Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET
issue the command ‘ifconfig’ and examine the IP address of the ‘tun’ interface). On
your CherryWeb workstation, configure a VPN server address for the Mobile VPN
server:
• From the CherryWeb menu pane, click Plan ->Exploits ->VPN Link/Proxy
• On the “Add a VPN Server for ‘VPN Link’ or ‘VPN Proxy All’ action” page,
enter a name for the Mobile VPN server in the ‘Proxy Name’ text box, enter
the public IP address of the Mobile VPN server in the ‘Proxy Address’ text
box, leave the value ‘80’ in the ‘Port’ field, and click ‘Create’.
b) (S) Plan a Mission with VPN Link/Proxy actions
(S) Now plan a Mission with appropriate VPN Link/Proxy actions and assign it to the
Flytrap:
• On the CherryWeb menu pane, click Plan
->Missions
• If using a ‘Global’ VPN action (Global VPN Link or VPN Proxy All), select this
action in the ‘Global Action’ combo box of the ‘Support Parameters’ step of
the Mission workflow. In the ‘VPN Server IP’ combo box, select the newly
added Mobile VPN server. Select a ‘VPN Action Timer’ if appropriate. Click
‘Next’ when done.
• If using ‘Target’ VPN actions (i.e., the VPN action is to be triggered by the
detection of a target), select the appropriate VPN action and timeout for the
target(s) of interest on the ‘Target Exploit/Action(s)’ page of the Mission
workflow.
• When you are finished planning the Mission, click ‘Assign ->Mission to
Flytraps link on the CherryWeb menu pane. Select the Mission just planned,
check the desired Flytrap(s), and click ‘Assign’.
(S) New for Cherry Blossom v5.0 is the ability to add/edit Target actions directly to
Target Decks. In this case:
• On the CherryWeb menu pane, click Plan
->Target Decks
• Under ‘Edit a Target Deck’, select the Target Deck of interest
• On the ‘Target Action/Exploit Assignment’ step of the workflow, select the
appropriate VPN action and timeout for the Target(s) of interest. Then, at the
bottom of the Target list, select the newly added Mobile VPN server.
• Click the ‘Apply Actions’ button.
Note that when a Target Deck is edited, any Missions containing the Target Deck
are automatically revised and the new revision is automatically assigned to any
Flytraps currently executing that Mission.
SECRET