Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET
1.(U) Introduction
(S) Cherry Blossom includes a Mobile VPN capability, wherein the Mobile VPN
software can be installed on a server with a publicly-accessible IP address. This
server is typically an ICON workstation. [The SRI-developed Mobile VPN software
was developed to run on a workstation booted in Fedora Core 10; COG has
requested that it be modified to run on a workstation booted into Ubuntu 10.04.]
This document explains how the SRI/Fedora version of the Mobile VPN server
software is installed and operated.
(S) Knowing the IP address of the Mobile VPN server, by interacting with the
CherryTree database via a different ICON workstation, a Cherry Blossom operator
can task a Flytrap to open a VPN link between the Flytrap and the Mobile VPN
server. Through this link, the operator can then access client workstations on the
(private) LAN or WLAN side of the Flytrap and perform exploits against the client
devices. Additionally, the mission tasked to the Flytrap can instruct the Flytrap to
use the Mobile VPN server to proxy all network traffic.
2.(U) Mobile VPN Server Installation
(S) To install the Mobile VPN server software onto an ICON workstation:
a) Follow standard ICON procedures to boot to the “Fedora Core 10” OS.
b) Follow standard ICON procedures to connect to the public/outward-facing
Snowball/Fireball of choice. Use the “tun” interface option.
c) Test Internet connectivity
d) Insert the Mobile VPN Software (svn 9012) CD.
e) Run the Mobile VPN software installer as root:
su –
cd /media/<CDROM> && ./install.sh
3.(U) Usage
(S) Typical usage of the Mobile VPN capability is to task a Flytrap with a mission
that will perform VPN Link/Prosy actions where the VPN server is the “Mobile”
server. This section gives a brief overview on how to plan missions with VPN
actions. See the Cherry Blossom User’s Manual for more details.
a. (S) Add the Mobile VPN Server to CherryTree/CherryWeb
(S) Once the Mobile VPN software has been installed on an ICON workstation,
determine the public IP address of the workstation (From a command terminal,
SECRET

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh