Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED//LES
UNCLASSIFIED//LES Page4
2 INTRODUCTION
Fulcrumisapro‐activeca pabilitywhichfacilitatestheuseofacontrolledmachinetopivottoano ther
uncompromisedtargetmachinethatisonthesameremoteLAN.Theapplicationwillperformaman‐in‐
the‐middleattackonthetargetcomputer.Theapplicationwillthe nmonitorthetargetmachinesHTTP
trafficandredirectthetargettotheprovidedURLwhentheproperconditionsaremet.
Tobeclear,Fulcrumisnotisanexploitoraworm.Itwillnotgainarbitrarycodeexecutiononaremote
machinenorwillitperformprivilegeescalationonthepivotmachine.Itwillnotcrashapplicationsor
operatingsystemsonthepivotortargetmachines.Fulcrumwillno treplicateitselforautomatically
target machines on a LAN nor will it work across a router boundary.
Simplyput,FulcrumwilldirectatargetmachinesHTTPclienttraffictotheURLoftheattackerschoice.
2.1 PURPOSE
ThisistheUsersManualfortheinitialproductionrelease,Version0.6,oftheFulcrumproduct.The
purposeofthisdocumentistoguideend‐usersonalltechnicalmannerssurroundingtheproperuseof
theFulcrumproduct.Thisguide includesstep‐by‐steptutorials, informationonsupported
environments,referenceinformation,andknownissues.
2.2 INTENDEDAUDIENCE
ThisdocumentisintendedprimarilyfortheendusersoftheFulcrumprod uctandtoalesserextentthe
testersanddevelopers.
2.3 TERMINOLOGY
PivotMachineThe machinewhereFulcrumwillrun.
TargetMachineThemachinethatFulcrumwilltargetwithitsman‐in‐the‐middlea ndH TTP
trafficinjectioncapabilities.
DeploymentPreparationMachineThemachinewhereFulcrumispreparedandconfigured
fordeployment.
2.4 PRODUCTCOMPONENTS
Theproductconsistsofthreeseparatebinaries:FULCR UM ,FULCRUMSHUTDOWN,and
FULCRUMENCRYPTER.
The
F ULCRUMbinaryistheprimaryapplicationoftheproduct.Itisdeployedt othePivotMachineand
isresponsibleforperformingtheactualpivotingtechnique.