Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//NOFORN
________________________________________________________________________
Action / Help Text Notes
16
Beacon - Accept Encoding Header (string)
default:[application/octet-stream]
new value:
The default accept encoding header in the packet
when processing beacons on the target.
WARNING: Changing this value may cause
unexpected results when processing data on the
target.
String
17
Beacon - IE Proxy Address (string)
default:[]
new value:
The default IE Proxy Address used to proxy beacon
communication on the target.
String
18
Beacon - WPAD Proxy Address (string)
default:[]
new value:
The default WPAD Proxy Address used to proxy
beacon communication on the target.
String
19
Tasking - Overt State File Path (string)
default:[]
new value:
The default overt state file path used to store state
information during processing of commands.
(NOTE: when empty – no state information is
stored on target). This directory will store state
files (random file names) of current processing
information.
String – full path
20
Tasking - Batch Execution Timeout in
seconds (number)
default:[0]
new value:
The default batch execution timeout is used to
cancel processing of long running batches.
Time in seconds
21
Tasking - Command Execution Timeout in
seconds (number)
default:[0]
new value:
The default command execution timeout is used to
cancel processing of long running commands.
Time in seconds
22
Tasking - Chunk Size - maximum number of
bytes in a single block (number)
default:[0]
new value:
The default chunk size of a packet sent from the
target to the Listening Post.
Number in bytes
23
Tasking - Max CPU Utilization 0..100
(number)
default:[0]
new value:
The default maximum CPU utilization used by the
system while processing commands.
Percentage of system usage(0..100)
24
Tasking - Max Processing Data Size (number)
default:[50331648]
new value:
The default maximum processing data size of the
data to process on target.
Number in bytes
25
Uninstall - Date (YYYY-MM-DDTHH:MM:SS) –
UTC
default:[]
new value:
The default time and date of the automatic self-
deletion of the target executable.
Date (YYYY-MM-DDTHH:MM:SS)
26
Uninstall - Deadman Delay in seconds
(number)
default:[0]
new value:
The default delay that the target will self-delete
after not receiving a valid beacon.
Time in seconds
27
Uninstall - Beacon failure attempts
(number)
default:[0]
new value:
The default number of beacon failure attempts to
force a self-delete of the target executable.
Number
SECRET//NOFORN 18