Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

UNCLASSIFIED//LES
UNCLASSIFIED//LES Page13
applicationisrunningon
thecorrectnetwork.
MILLISECONDS_BETWEEN_SPOOFS Thenumberof
millisecondstowait
betweensendingARP
spoofpackets.
02,147,483,647
inclusive
1000
INJECTED_URL TheURLtodirectthe
targetmachineto.
Any validURL http://www.msn.c
om
INJECTION_METHOD Themethodof
deliveringthetargetURL
insideofanHTTP
response.
DOUBLE_FRAME
or
META_REFRESH
DOUBLE_FRAME
USABLE_MEDIA_TYPES Acceptedmediatypes
fromthetarget'sHTTP
requestthatweSHOULD
considerforinjection
Commaseparated
list.
NOTE:NO
SPACES,IDON'T
TRIM
text/html,*/*
USER_AGENT_WHITELIST Whitelisteduseragent
stringtokens.
Commaseparated
list.
NOTE:NO
SPACES, I DON'T
TRIM
<Blank>
USER_AGENT_BLACKLIST Blacklisteduseragent
stringtokens.
Commaseparated
list.
NOTE:NO
SPACES,IDON'T
TRIM
<Blank>
5.2 FULCRUM SHUTDOWN
FULCRUMSHUTDOWNdoesnotuseanyconfigurationmethod.
5.3 FULCRUMENCRYPTER
FULCRUMENCRYPTERonlyusesthecommandlineconfigurationmethod.
Theusageofcommandlineparamete rsisthefollowing:
[d|e] [input_path] [output_path]
Forexample,tocreateanencryptedcopyofthefilef.cfg.decrintoafilecalledf.cfg:
FulcrumEncrypter32.exee f.cfg.decrf.cfg
Ortodecryptthelogfilenamedf.logintof.log.decr:

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh