Skip to main content

Remotely install a spy program with redpill Agent

We previously explained how to install spy software remotely in our article: How to remotely install spy software. This article used redpill Detective for the spy program and Wordpad as the delivery method. Some of our customers requested that we post an article on how to install remotely using redpill Agent as the spy program with a different delivery method. 

Instructions on how to install with redpill Agent:

Before we begin ...
  1. It is important to remember that no covert (secret, without the user knowing about the installation) remote installation is guaranteed. There are many factors that can cause an installation to fail including the type of operating system the user is using, the anit-virus he is using and if he has an additional two-way firewall installed.
  2. The success of your installation has a lot to do with your ability to convince the target (user you want to monitor) to open the attachment even if he gets a warning that the program is unknown and potentially malware … we will explain how to do this.
  3. Please do not use redpill Agent illegally and always respect people's privacy. Redpill Agent is intended as a tool for legal ethical hacking like penetration testing. 
Step 1: Choose your cover

The target will receive an email with an attachment. He/she needs to open the attachment and run the program (cover application) inside the attachment. It is there for very important that you choose the correct cover application to send the target and convince the target to run the cover application using social engineering

redpill Agent has several cover applications to choose from and even allows you to create your own.  A cover application is an application that gives the impression of doing something while it is actually busy installing the spy program.

It is also important to try and get some information about the target. Let's say we know the target is a self employed contractor who recently did some work for a company called 'The Company'. We will use a cover that the The Company's server was infected with a virus and everyone who received an email from them should 'clean' their computers with a Virus Removal Tool that they will receive from The Company.

Step 2: Create your cover application (Instal module)

Log into your redpill Agent account and select your cover application. As we want to use a virus removal tool we will choose the closest one to that … the Trojan Removal Tool. 

We will now change some wording and the filename so that it will better work for our virus removal tool. You could use a virus name that is currently in the news. For this example we will call the virus XXX and make changes to the cover application settings as below:

That's it. Now just click on 'Download Install Module'.

Step 3: Choose your delivery method

Most email service providers do not allow you to send an executable (exe) as an attachment. You can send the attachment as a link or embed the file into a Wordpad document. For this example we will use a rar file.

You use WinRar to create the rar file. A rar file is similar to a zip file. You need to add a password to the rar file. The reason for this is to reduce the risk of detection by the service email provider like gmail and anti-virus software.

For a password choose something easy as you will need to give it to your target. For this example we used 'xxx'.

Step 4: Email the target

Remember, you need to convince the target to run the attachment. Click on the image below and read the email to see how we used social engineering to convince the target not only to run the attachment but even ignore any warnings he might get!

As your social engineering skills improve you can even convince the target to disable his anti-virus. Remember to tell the user what the password of the rar file is.

Step 5: Monitor the target

You will now start to receive screen-shots and key logs of what the target is doing on his computer. 

For more information on redpill Agent visit:


Popular posts from this blog

Sending a spy program with gmail

To install a spy program remotely you need to email the target an install module. Spy software like redpill Agent and redpill Detective allows you to hide the install module within a 'cover application' . When emailing the target the install module, you will need either zip the file, embed it into wordpad or send it as a link as most email service providers doesn't allow you to add executables (exe's) as attachments.

To see how to send the spy program as a link see 'Installing spy software with a link'.
To see how to embed the spy program in wordpad, see  'How to remotely install spy software'.

Using a zipped file for the attachment can be a problem when either you or your target is using gmail as gmail will block attachments that contain executables even when they are zipped.

There is however a simple solution to the problem:

Add a password to your zip file

In winrar and winzip you can choose to add a password to your zip/rar file. When you add a passwo…

How to remotely install spy software

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product for installing spy software remotely: redpill Hacker
You can also have a look at newer articles with better tools at: -----------------------------------------------------------------------------------------------
In a previous article we discussed how to get usernames and passwords from other users on a computer you have access to. We will now look at how to install spy software on a computer you do not have access to … even if the computer is on the other side of the world.

Step 1: Get quality Spy Software

You will need quality spy software that can be remotely installed and is not easily detected and removed by anti-virus. There are a couple of key loggers that can be installed remotely, but very few that can secretly be remotely installed.

redpill Detective has been designed to be covertly installed…

How to get a username and password

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product available: redpill Hacker

You can also see more up to date articles at:
This article will explain how to get a username and password for an email account like gmail or yahoo or a social network account like facebook.

In this article we will focus on getting a username and password of another user (the target) on a computer that you have access to. In a following article we will explain how to get a username and password from someone that works on a computer that you do not have access to that might be in another part of the world.

Step 1: Install a key logger

You will need to download and install a key logger that is not easily detected by anti-virus software and that is completely hidden and discreet