Installing a Spy Program from a Website

How to deliver a payload from a website that will secretly install a key logger and/or a spy program.

Benefits of using a Payload Website

Payload Websites are very effective at secretly installing a spy program (key logger) onto a target computer. Payload Websites have the highest success rates (if done correctly). There are many advantages to using a payload website instead of emailing the payload:

  • You do not have problems with attachment types being rejected
  • Your payloads are protected against unnecessary virus scans.
  • Most people will not trust a program that is attached in an email but will be willing to download and install a app from a website.
  • The target is expecting to install a program, so will most likely accept the UAC message and even disable his anti-virus if needed because he can see what he is installing and from where.

Sample of a Payload Website

It is easier to create a payload website than what you think. When you use redpill Hacker, you do not require any web development or programming skills as redpill Hacker will create the website for you. Below is a sample website that was created by redpill Hacker in seconds.

installing spyware from a website

You choose the graphics, text and the type of app that can be downloaded.

The Video below shows how a payload website is created. The video uses an old version (version 3, we are now on version 6), but you will get the idea.

Steps to create a Payload Website

  1. Choose your con. Think of an application (program) that your target(s) would want to download and install.
  2. Choose a domain name that will fit in with the App (program) you decided on. You will need to purchase that domain with a Windows Hosting option (you can get this cheap from sites like godaddy).
  3. Your hosting company will provide you with FTP details for your site (or you will be able to create a FTP account from your control panel). Enter these details in redpill Hacker (from the redpill Hacker menu, select 'Resources and Tools' > 'FTP Servers')
  4. Create or edit a Social Engineering template that will fit in with your con. From the redpill Hacker menu, select 'Resources and Tools' > 'FTP Servers'. Template type should be 'Website with Payload'
  5. Create a ZIP payload using the template you created or edited.
  6. Now you just need to create the website. From the redpill Hacker menu, select 'Websites' > 'Payload Websites'. Select your FTP server and fill in the details (as shown below) that will fit in with your con.
How to create a payload website

Tips when creating your website:

Make sure your payload (your app) and your website features and descriptions makes sense. Be careful not to 'oversell' your App. Ridiculous features will make targets suspicious.

If you want to change the background image, make sure the image is large and dark. The text of your website is white, so the background needs to be dark for the text to be clear. You will also notice that the text is mostly on the left, so you could edit the background with a app like PhotoScape and add more text in the background itself if you want.

That is it! redpill Hacker will now create the website for you and upload your payload in seconds.

How to create a website