Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
Elsa User Manual.doc
20
SECRET//NOFORN
Microsoft with that Google. See the usage for the Location Provider option below for
more detail.
(S) It is important to note that the second step of resolving wifi data into geolocations can
also be performed any wifi data containing MAC address, SSID and signal strength (for
example, netsh output). See the comma separated value option below for more details.
(U) The PROCESSOR command line appears as follows:
> processor.exe -i <path> -o <path> [-k <key>] [-f <mask>] [-l provider] [-c]
Figure 16 - (S) Command line syntax for the PROCESSOR tool
(U) The subsequent sections describe each option in detail.
8.1 (U) PROCESSOR option Key File
(S) The key file option specifies the path to the encryption key. The switch for this
parameter is ‘-k’ and must specify the key file from when the tool was originally
configured and patched
8.2 (U) PROCESSOR option Input Directory
(S) The input file or directory option specifies the path to the input file or directory. The
switch for this parameter is ‘-i’.
8.3 (U) PROCESSOR option Output Directory
(S) The output file or directory option specifies the path to the output file or directory.
The switch for this parameter is ‘-o’.
8.4 (U) PROCESSOR option File Wildcard Mask
(S) The file wildcard mask option specifies the file name search filter to use in processing
files in the input directory. The default this is ‘*.*’. The switch for this parameter is ‘-f’.
8.5 (U) PROCESSOR option Location Provider
(S) The PROCESSOR can be used to relocate wifi access points. This option specifies
the location provider to use. The input file option must specify an ELSA output log file
or comma separated values containing the wifi access point information. The switch for
this parameter is ‘-l’.
Providers
google
microsoft
Figure 17 - (S) Location provider settings.