Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//20350112
Cherry Bomb Program x86 Flytrap User’s Manual
2 (U) Background
(S) The Cherry Blossom (CB) project (part of the Cherry Bomb program) provides a
means of monitoring the internet activity of and performing software exploits on targets
of interest. In particular, CB is focused on compromising wireless networking devices,
such as wireless routers and access points (APs), to achieve these goals.
(S) A comprised (or implanted) wireless networking device is referred to as a Flytrap. A
Flytrap can be used to perform man-in-the-middle attacks, such as browser redirect (for
example, to Windex), copying of network traffic, proxying of network connections, etc,
on targets connected to the Flytrap.
(S) CB includes the CherryTree, a command-and-control server (with a graphical user
interface referred to as CherryWeb) to which Flytraps beacon and receive tasking. A
remote operator uses CherryWeb to task Flytraps to direct exploits at particular targets.
(S) This document discusses concept and detailed operation of an “x86 Flytrap” wherein
the Flytrap implant is ported to run on an x86 platform (e.g. a laptop computer) to meet
particular use cases of interest. Section 3 discusses the concept in more detail, section
4 details operational use cases, and section 5 details operation.
(U) For more information on Cherry Blossom, see the “Cherry Bomb: Cherry Blossom
User’s Manual (CDRL 12)”.
SECRET//20350112
5

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh