Anonymous ID: c07821 March 15, 2018, 5:16 p.m. No.678723   🗄️.is 🔗kun

CIA HACKING TOOLS (under the Roundhouse collection)

Cherry Blossom:

 

An excerpt from the 175 of. manual for an example of just ONE of the programs:

SECRET//20350112applications, etc. When the Flytrap detects a Target, it will send an Alert to the CT and commence any actions/exploits against the Target. The CT logs Alerts to a database, and,potentially distributes Alert information to interested parties (via Catapult).4.2 (U) Definitions(U) Listed are definitions of system components and common terminology used throughout this document: • (U) Claymore – (S) a survey, collection, and implant tool used to determine wireless device make, model, and version and to implant supported devices with CB firmware.• (U) Flytrap – (S) a wireless access point (AP), router, or other device that has beenimplanted with CB firmware. Flytraps execute Missions to detect and exploit Targets.• (U) CherryTree (CT) – (S) command and control server that manages:o Handling and storage of Flytrap Missions and Mission-related datao Handling and storage of Flytrap statuso Handling, storage, and further distribution of Flytrap Alerts• (U) CherryWeb (CW) – (S) browser-based user interface that allows operators to view system status, configure the system, view target activity, and plan/assign Missions.• (U) Point of Presence (PoP) – (S) a sponsor-maintained relay that forwards communication between a Flytrap and the CherryTree.• (U) User – (S) an operator of the CB system. Users can, for example, log into CW, plan and assign Missions, view system status, etc.• (U) Target – (S) a computer/person that should be monitored and at which exploits should be targeted. Flytraps use MAC address, email address, chat username, or VoIPnumber to detect/identify Targets.• (U) Target Deck – (S) a grouping of related Targets.• (U) Mission – (S) tasking given to a Flytrap in response to a Beacon.• (U) Operation (formerly Customer) – (S) an entity around which CB system data is organized and to which this data is reported. CB Users can compartmentalize system data according to Operation.• (U) BEACON – (S) a periodic communication BEACON en a Flytrap and the CT, where the Flytrap indicates its status, security info, etc. to the CT. In response to a Beacon, theCT sends the Flytrap a Mission.• (U) Alert – (S) a communication sent from a Flytrap to the CT when the Flytrap has detected Target activity• (U) One-way Transfer (OWT) – (S) a process of packaging and moving CB system data to a secure computer. An OWT report is typically organized around an Operation.• (U) Flash – (noun) non-volatile RAM where the system image and persistentconfiguration data is typically stored on a wireless networking device• (U) Flash/Reflash – (verb) the process of upgrading a device with a new firmware image. 10SECRET//20350112

 

SECRET//203501125 (U) System Components and Features(U) This section discusses each of the components of the CB system, and discusses the various features supported by each component.5.1 (U) Claymore(S) Claymore is a survey, collection, and implant tool for wireless (802.11/WiFi) devices. The survey function attempts to determine device makes/models/versions in a region of interest. The collection function can capture wireless traffic. The implant function can perform wireless firmware upgrades and incorporates the exploitation tools (for determining administrator passwords) and Wireless Upgrade Packages (for devices that don’t allow wireless firmware upgrades). Claymore can run in a mobile environment (i.e.,on a laptop) or in a fixed environment with a large antenna for longer ranges. See the “Claymore User’s Manual” for more information.5.2 (U) Flytrap5.2.1 (U) Overview(S) A wireless device that has been implanted with CB firmware is known as a Flytrap (see section 6 for information on device support and implanting techniques). Typically, a Flytrap will not be under the physical control of the sponsor, but instead operates “in thewild”. Periodically, the Flytrap will send a Beacon to the CT (through a PoP) that reports the status and security settings of the device. The CT will respond with a Mission that tasks the Flytrap to search for Target emails, chat users, or MAC addresses in the network traffic passing through the device. Upon detection of a Target (see 5.2.3.5 for Target Types), the Flytrap will send an Alert to the CT (which if configured to do so would distribute this Alert information to the Catapult system). The Mission may also contain Target Actions (see 5.2.3.9), and Global Actions (see 5.2.3.10).5.2.2 (U) Device Support(S) The CB team maintains an information database (“Wifi Devices.xls”) on hundreds of wireless devices. This database includes generic device info (e.g., processor, OS, defaultpassword, etc.) as well as firmware analysis information on device support.5.2.3 (U) Features(U) This section briefly enumerates the features supported by the Flytrap.

 

https:// wikileaks.org/vault7/releases/#Cherry%20Blossom