Skip to main content

When a remote installation fails

No covert remote installation of spy software can be guaranteed. Any spy software vendor that guarantees success of remote installations is lying.

In this article I will explain what you could do if your first attempt to install spy software like redpill Detective covertly (without the target user’s knowledge) failed.

There are many reasons why a remote installation of a spy program could fail:
  • The target user could have decided not to open or run the attachment (install module).
  • The target user could have received a warning from his/her anti-virus saying that it is not a known program and asking the user if he wants to allow the program to run. If he chooses not to allow the program to run, the installation will fail.
  • The install module needs to run on a Windows operating system. The target user could have opened the attachment on another operating system (MAC, linux, android).
  • The target computer might be protected by an additional two-way firewall (apart from the standard Windows Firewall) that does not allow for any program to send data over the internet.

What to do if a remote installation fails:

 

Step 1 – Attempt to get the target to run the install module. 

First try and find out why it didn’t work. Email the target user and ask him if he received the photos (or whatever cover you chose) and try to convince him/her to run the attachment.


Step/Phase 2 – Try again
  • Try again but wait a few days … else the target will become suspicious.
  • Create a new alias (new email address) and use a different approach. Choose a topic that you know will appeal to the target (his business, hobby, entertainment interests).
  • Choose a cover application and wording for the application that will work with your new approach.
  • Use a different type of attachment than the first time. Example, if you used an install module embedded in a WordPad file the first time, use a zipped file this time.

Step/Phase 3 – Critter Monitoring Approach

If step 1 and 2 failed you could use the Critter Monitoring approach.
Just a note on where the term 'Critter Monitoring' comes from:
The Critter Monitoring Approach is a term coined by redpill. In the computer game Starcraft, a critter is a neutral unit (alien animal). When you have a Zerg Queen unit you could infect an enemy unit so that you can see what he sees (spy on the enemy). It is however sometimes difficult to infect an enemy unit that is well protected and the infection is easily discovered and ‘healed’.
What you could do is then infect critters close to the enemy as they are easy to infect and their infection is seldom discovered. The critters will walk around undisturbed in enemy territory and the enemy will be unaware that you can see everything that the critter sees. 
The Critter approach in spy software terms works very similar. When you are unable to install spy software on the target computer because the it is a ‘hard target’, you could install on the target’s friends/partners/business associates/etc. that are ‘softer targets’ to get the information you need about the main target.

For example:
If you are expecting infidelity but are unable to install on your spouse’s computer, you could install on the person you expect he/she is having an affair with or his/her best friend. From their correspondence (chats, emails, etc) with your partner, you might be able to get the information you are looking for.

You will be amazed about how much you can find out about a person using the Critter Monitoring method. You could also use Facebook to see who his friends and likes are.

Recently I had to investigate a ‘hard target’ and I was unable to install on his computer. In facebook I couldn’t see who his friends where due to his security settings but I could see his likes … most people would think this is harmless. In his list of likes I saw a company that didn’t have too many likes and from their website I could see it was a very exclusive type of club. Due to legal reasons I can’t give the details of what I did but I could monitor his emails with this company and found the ‘smoking gun’ that the customer was looking for.

Even when I was unable to install on the person’s computer I wanted to monitor, I got the information I wanted by using the Critter Monitoring Approach.

Disclaimer:
Please remember that installing spy software on a person’s computer without their knowledge could be illegal. The training provided in this article assumes that you have legal right to install the software (for example official penetration testing). Do not use redpill spy software illegally.

Comments

Popular posts from this blog

How to remotely install spy software

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product for installing spy software remotely: redpill Hacker
You can also have a look at newer articles with better tools at:
http://spysoftware.redpill.co.za -----------------------------------------------------------------------------------------------
In a previous article we discussed how to get usernames and passwords from other users on a computer you have access to. We will now look at how to install spy software on a computer you do not have access to … even if the computer is on the other side of the world.

Step 1: Get quality Spy Software

You will need quality spy software that can be remotely installed and is not easily detected and removed by anti-virus. There are a couple of key loggers that can be installed remotely, but very few that can secretly be remotely installed.

redpill Detective has been designed to be covertly installed…

Sending a spy program with gmail

To install a spy program remotely you need to email the target an install module. Spy software like redpill Agent and redpill Detective allows you to hide the install module within a 'cover application' . When emailing the target the install module, you will need either zip the file, embed it into wordpad or send it as a link as most email service providers doesn't allow you to add executables (exe's) as attachments.

To see how to send the spy program as a link see 'Installing spy software with a link'.
To see how to embed the spy program in wordpad, see  'How to remotely install spy software'.

Using a zipped file for the attachment can be a problem when either you or your target is using gmail as gmail will block attachments that contain executables even when they are zipped.

There is however a simple solution to the problem:

Add a password to your zip file

In winrar and winzip you can choose to add a password to your zip/rar file. When you add a passwo…

How to get a username and password

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product available: redpill Hacker

You can also see more up to date articles at:
http://spysoftware.redpill.co.za
-----------------------------------------------------------------------------------------------
This article will explain how to get a username and password for an email account like gmail or yahoo or a social network account like facebook.

In this article we will focus on getting a username and password of another user (the target) on a computer that you have access to. In a following article we will explain how to get a username and password from someone that works on a computer that you do not have access to that might be in another part of the world.

Step 1: Install a key logger

You will need to download and install a key logger that is not easily detected by anti-virus software and that is completely hidden and discreet
redpil…