Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
6.3 (U) Troubleshooting
(S//NF) Q: The Grasshopper/Cricket installer blew up on me when I tried to
generate/build a binary (after answering all the SG2 questions)
(S//NF) A: Make sure all paths to binaries you want to use on your box are valid and the
files exist. Typically the configuration tool will blow up if a file you gave it doesn't exist
when the config tool goes to find and read the file.
(S//NF) Q: Does this work on Windows 8?
(S//NF) A: Yes! Starting in 2.1 it will. However, you must take additional steps to build
a Win 8.1 install. It is not the normal build process for a XP-7 build.
(S//NF) Q: This works on Win 7/Win XP, does it work on Windows Server 20XX?
(S//NF) A: I do not know. SG2 will likely work just fine on Server 2003. It is untested
on any OS outside of Win XP/Win 7/Win 8.1. Chances are if it's a Server version that is
similar to Win XP/Win 7/Win 8.1. You should test any new OS with SG2 before
deployment, because the consequences of failure typically are BSODs or constant system
boot failures.
6.4 (S) PSP characterization
6.4.1 (S//NF) Kaspersky
(S//NF) Nothing to note for this release. Kaspersky has signatured this tool in the past,
and the current version of SG2 was resignatured to defeat past signatures. Be sure to test
this tool against the Kaspersky version on target (or the latest release) to ensure new
updates have not resignatured SG2 again.
6.4.2 (S//NF) 360safe
(S//NF) On Windows 8.1 x86, system instability was noted when running 360safe and
StolenGoods 2.1. The issue is being investigated. This issue was not seen on Windows
8.1 x64, nor any other supported OS tested. The issue is likely related to PSP interactions
with the OS and SG components.
6.4.3 (S//NF) Symantec
(S//NF) On Windows 8.1 x86, system instability was noted when running Symantec and
StolenGoods 2.1. The issue is being investigated. This issue was not seen on Windows
8.1 x64, nor any other supported OS tested. The issue is likely related to PSP interactions
with the OS and SG components.
6.4.4 (S//NF) ESET NOD 32
(S//NF) Nothing to note for this release. ESET NOD 32 has signatured this tool in the
past, and the current version of SG2 was resignatured to defeat past signatures. Be sure to
test this tool against the ESET NOD 32 version on target (or the latest release) to ensure
new updates have not resignatured SG2 again.
SECRET//NOFORN
- xiv -

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh