Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED
Cherry Bomb Program Cherry Blossom Internal Test Procedures
Setup: plan/assign a Mission to a Flytrap with abc@def.com as a Target with a
Redirect Action type of Double Frame and set the Redirect URL to slashdot.org.
Set other parameters as in 4.2.1). Setup the W server (and related CherryWeb
configuration) according to the “W Server Test Configuration” document on the
classified computer. Ensure the network is disconnected from the internet before
connecting the W test server. The following diagram illustrates the network setup:
Figure 2: W Test Server Network Setup
Run: from the Client Computer, start wireshark and generate an Alert for
abc@def.com (perform a Google search for abc@def.com). Then go to a root
web page (e.g., madonnainn.com). Verify the Client Computer receives a
properly formed double iframe packet. Verify the “W Alert” on CherryWeb. Verify
the various status states of the W Alert on CherryWeb (Pending, Redirected
(happens very quickly), Active/Failure/Complete, Unknown (if connection cannot
be made to W server)).
Pass/Fail: the test passes if wireshark on the Client Computer shows a properly
formed double iframe packet.
4.2.8 Copy Action Test
Description: Tests the Copy Action feature of the Flytrap.
Setup: plan/assign a Mission to a Flytrap with smith_test1@yahoo.com as a
Target with a Copy Action with a 5 minute timeout. Set other parameters as in
4.2.1).
Run: from the Client Computer, generate an Alert for smith_test1@yahoo.com
(login to smith_test1’s Yahoo webmail). From the Client Computer Continuously
UNCLASSIFIED
27

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh