Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Run: power-cycle the Flytrap at times just past various multiples of
MM_INITIAL_BEACON_ONTIME_UPDATE_PERIOD_SEC.
Pass/Fail: the test passes if the value of the device ontime (NVRAM variable
"ots") is not reset (that is, it remains monotonically increasing) after the power-
cycle events.
4.2 Flytrap Features
This section describes tests related to the various Flytrap features, which are
enumerated in the Cherry Blossom User’s Manual.
Hardware/Software Required:
• Flytrap
• Client Computer with: America Online Instant Messaging (AIM) client
software, MSN Messenger client software, Yahoo Messenger, GoogleTalk
client software
• Second Client Computer with Wireshark
• Zakura server running latest release of Cherry Blossom backend software
• Proxy server running squid (for HTTP Proxy/Proxy All Tests only) and Apache
web server (for Port/Protocol Scanning Test only)
• True hub (for Encrypted Comm Test)
• Ethernet cable(s)
Initial Setup:
• Connect the Flytrap to the internet
• Connect the Client Computer (either via wire or wirelessly) to the Flytrap. If
using wireless, be sure to secure the Flytrap. Enable WPA (or WEP if that is
all the device supports). If possible, remove the antenna(s) from the Flytrap.
Verify connection via ping, telnet, and opening a browser to an internet site
(e.g., slashdot.org).
• Connect the Second Client Computer to the Flytrap and verify internet
connection.
4.2.1 Email/Chat Target Detection/Alerting Test
Description: Tests detection and timely alerting of email and chat Targets.
UNCLASSIFIED
22