Archimedes is a pro-active capability which facilitates the use of a controlled machine to pivot to another uncompromised target machine that is on the same remote LAN.
There are two basic components to this pivoting technique: the Address Resolution Protocol (ARP) based Man-In-The-Middle (MITM) attack and Transmission Control Protocol (TCP) session hijack for HTTP traffic injection. Specially crafted HTTP responses are sent to the target in response to HTTP requests made by the target by hijacking the TCP session.
Archimedes is used to redirect LAN traffic from a target’s computer through an attacker controlled computer before it is passed to the gateway, enabling the tool to inject a forged web-server response that redirects the target’s web browser to an arbitrary location. This technique is typically used to redirect the target to an exploitation server while providing the appearance of a normal browsing session.
Fire and Forget operation
Graceful, on-demand shut down
Supports HIDDEN_IFRAME, DOUBLE_FRAME html injection methods
Configurable for use on network adapters that have multiple addresses defined
Survey Only mode logs a target’s HTTP requests
Host Whitelist allow specification of a set of exploitable sites
Can be injected as an ICEv2 or ICEv3 DLL
Specify which network PORT to monitor
Identify proxied HTTP request
Inject into proxied connections
Supported Operating Systems:
Windows XP - 32 bit only (Home & Professional)
Windows Vista - 32 & 64 bit (Home Basic, Home Premium, Business, Ultimate)
Windows 7 - 32 & 64 bit (Home Premium, Professional, Ultimate)
System Hardware Requirements:
Processor: Intel x86 compatible, Pentium 4 or newer
RAM: 256MB total system memory or greater
Disk: 20GB disk or greater
Wired Network: 10/100/1000Mbps Ethernet
Wireless Network: 802.11a/b/g/n (optional)
Developed by the CIA Information Operations Center Engineering Development Group
Products sold by OpenVault are for entertainment and educational purposes only. Customer’s are purchasing a physical copy of digital artwork (Software box) and tokenized certificate of ownership of the digital artwork.