Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
TARG_1# iptables -t nat -I PREROUTING \
–s 192.168.1.2 -d 192.168.2.3 \
-j DNAT --to-destination 192.168.2.4
TARG_1# iptables -t dpxvke8h18 -I PREROUTING \
–s 192.168.1.2 -d 192.168.2.3 \
-j DNAT --to-destination 192.168.2.5
Confirm that the precedence is correct by running netcat (udp) and netcat
(tcp) tests. Verify that the traffic is sent to EAST_5 and *not* EAST_3 or
EAST_4.
Before proceeding, flush the PREROUTING chain in the “dpxvke8h18” table
and remove the new rule from the “nat” table:
TARG_1# iptables -t dpxvke8h18 -F PREROUTING
TARG_1# iptables -t nat -D PREROUTING 1
5.3) Port Test
To test if redirection works for specific ports, create a DNAT rule to redirect
one specific UDP port to EAST_5 with port translation, and then create a
DNAT rule to redirect a different TCP port to EAST_5, also with port
translation:
TARG_1# iptables -t dpxvke8h18 -I PREROUTING –p udp \
–s 192.168.1.2 -d 192.168.2.3 --dport 23456 \
-j DNAT --to-destination 192.168.2.5:34567
TARG_1# iptables -t dpxvke8h18 -I PREROUTING –p tcp \
–s 192.168.1.2 -d 192.168.2.3 --dport 45678 \
-j DNAT --to-destination 192.168.2.5:56789
TARG_1# iptables -t dpxvke8h18 -L PREROUTING –nv
Verify that the new rules appear in the output of the “iptables -L" command.
Confirm that the UDP rule works by running netcat (udp) tests. Verify that
sending traffic to port 23456 on EAST_3 results in redirection to port 34567
on EAST_5. Verify that sending traffic to other ports on EAST_3 does not
result in redirection.
Confirm that the TCP rule works by running netcat (tcp) tests. Verify that
sending traffic to port 45678 on EAST_3 results in redirection to port 56789
SECRET//NOFORN

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh