Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//ORCON//NOFORN
11.3 Input Types
The post processor is able to parse any Assassin generated files. If receipts are
provided, the post processor can decrypt the input files when necessary. The
acceptable types of input files are as follows:
Encrypted:
Assassin files that have been encrypted are decrypted and placed
back in the input directory. The post processor can only decrypt files
from implants for which a receipt has been provided.
Chunk:
Assassin files that have been divided into chunks are reassembled in
a directory called ‘staging’, created within the input directory. Once
assembled, the file is placed back in the input directory.
Beacon:
Assassin beacon files are parsed into XML and stored in the output
directory. In archive mode, a copy of the raw beacon file is saved.
Result:
Assassin result files are parsed into XML and stored in the output
directory alongside any files generated by the result. In archive
mode, a copy of the raw result file is saved.
Push:
Assassin push files are parsed into XML and extracted into the output
directory. In archive mode, a copy of the raw push file is saved.
Task:
Assassin task files are parsed into XML and stored in the output
directory alongside any files embedded in the task.
116
SECRET//ORCON//NOFORN