Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//20350112
(S) To reach a Target on the Flytrap’s LAN/WLAN from the “VPN Link Terminal”, the
Target’s “Client VPN IP Address” must be known. If the Target has been detected, then
the Alert will show the Client VPN IP Address. For example, say the Target’s VPN
Client IP Address is 10.129.99.99. From the “VPN Link Terminal”, running “ssh
root@10.129.99.99” will attempt a secure shell login on the Target’s computer. Note that
nmap or other similar tools can be used against the Client VPN IP Address from the
“VPN Link Terminal”.
(S) For generic network discovery/intrusion (e.g., in the case where there may be no
specific Target behind the Flytrap, but more information on that network is desired),
nmap’s discovery/intrusion features could be used from the “VPN Link Terminal” given
the Flytrap’s VPN IP Address. For example, to scan the 255 class “C” level address on
the Flytrap LAN and attempt to determine what OS is running using the stealth SYN
technique, issue:
nmap –sS –O <Flytrap_VPN_IP_Address>/24
9.28 (U) Viewing Flytrap Diagnostic Data
(U) To view Flytrap Diagnostic Data, click the “View -> Diagnostic Data” menu link
(see Figure 52). This page gives some rudimentary error messages about errors/warnings
that have occurred on a Flytrap over time.
Figure 52: Cherry Web View -> Diagnostic Data Page
105
SECRET//20350112
View ->
Diagnostic Data

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh