Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
________________________________________________________________________
ROOT folder
|---- server log files
|---- Parent ID folder (e.g., TEST)
| |---- parent tasking files
| |---- Child ID folder
| | |-- inbox folder (files received from the implant)
| | |- Responses and safety files
| | |-- outbox folder (files to be sent to the implant)
| | |- tasking files
| |---- Child ID folder
| …
|---- Parent ID folder
Figure 2 - (S//NF) Listening Post Directory Hierarchy
5.1 (U) Installation
(S//NF) The Listening Post server setup is performed by the setup.py script. The python script
setup.py should be run on Ubuntu v14.04. The setup script will install all required files
automatically if an Ubuntu repository can be reached. The following is a list of required
packages:
Apache 2.4
Apache mod_wsgi module
Python 3.4
Python pip (only used to retrieve bottle)
Python bottle web framework
(S//NF) Validate that the current Ubuntu instance has the correct repository location. This can be
validated by viewing the source.list file.
> /etc/apt/sources.list
deb http://repo.devlan.net/ubuntu trusty main universe multiverse restricted
deb http://repo.devlan.net/ubuntu trusty-security main universe multiverse restricted
deb http://repo.devlan.net/ubuntu trusty-updates main universe multiverse restricted
deb http://repo.devlan.net/ubuntu trusty-backports main universe multiverse restricted
Figure 3 - (S//NF) Ubuntu Repository Listing Example
(S//NF) The SSL component of the install requires a valid SSL certificate. By selection NO to
the option “use pre-existing SSL certificate and key”, will generate a new certificate for you.
OpenSSL can also be used to generate a certificate. The follow example shows how this can be
done.
> openssl genpkey -algorithm RSA -out a.key
> openssl req -new -key a.key -out a.req -subj /CN=1.1.1.1
> openssl x509 -req -in a.req -signkey a.key -out a.cert
> sudo apt-get update
Figure 4 - (S//NF) Optional SSL Certificate Creation
(S//NF) To run the installation tool from the current Ubuntu instance, copy the Listening Post
directory from the installation disk to the Ubuntu v14.04 instance. The Ubuntu v14.04 Linux
distribution already contains Python 3.4 pre-installed. Use the provided installation script to
complete the installation.
SECRET//NOFORN 6

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh