Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
5.41 One Way Transfer (OWT) – Invalid Customer Test
Description: Tests that the One Way Transfer – Invalid Customer Structure works
correctly.
Setup: assumes 5.1
Run: Make up an invalid customer name, run the OWT script and verify that an error
message is output noting that the customer name is invalid and that the output files
produced contain a header but no data.
Pass/Fail: passes if OWT behaves as described in the Run section.
5.42 One Way Transfer (OWT) General Test
Description: Tests that the One Way Transfer works correctly.
Setup: assumes 5.1
Run: Create a new customer, and create a new mission owned by that customer
that is “rich” with features -- that is, has copy all turned on for one or more targets, is
set to harvest data, and so on. Assign the mission to a flytrap, and then from the
client computer generate one or more alerts and perform other operations that
generate copy and harvest data. Carefully document the operations you perform, run
the OWT script and verify that the data files produced contain the expected data.
Immediately after, run the OWT script for the same customer and verify that the
“dynamic” data files (copy and harvest data, alerts, and so on) are empty (that is,
nothing has occurred since the previous OWT report, so the dynamic files should be
empty). Perform and document operations to generate alerts, copy and harvest data,
and so on as performed previously. Run the OWT script for the test customer, and
verify that the data files produced contain the new “dynamic” data which does not
duplicate the data output in the previous OWT run. Being careful not to generate
additional dynamic data, run the OWT script with the “previous” flag (“runOWT.sh -p
-c <customer name>”) and verify that data files produced are identical to those
produced in the previous dump. Examine the data files from one of the previous
OWT runs, and determine a start and end time that “brackets” the entire span of
data. Perform an OWT run using the “start/end” parameters (“runOWT.sh -c
<customer name> -s YYYY-MM-DD_hh:mm:ss -e YYYY-MM-DD_hh:mm:ss”) and
verify that the dynamic data files produced are identical to the run you examined.
Examine the data files from one of the previous OWT runs as before, but this time
determine a start and end time that will produce a “subset” of the entire span of data.
Perform an OWT run using the “start/end” parameters so determined, and verify that
the dynamic data files produced contain a subset of the original data from the
specified time span. Take five, you earned it.
Pass/Fail: passes if OWT behaves as described in the Run section.
UNCLASSIFIED
64

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh