10 /opt/phishing/versions/4.5/web/protected/vendor/chrisboulton/php-resque/lib/Resque/Worker.php(205): Resque_Worker→perform() #11 /opt/phishing/versions/4.5/web/protected/vendor/bin/resque(127): Resque_Worker→work() #12 /opt/phishing/versions/4.5/web/protected/commands/ResqueCommand.php(28): include() #13 /opt/phishing/versions/4.5/web/protected/components/ConsoleCommand.php(93): ResqueCommand→runUnlocked() #14 /opt/phishing/versions/4.5/web/protected/framework/console/CConsoleCommandRunner.php(71): ResqueCommand→run() #15 /opt/phishing/versions/4.5/web/protected/framework/console/CConsoleApplication.php(92): CConsoleCommandRunner→run() #16 /opt/phishing/versions/4.5/web/protected/framework/base/CApplication.php(180): CConsoleApplication→processRequest() #17 /opt/phishing/versions/4.5/web/protected/framework/yiic.php(33): CConsoleApplication→run() #18 /opt/phishing/versions/4.5/web/protected/yiic.php(13): require_once() #!/usr/bin/env php
Successfully sent emails are not logged in details, it is a simple "AwarenessCampaignMailJob" record that indicate the email has been successfully sent:
[notice] [14:34:18 2019-06-21] Starting work on (Job{worker} | ID: eed90cc4a2048479e59df3353481041f | AwarenessCampaignMailJob | [{"campaign":151,"id":"phish.campaign.151.awareness"}]) [notice] [14:34:19 2019-06-21] (Job{worker} | ID: eed90cc4a2048479e59df3353481041f | AwarenessCampaignMailJob | [{"campaign":151,"id":"phish.campaign.151.awareness"}]) has finished