Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED//LES
UNCLASSIFIED//LES Page13
millisecondstowait
betweensendingARP
spoofpackets.
inclusive
INJECTED_URL TheURLtodirectthe
targetmachineto.
AnyvalidURL http://www.msn.c
om
INJECTION_METHOD
Themethodof
deliveringthetargetURL
insideofanHTTP
response.
DOUBLE_FRAME
or
META_REFRESH
DOUBLE_FRAME
USABLE_MEDIA_TYPES Acceptedmediatypes
fromthetarget'sHTTP
requestthatweSHOULD
considerforinjection
Commaseparated
list.
NOTE:NO
SPACES,IDON'T
TRIM
text/html,*/*
USER_AGENT_WHITELIST
Whitelisteduseragent
stringtokens.
Commaseparated
list.
NOTE:NO
SPACES,IDON'T
TRIM
<Blank>
USER_AGENT_BLACKLIST Blacklisteduseragent
stringtokens.
Commaseparated
list.
NOTE:NO
SPACES,IDON'T
TRIM
<Blank>
5.2 FULCRUMSHUTDOWN
FULCRUM SHUTDOWNdoesnotuseanyconfigurationmethod.
5.3 FULCRUMENCRYPTER
FULCRUM ENCRYPTERonlyusesthecommandlineconfigurationmethod.
Theusageofcommandlineparametersisthefollowing:
[d|e][input_path][output_path]
Forexample,tocreateanencryptedcopyofthefilef.cfg.decrintoafilecalledf.cfg:
FulcrumEncrypter32.exe–ef.cfg.decrf.cfg
Ortodecryptthelogfilenamedf.logintof.log.decr:
FulcrumEncrypter32.exe–df.logf.log.decr

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh