Statistic Collection

[Timtempor]

Hi all,

My company used to use Phishing frenzy every month to keep people aware. The company split and the team that ran PF went with the other part of the company. I have been tasked with getting a new PF instance up and running.

So far I have everything working except I can't get the stats collection to work. This isn't really my area so I don't know where to begin here. The only troubleshooting I've done so far is a couple of things listed on the website.

When I tried the first link it says no uid found and nothing changes. However the 2nd link outputs start, uid check, length 1, over 1, and that updates the email opened and link clicked events to true.

So that's where I'm at right now? What should my next steps be? and what info do you need from me?

[zeknox]

Sounds like you have been following the troubleshooting guide a bit that is located here: https://www.phishingfrenzy.com/resources/troubleshooting

Sounds like you have been able to manually invoke a click event using the API, but the actual phishing pages are not working properly? If that is the case I would guess that you have an issue in your Global Settings > Application Site URL and make sure that the URL in this field is identical to what you use to login to the PF UI.

If you already have active sites, you will need to inactivate them, re-activate them so the new PHP tags are added to the phishing sites with proper Application Site URL which is used as a callback server to track events like clicks.

[Timtempor]

OK as far as I can tell they are identical.. but like I said I don't really know what I'm doing. Here is a screenshot of my apachectl -s which I have seen others post.

and here is my global settings page

Also, if it makes a difference I'm using docker and followed the tutorial posted by James Cook

[zeknox]

The problem is likely because phishingfrenzy.local is not a resolvable domain by the Phishing Frenzy server, therefor it wouldn't be able to send click events to the REST API.

[Timtempor]

Any tips on how to test/troubleshoot for this? I can access phishingfrenzy.local on the machine that is hosting pf

[zeknox]

Yeah, tail the logs while you make a click event to see what is happening behind the scenes. Logs for PF will be located at /var/www/phishing-frenzy/logs/[development.log||production.log]

[Timtempor]

Ok, this is a little harder because I'm running this in docker so file locations are different and a little confusing. I think I found what I'm looking for though. These are the logs I have, in the access log it updates every time I access the website from any machine, as it should. What should I be looking for in the dev log? Its massive by the way, takes a long time to be able to get to the bottom of it.

[Timtempor]

Also I should say that I have opened the emails on different machines, including the machine that is hosting PF. and to give a little network context, This is hosted on a VM on a laptop since I'm just testing currently. It isn't accessible on the network unless you change a machines host file as DNS doesn't know of the domains

[Timtempor]

Nevermind I found the issue. I forgot to redo some commands when I restarted docker. Got it working now.

Thanks for your help