Vault 7: Projects
This publication series is about specific projects related to the Vault 7 main publication.
Epione User Guide SECRET//X1
3.2 (S) Deployment and Collection
• (S) Simply double-click the executable to begin the network characterization.
• (S) The tool runs indefinitely unless terminated or run with the "-s" parameter from the
command-line.
3.3 (S) Post-deployment
(S) After execution, the output will need to be exfiltrated and postprocessed.
(S) Like the config tool, the postprocessor is commandline and expects as arguments, the
input file (encrypted take) and an output filename to dump the xml data. If the filename is left
unchanged, (the default is a date-time stamp with a .dat extension), then you can simply
double-click the postprocessor. Regardless, the decrypted output should be of the same name
with a .xml extension and an additionally dropped stylesheet. Then just open the xml file in a
web browser or your preferred xml-viewer.
(S) Once decrypted and uncompressed, it should look like the following:
SECRET//X1
3
Dumbo-Epione-V1_0-User_Guide_2012-05-24.pdf