Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//20350112
where Target Name is the name of the primitive Target (email address, chat user, or
primitive MAC address) that was detected, Flytrap Location is the Location that has
been entered for the Flytrap (see 9.9), and Flytrap Name is the Name that has been
entered for the Flytrap (see 9.9). If the Flytrap Name has not been set, then Flytrap
Name is the WLAN MAC address of the Flytrap. If the Flytrap Location has not been
set, the ”In Flytrap Location” field is left blank.
(S) To configure Catapult settings, click the “Administer -> Catapult” menu link. Edit the
following fields appropriately:
Alert Forwarding to Catapult Enabled – set to “Yes” to have Cherry Blossom
forward primitive Alert information to Catapult
Catapult Protocol – type of protocol to use to communicate with Catapult (current
method is “HTTP POST FORM”):
o HTTP POST FORM – uses an HTTP POST of a form
Catapult URL – URL to send to (currently set to
https://<Catapult_Server_IP>/owl/alert.php)
If SSL, Verify Host Certificate – currently set to “No”
Email To Address – maps to the RECIPIENT catapult field
(currently set to cbuser@localhost)
Use Authentication – currently set to “No”
o HTTP POST XML – uses an HTTP POST with xml formatted content
Catapult URL – URL to send to (currently set to
https://Catapult_Server_IP/owl/alert.php)
If SSL, Verify Host Certificate – currently set to “No”
Email To Address – maps to the RECIPIENT catapult field
(currently set to cbuser@localhost)
Use Authentication – currently set to “No”
o SMTP XML – uses SMTP message with an xml attachment
Email To Address – set this to the email address that Cherry
Blossom should send the primitive Alert information to
Email From Address – set this to the email address that Cherry
Blossom will indicate the primitive Alert information is from
(typically, the email address domain must match the “Email Server
Host Name” domain)
Email Server Host Name – set this to the Host Name of the Email
Server that will receive/handle the Alert information
Use SSL SMTP – set to “Yes” if the Email Server uses SSL SMTP
Email Server SMTP Port – set this to the SMTP port used by the
Email Server. Typically, this is 25 for (non-SSL) SMTP and 465
for SSL SMTP.
Use Authentication - set this to “Yes” if the SMTP server requires
authentication
Authentication User – if “Use Authentication” is set to “Yes”, this
is the user name used to authenticate with the SMTP server
44
SECRET//20350112

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh