Network Communication

LUCY may initiate or require certain communication channels to servers on the internet. Below is an overview of these requirements.

Outbound Communication

General Communication Types

1. First-Time Use: During the first installation, LUCY connects via HTTP to obtain the workstation key and ID. No data beyond the current build version is transmitted.

2. Updates: LUCY connects to our update server and Ubuntu repository mirror.

3. SSH: When SSH is enabled via the Help menu, LUCY initiates an outbound SSH connection to our SSH Jump Host. This feature is disabled by default.

4. Campaign Checks: LUCY connects to fixed servers to test campaign settings and internet reachability via HTTP/HTTPS. No data is transmitted during these tests.

5. Campaign Execution: LUCY may communicate via SMTP (Port 25 or 465) when sending emails over the internet.

6. Vulnerability Detection: To enable this feature, allow Port 80 access to static.nvd.nist.gov (129.6.13.177) for downloading the NIST CVE database.

Outbound Ports & IPs

Inbound Communication

To access LUCY from the internet, specific ports must be open:

Malware Simulation Communication

The malware simulation tool uses the default browser (in hidden mode) to send collected data to LUCY via HTTP or HTTPS. For SSL-enabled campaigns, HTTPS is used automatically. The tool is compatible with environments requiring proxy authentication for internet access.