Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Pass/Fail: the test passes if verification steps in the “Run” section are correct.
4.2.23 Throughput Degradation Test
Description: Tests that the Cherry Blossom software does not degrade the LAN
<-> WAN throughput of a Flytrap significantly.
Setup: Connect a Flytrap to the internet, connect a client to the Flytrap’s LAN,
and telnet to the Flytrap. Open a browser to
“http://www.dslreports.com/speedtest?flash=1. Note: it is expected that the
internet connection used in this test be a T1 or better.
Run: at the telnet prompt, with gf insmod’d and mm running, run a speed test.
Then, “killall mm” and “rmmod gf” and run another speed test.
Pass/Fail: the test passes if there is no significant (<1%) degradation in
throughput results.
4.2.24 Erasure of Persistent Data After Flytrap Upgrade Test
Description: If a device is currently running Cherry Blossom firmware (i.e., it is
already a Flytrap), upgrade to a different Cherry Blossom firmware will cause the
Flytrap persistent data (i.e., Flytrap keys that are stored in NVRAM or special
section of flash) to be erased. This test verifies that this feature works properly.
Note that upgrading to the same Cherry Blossom firmware will not cause erasure
of the Flytrap persistent data. Here, “different” firmware means a firmware with a
different build of Mission Manager.
Setup: Build two Cherry Blossom firmwares (each should be debug with
shelld/dumbbelld). Configure significantly different beacon addresses (a few
invalid addresses first, followed by a valid beacon address) and other beacon
settings in each. On the CherryTree/Web Test server, configure a Mission for this
device with different beacon addresses (a few invalid addresses first, followed by
a valid beacon address) and different beacon settings than either of the two
firmwares. Assign this Mission to the test Flytrap. Connect the WAN of the
Flytrap to a hub, and connect the hub to the internet. Verify internet connectivity.
Connect an Wireshark client to the hub, and start Wireshark.
Run: Upgrade the device with firmware 1. As the device reboots, start an
Wireshark capture. Verify (in the Wireshark capture) that the device beacons to
the proper addresses at the proper times. When the device successfully beacons
and receives the Mission (as configured in setup), “killall mm”, run “mm –v”, and
verify that the persistent data settings are consistent with those in the Mission.
Upgrade the device with firmware 2. As the device reboots, start an Wireshark
capture. Verify (in the Wireshark capture) that the device beacons to the proper
addresses at the proper times. In particular, be sure that the device beacons
UNCLASSIFIED
34