Friday, 20 May 2016

Know your redpill Hacker Payloads

redpill Hacker Payloads

What is a payload?

In computer security, payload refers to the part of malware which performs a malicious action. In redpill Hacker, the payload is attached to an email or a website and is delivered to the target PC. The payload will then secretly perform a specific action like installing a key logger or retrieving documents from the target computer.

Different types of payloads in redpill Hacker

There are different payloads in redpill Hacker and new ones being added with each new release. Some will only take screenshots while another will take screenshots and install a key logger. There is also another that will secretly retrieve all the documents from the target computer.

When you select a payload in redpill Hacker the details of the payload will be displayed to help you choose the right payload for the job.

Select Payload in redpill Hacker
Payloads are grouped into two main categories in redpill Hacker:
  1. Heavyweight Payloads - Does a lot. Takes screenshots, installs key logger and continue to run even after a computer is restarted.
  2. Lightweight Payloads - Only performs a specific tasks and only until the computer is restarted. 
Don't underestimate the Lightweight Payloads

Why would you choose a lightweight payload if it only runs until a restart and only performs a specific task? 

Think of lightweight payloads as the special forces of your army. They do less damage but they can get into places where your conventional forces will not be able to reach.

Lightweight payloads has a very low Anti-Virus detection rate and also bypass the Windows UAC Warning Message. With heavyweight payloads there are ways to deal with the UAC message but it requires a bit more social engineering. 

An example of a lightweight payload is the Document Grabber. It will secretly retrieve all the files in the documents folder (and all sub folders). Depending on what your investigation is all about, this might just be what you need. A lot of computer users store a password file on their computer with a list of their accounts with usernames and passwords.

Remember ...

Don't use redpill Hacker illegally. redpill Hacker should only be used for ethical (legal) hacking, penetration testing and security training.