Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
________________________________________________________________________
Enter name of outbound folder: OUT
Enter URL path of tasking resources (comma separated), i.e. /blog/comments, /php/id: /
Enter URL path of web resources (comma separated), i.e. /, /web: /html
Enabling mod-wsgi
Disabling default site.
Use pre-existing SSL certificate and key? (Y/N) default: N
Generating a 2048 bit RSA private key
......................+++
..+++
writing new private key to 'fileserver.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
Moving cert to /etc/ssl/certs/fileserver.crt
Moving key to /etc/ssl/private/fileserver.key
Enabling SSL site 001-default-ssl.conf
Disabling port 80.
Restarting services...
Install done.
Figure 7 - (S//NF) Completing setup.py Script Output
(S//NF) After installing the required packages, the setup script will modify Apache to enable
SSL on port 443 and generate any required SSL keys and certificate if not supplied. In addition,
the setup script will ask to setup the directories where the tasking files will reside.
(S//NF) After installation is complete, make sure to check that the file/folder exists, proper
permissions have been applied, and Apache is successfully running on port 443. The setup script
expects a default installation of Apache 2.4. If any configuration files have been modified, the
setup script may not work correctly. You may have to manually modify the /etc/apache2/sites-
available/001-default-ssl.conf to point to the correct location of your SSL keys and certs. In
addition, add the following line under DocumentRoot, to enable WSGI:
WSGIScriptAlias / /var/www/html/app.wsgi
(S//NF) The directory /var/www/html should contain three files; app.wsgi, server.py, and
config.json. To disable port 80, edit /etc/apache2/ports.conf and comment out the line with
"Listen 80".
(U) Some common Apache commands are listed below:
sudo a2enmod - to enable a module, i.e. sudo a2enmod wsgi
sudo a2dissite - to disable a site configuration
sudo a2ensite - to enable a site configuration
sudo service apache2 restart - restart Apache
sudo service apache2 start
sudo service apache2 stop
tail –f /var/log/apache2/access.log
SECRET//NOFORN 8

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh