Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//ORCON//NOFORN
1.2 AccessedBefore
Description
The “accessed_before” verb takes in a single date parameter and verifies that
the provided directory was last accessed before the provided date. The date
must be in either ISO 9601 format, 2012-01-01T12:00:00 or 2012-01-01.
Usage
directory(<directory path>).accessed_before(<timestamp>)
Example
directory(“c:\windows”).accessed_before(“2012-01-01”)
The above example verifies that the provided directory was accessed before
January 1
st
, 2012 at midnight.
Return Values
Return
Code
Description
True Path exists, is a directory, and meets the criteria
False Path exists, is a directory, and doesn’t meet the criteria
Invalid Path does not exist or is not a directory
45
SECRET//ORCON//NOFORN