Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
(S//NF) The main advantage to using the shellcode installer is the ease of use. The
shellcode installer only asks for the target OS once, and selects the SG2-specific binaries
for you based on the target OS given. The other advantage on-target is that installing
through the Kernel changes the risk of installing. For example, I had seen Kaspersky flag
an older cut of SG2 when installing through Grasshopper, but the same configuration was
not flagged when installed through kernel shellcode. While this issue has been resolved
in previous releases, the fact remains that as PSPs update, installation vectors from the
kernel are likely to be safer than user-mode installation vectors (if the former is possible
on target).
SECRET//NOFORN
- xxii -

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh