Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Owner: User #71384
Development Devices and Hosts
DNS Servers (edb.devlan.net)
IP Address | Host Name | Domain | Physical Location | POCS |
---|---|---|---|---|
10.6.5.51 | foxtrot.edb.devlan.net | edb.devlan.net (primary) | 9W89B | User #76213 |
10.6.5.50 | tango.edb.devlan.net | edb.devlan.net (slave) | 9W89B | User #76213 |
These DNSDomain Name System servers forward all requests for devlan.net domain names to the DEVLAN DNSDomain Name System servers. They also provide internal name resolution for a number of .com, .net, and .org domain names. For example, security.ubuntu.com and mirrorlist.centos.org resolve to 10.2.0.222, repos.devlan.net.
To add a host to the database, edit the files /var/named/chroot/data/db.edb.devlan.net (forward) and db.10 (reverse) on foxtrot (the primary), and then restart DNSDomain Name System using "service named restart".
Be sure to check /var/log/messages for any anomalies and revert if necessary.
To use these DNSDomain Name System servers, use the following lines in /etc/resolv.conf:
|
---|
Servers
IP Address | Host Name | Mac Address | Architecture | System Description | Physical Location | POCS |
---|---|---|---|---|---|---|
10.6.5.51 | foxtrot.edb.devlan.net | AC:16:2D:79:47:CC | x86_64 | HP Proliant DL380p Gen8 with 16 cores, 132GB of RAMRandom Access Memory and 11TB of storage | 9W89B | User #76213 |
10.6.5.50 | tango.edb.devlan.net | AC:16:2D:79:34:E8 | x86_64 | HP Proliant DL380p Gen8 with 16 cores, 132GB of RAMRandom Access Memory and 11TB of storage | 9W89B | User #76213 |
Routers
NOTE: All Mac Addresses for Hive routers refer to eth0 while another port may actually be assigned the IP address displayed.
Shell access via ssh using: ssh devel@<IP address>
For easy command access, enter: export PATH=/rw/pckg
Transfer files via scp using: scp devel@<IP address>
IP Address | Host Name | Mac Address | Architecture | System Description | Physical Location | Project | POCS |
---|---|---|---|---|---|---|---|
10.2.5.5 | MikroTik-RB1100 | 00:0C:42:99:8A:E1 | PPC | MikroTik Router Board 1100 PowerPC 2.6.27.39, Router OSOperating System 4.13 | 9W89B Rack B8 (top) | Hive | User #?, User #76213., or User #76199 |
10.2.5.6 | MikroTik-411U | 00:0C:42:4D:7B:DE | MIPS-BE | Mikrotik MIPS Big Endian 2.6.27.39, Router OSOperating System 4.11 | 9W89B Rack B8 | Hive | User #?, User #76213., or User #76200 |
Virtual Machines
IP Address | Host Name | Mac Address | Architecture | Description | Project | POCS |
---|---|---|---|---|---|---|
10.2.4.117 | fedora4.edb.devlan.net | 00:50:56:85:38:34 | Initial Build environment for DSL routers/modems using buildroot | DieSeL | User #?, User #76213., or User #76204 | |
10.2.4.119 | honeybee | 00:50:56:88:01:D0 | Honeycomb Tool Handler | Hive | User #?, User #76213., or User #76205 | |
10.3.2.206 | hostname-serv | 00:0C:29:82:61:F3 | Old Swindle/Blot proxy between beacons and Honeycomb shown above | Hive | User #76201 | |
10.2.5.2 | hive-builder | 00:50:56:88:29:B7 | i686 | Build environment for Hive with Mikrotik versions of buildroot and patcher | Hive | User #?, User #76213., or User #76212 |
10.3.2.22 | MikroTik | 00:0C:29:F3:C1:4A | Linux MikroTik 2.6.27.21-smp #3 SMPSymmetric Multi-Processor Thu Aug 20 13:57:27 EEST 2009 i686 unknown | Hive | User #? | |
10.3.2.142 | MikroTik | 00:0C:29:8F:6F:1C | Linux MikroTik 2.6.27.39-smp #17 SMPSymmetric Multi-Processor Mon Nov 1 14:48:50 EET 2010 i686 unknown | Hive | User #? |
Legacy Solaris Machines
(Use 10.2.5.7 for compiling Solaris 8)
IP Address | EDB DNSDomain Name System Name | Host Name | Mac Address | System Description | Project | POCS |
---|---|---|---|---|---|---|
10.2.5.4 (iprb0) | solaris9 | PenguinRelion_Solaris9_x86_20052931 | 00:E0:81:24:75:25 | SunOS PenguinRelion_Solaris9_x86_20052931 5.9 Generic_112234-05 i86pc i386 i86pc | Hive | User #? or User #76207 |
10.2.5.7 (eri0) | sparc8 | SunFire280R_Solaris8_2005D177 | 00:03:BA:86:6A:78 | SunOS SunFire280R_Solaris8_2005D177 5.8 Generic_108528-11 sun4u sparc SUNW,Sun-Fire-280R | Hive | User #? or User #76208 |
10.2.5.8 (bge0) | sparc10a | SunT1000_Solaris10_2005C695 | 00:14:4F:21:92:FA | SunOS SunT1000_Solaris10_2005C696 5.10 Generic_118822-26 sun4v sparc SUNW Sun-Fire-T1000 | Hive | User #? or User #76209 |
10.2.5.9 (bge0) | sparc10b | SunT1000_Solaris10_2005C696 | 00:14:4F:21:A8:94 | SunOS SunT1000_Solaris10_2005C696 5.10 Generic_118822-26 sun4v sparc SUNW Sun-Fire-T1000 | Hive | User #? or User #76202 |
10.2.5.10 (e1000g0) | solaris10 | SunV60X_Solaris10_x86_2005A652 | 00:0E:0C:08:A0:D0 | SunOS SunV60X_Solaris10_x86_2005A652 5.10 Generic_120012-14 i86pc i386 i86pc | Hive | User #? or User #76206 |
10.2.5.11 (hme0) | Sun220R_Solaris8_2005D023 | 00:03:BA:14:2D:98 | SunOS Sun220R_Solaris8_2005D023 5.8 Generic_108528-11 sun4u sparc SUNW,Ultra-60 (Solaris 8 02/04) | User #524297 | ||
10.2.5.22 (hme0) | unknown | 08:00:20:A0:7E:38 | Solaris 5.8 (8) Generic_108528-11 sun4U Sparc | Hive | User #?, User #76213., or User #76203 | |
10.3.2.53 (e1000g0) | sol10_x86.udb.net | 00:0C:29:75:EF:E8 | SunOS sol10_x86.udb.net 5.10 Generic_120012-14 i86pc i386 i86pc [Virtual Machine run by User #?] | Hive | User #? |
Solaris Infrastructure
As Solaris server infrastructure is recapped, move above information here.
IP Address | MAC Address | Console Access | Hostname | System Description (uname -a) | Comments | POC |
---|---|---|---|---|---|---|
10.3.2.104 | 00:14:4F:AB:C6:F6 | 10.6.3.104 (ILOM) | solaris-ai | SunOS solaris-ai 5.11 11.1 sun4v sparc SUNW,SPARC-Enterprise-T5120 | Server running two zones for Solaris Install servers | User #524297 |
10.3.2.188 | 02:08:20:93:5C:54 | SunOS aizone 5.11 11.1 sun4v sparc SUNW,SPARC-Enterprise-T5120 | Zone running AutomatedInstaller for Solaris 11.1 | |||
10.3.2.189 | 02:08:20:CF:02:05 | SunOS jumpstartzone 5.10 Generic_Virtual sun4v sparc SUNW,SPARC-Enterprise-T5120 | Zone running Jumpstart Install Server for other Solaris versions |
Miscellaneous Machines and Devices
IP Address | Host Name | Mac Address | System Description | Project | POCS | NOTES |
---|---|---|---|---|---|---|
10.2.5.3 | rx2660 | 0X | HP Unix | Available | User #? or User #76210 | |
10.2.5.4 | unknown | 0X | unknown | Available | User #? | |
10.6.5.101 | ubiquity1.edb.devlan.net | DC:9F:DB:0A:95:31 |
Ubiquity PicoStation M2 HP WiFi access point (terminated) |
Hive | User #76213 |
Admin UID: ubnt Admin PW: ubnt |
DEVLAN Network connections for EDBEmbedded Devices Branch computers within 9E53C
Default Gateway/Root should be set to 10.2.6.1.
DNS NameServers in /etc/resolv.conf should be set to 10.3.1.10 and 10.3.1.11 with "domain devlan.net".
Static IP Addresses (10.2.6.2-10.2.6.100) Reserved for Manual Configuration
- 10.2.6.2, 00:17:f2:09:3f:72, Mac-Linuxs-Mac-Pro.local
- 10.2.6.3, ...
- 10.2.6.4, ...
DHCP Leases (10.2.6.100-10.2.6.254)
- Reserved Leases require contiguous IP Addresses starting from the bottom up (IPAddress, Mac Address, Hostname)
IP Address | Host Name | Mac Address | Box Description | Project | POCS |
---|---|---|---|---|---|
10.2.6.101 | dcs-dev-mba | 10:9a:dd:41:90:ce | DC's Dev Computer (2005P039) | N/A | User #76214 |
10.2.6.103 | todo | todo | Dev Computer | N/A | User #76211 |
10.2.6.190 | DCs-Mac-Pro_2005I481 | 00:25:00:ed:91:f9 | DC's Dev Computer (2005I481) | N/A | User #76214 |