Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Run:
1. Log onto CherryWeb and navigate to the Catapult configuration page and
make the following changes:
• Alert Forwarding to Catapult Enabled: yes
• Catapult Protocol: HTTP POST form
• Catapult URL: ${TOMCAT_URL}
• Is SLL, Verify Host Cert: No
• Email To Address: cbuser@localhost
• Use Authentication: Yes
• Authentication User: cbuser
• Authentication Password: xxxxxx
2. Click ‘Apply’ to ensure that any changes are saved to the database.
3. From a terminal window, enter the command tail -f ${TOMCAT Log
file}.
4. From the Catapult configuration page, click Send Test Email. This will send a
catapult message.
Pass/Fail: Verify that the information displayed in the terminal window matches what
is expected. This test should be re-run with each of the catapult protocols selected.
5.46 Delete Flytrap from the CherryTree Database
Description: Tests that a particular flytrap (and all associated information) can be
deleted from the CherryTree database.
Setup: Create a flytrap and generate multiple alerts and beacons for it.
Run: Stop the CT services (“~cbuser/bin/disable-server.sh”). Run the
runDeleteFlytrap.sh
(“~cbuser/CherryBlossom/CherryTree/Release/runDeleteFlytrap.sh”) script on the
flytrap. Start the CT services (“~cbuser/bin/enable-server.sh”).
Pass/Fail: The test passes if all information related to the flytrap is no longer in the
database. This includes status and beacon information, as well as alerts and copy
and harvest data.
5.47 Prune Flytrap Security Information
Description: Tests that old security and status updates are pruned from the
database, leaving only the most current value.
UNCLASSIFIED
67