Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Run: power-cycle the Flytrap at times just past various multiples of
MM_INITIAL_BEACON_ONTIME_UPDATE_PERIOD_SEC.
Pass/Fail: the test passes if the value of the device ontime (NVRAM variable
"ots") is not reset (that is, it remains monotonically increasing) after the power-
cycle events.
4.2 Flytrap Features
This section describes tests related to the various Flytrap features, which are
enumerated in the Cherry Blossom User’s Manual.
Hardware/Software Required:
Flytrap
Client Computer with: America Online Instant Messaging (AIM) client
software, MSN Messenger client software, Yahoo Messenger, GoogleTalk
client software
Second Client Computer with Wireshark
Zakura server running latest release of Cherry Blossom backend software
Proxy server running squid (for HTTP Proxy/Proxy All Tests only) and Apache
web server (for Port/Protocol Scanning Test only)
True hub (for Encrypted Comm Test)
Ethernet cable(s)
Initial Setup:
Connect the Flytrap to the internet
Connect the Client Computer (either via wire or wirelessly) to the Flytrap. If
using wireless, be sure to secure the Flytrap. Enable WPA (or WEP if that is
all the device supports). If possible, remove the antenna(s) from the Flytrap.
Verify connection via ping, telnet, and opening a browser to an internet site
(e.g., slashdot.org).
Connect the Second Client Computer to the Flytrap and verify internet
connection.
4.2.1 Email/Chat Target Detection/Alerting Test
Description: Tests detection and timely alerting of email and chat Targets.
UNCLASSIFIED
22

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh