Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Pass/Fail: the test passes if the Client Computer’s browser is redirected after the
abc@def.com Alert, Copy Data is recorded for 1 minute after the
smith_test2@hotmail.com Alert, and no Copy Data is generated after the
smith_test4@gawab.com Alert.
4.2.11 MAC Target Actions Test
Description: Tests the Action Inheritance logic of the Flytrap. See the Cherry
Blossom User’s Manual for a detailed discussion of Action Inheritance.
Setup: Plan/assign a Mission to a Flytrap with a MAC Target matching the Client
Computer’s MAC, and give this MAC Target a Redirect Action and a Copy Action
with a 1 minute timeout. Set other parameters as in 4.2.1.
Run: from the Client Computer, generate an Alert for Computer’s MAC. Then go
to a root web page (e.g., asdf.com). Client Computer’s browser should be
redirected. Then, from the Client Computer, surf the internet for at least 1 minute.
Pass/Fail: the test passes if an Alert for Client Computer’s MAC is sent and
received/displayed on CherryWeb in a timely fashion, the Client Computer is
redirected after the Alert event, and 1 minute of Copy Data is recorded following
the Alert event.
4.2.12 MAC Target Action Inheritance (Lack Thereof) Test
Description: Tests the Action Inheritance logic of the Flytrap. See the Cherry
Blossom User’s Manual for a detailed discussion of Action Inheritance.
Setup: plan/assign a Mission to a Flytrap with a MAC Target matching the Client
Computer’s MAC with no Target Actions, abc@def.com as a Target with a
Redirect Action, smith_test2@hotmail.com with a Copy Action with a 1 minute
timeout. Set other parameters as in 4.2.1.
Run: from the Client Computer, generate an Alert for Computer’s MAC. Then
generate an Alert for abc@def.com (perform a Google search for abc@def.com).
Then go to a root web page (e.g., asdf.com). Client Computer’s browser should
not be redirected. Then, from the Client Computer, generate an Alert for
smith_test2@hotmail.com. Then surf the internet for at least 1 minute.
Pass/Fail: the test passes if the an Alert for Client Computer’s MAC is sent and
received/displayed on CherryWeb in a timely fashion, and the Client Computer is
not redirected after the Alert event, and no Copy Data is recorded following the
Alert event.
UNCLASSIFIED
29

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh