Vault 7: Projects

TRITON INSTALLER STATUS CODES
The Triton installer outputs a status code with the string "XXXXX:" followed by a number:
0: Install Success•
5: Install failed (internal error)•
6: Install failed because the install script was not run by the root user•
7: Install failed because the running system was not Lion or Mountain Lion•
LP GUIDE
Here's what a typical Apache setup will look like:
An LP configured for SSL should have the following files in it's vhost configuration
directory:
some.domain.conf...............(required for SSL) Vhost configuration file for
the LP
♦
some.domain/cacert.pem.........(required for SSL) The Certificate Authority file♦
some.domain/cert.pem...........(required for SSL) The LP's certificate♦
some.domain/privkey.pem........(required for SSL) The LP's private keyâ¨♦
•
A typical Apache setup should have the following directives enabled:
Listen A.B.C.D:443.............The IP address and port upon which the Apache
server will listen
♦
NameVirtualHost A.B.C.D:443....The IP address and port to which Apache should
apply Name Virtual Host rules. Should match the Listen directive above
♦
Include YYYY/.conf............The directory where apache expects to find vhost
config files
♦
Group XXXX.....................The group under which the apache process executes♦
SSL...........................(required for SSL) SSL options, usually in
mod_ssl.conf
♦
SSLStrictSNIVHostCheck on......(required for SSL) Only enable if multiple SSL
vhosts share a single IP address
♦
•
The LP can be configured manually, or by using the supplied vhost.sh script:
Identify a location to put the LP's web root (htdocs directory)♦
Identify the Apache user/group from httpd.conf♦
Identify the IP address/port that Apache uses for SSL (the
Listen/NameVirtualHost directives above)
♦
Identify the Apache vhost configuration directory, as noted above♦
Identify the Apache logs directory from httpd.conf (ErrorLog...)♦
Note the domain name of the LP, as specified to the builder♦
copy the implant's APACHEFILES directory to a temporary directory on the LP♦
chmod 755 APACHEFILES/vhost.sh♦
edit the APACHEFILES/some.domain.conf file so that matches the IP address/port
above
♦
execute the vhost.sh script with no arguments to see it's help output♦
execute the vhost.sh script with the information/arguments identified above♦
restart Apache, check the Apache logs for errors♦
test the LP by using curl on another system: curl --cert target.cert --cacert
cacert.pem --key target.privkey LPURL
♦
check the Apache logs for errorsâ¨♦
•
The LP's web root should contain the following files:
/........................(required) Root web directory. Apache must have
read/execute permissions
♦
/a.......................(optional) Encrypted automatic task file. Apache must
have read/execute permissions
♦
/c.......................(optional) Encrypted config file♦
/fls/....................(required) Upload directory. Apache must have
read/write/execute/unlink permissions
♦
/fls/s...................(optional) Encrypted state file created by LP. Apache
must have read/write permissions
♦
/fls/i...................(optional) Encrypted immediate task file. Apache must
have read/unlink permissions
♦
/fls/*.up................(optional) Uploaded data. Apache must have write/unlink
permissions
♦
•
SECRET//NOFORN