Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Owner: User #20251227
Project Overview
Current Status
Current Activities:
- Project Management
- setting up JIRA project (e.g., components, initial Epics, rough backlog)
- arranging meeting with user(s) to discuss expectations
- Defining initial "points of emphasis" to discuss
- setting up wiki space
- creation of rough, event-based project "timeline"
- review of similar projects
- expectations
- performance
- architecture
- best practices / tradecraft
Useful Pointers
Stash: https://stash.devlan.net/projects/KRAK
Jira: https://jira.ioc.local/projects/KRAK/summary
Components/Architecture
Client - The component that resides on a target and does things. Communicates with a (paired) Listener.
Listener - The component that communicates with multiple (paired) Clients and the Manager. The Listener functions mainly as a "translator" for messages/commands between the Manager and a given client.
Manager - The component that communicates with the Listener, User Interface (UIUser Interface), and data store(s) (e.g., database). The Manager is responsible for noting the commands of a user and tasking/managing collections of clients via associated Listeners so that a user can achieve desired goals.
User Interface (UIUser Interface) - A Command Line Interface (CLICommand-Line Interface) via which a user describes the actions that clients should take and, additionally, what data (historical & current) should be displayed.
Conventions
a) All code comments, etc are Doxygen style, and Doxygen will be used to generate developer docs. This is for both the Python & native components.
b) Ideally, there should be dev/build VMVirtual Machine image(s) under config management of some sort and the details on how they were built/modified so that they can be reproduced.
c) Git & Stash for version control
d) Ideally, given proper utilization & organization of this wiki space, some of the wiki pages in this space will end up as product (user) documentation.
e) Python 3 w/ spaces, no tabs.
f) Story points are based on binary escalation... 1, 2, 4, 8, 16, 32
Event-Based Project Timeline
- Get & clarify expectations. Primarily:
- UI/UX
- Workflow
- Client Functionality
- Create Mock-Up of UI/UX and get in User's hands in order to generate feedback. The UIUser Interface / UXHP Unix development will be done in an iterative manner and go through at least two cycles.
- What information to display & when
- Workflow: display info about what activities, when, in what order, and with what syntax
- Define and Document Interfaces:
- UI/UX <-> Manager
- Manager <-> Listener
- Listener <-> Client
- Implement a functioning Mock Client
- Implements full binary command protocol between Listener & Client
- may implement crypto layers
- must function in such a way as to communicate & generate messages as a native client would.
- Implement Listener
- Implement a functioning Mock Manager so as to communicate with Listener
- Design the Manager, datastore(s) and interactions with same.
- Implement an initial UIUser Interface / UXHP Unix (i.e., one which has a complete command set, but that doesn't interact with the non-existent manager)
- Implement Manager
- Implement Final UI/UX
- Write Initial draft of user documentation based on Final UI/UX
- iterative review of user documentation
- Implement Native Client
- Utilize unit testing framework to make regression testing simple as features are added
- Write final docs / training materials
- Provide for final testing