Here is a detailed explanation of all the changes made to Remote Hacker Probe (both versions) in V.2.
Added File Menu
A file menu has been added and the “Build” and “Settings” buttons have been moved into the file menu.
Small improvements have been made to the Interface, Improving it.
Added Reflective Loader Client
The new Reflective Loader client is a lightweight client for the Remote Hacker Probe stripped of most features except loading a payload (reflective dll) from the server and injecting it into memory using reflective dl injection.
Read more about the Reflective Loader client here.
Added Reflective Probe DLL
Used to load the Default Probe in memory with the Loader Client. Features such as persistence will then work on the EXE that is used to inject the Loader Client into. By default, Reflective Probe is injected using self injection with
host:port as parameters. If you’re loading manually in another process, Persistence won’t work on it. Although other malware can be uploaded with the Reflective Probe File manager later.
Added Message Box DLL for Testing
Just a normal reflective dll that shows a message box, Used for testing or your pranking purposes.
Added Open URL DLL for Testing
Just a normal reflective dll that opens a url, Used for testing or your pranking purposes.
Added Reflective Loader Build
With a new client, It’s builder is also added.
Added Elevation DLL
This is a Reflective DLL Payload that copies the file it’s injected into a File named “WindowsDefender.exe”, Then triggers UAC prompt as that file. This loop will continue until YES is clicked, And doing so, the file will be executed as Administrator. Which is necessary for the next Feature.
Added Ability to add Windows Defender Exclusions (requires UAC)
This feature allows you to add Windows Defender exclusions. A directory is created in
C:/Users/%USERNAME%/ and adds Windows defender exclusion to that directory. Allowing you to upload Anything to that directory.
Added Ability to view Windows Defender Exclusions (requires UAC)
This feature allows you to view Windows Defender Exclusions. This takes a moment to load though.
Added UAC Column in Main Table
The client’s UAC status is now shown in the main table.
Reflective DLL Injection Improved
Now you can read Reflective DLL Output, Giving you the Power to run anything in Memory.
Added Downloads Tab
A new Tab has been added that shows a list of downloaded files from remote computers.
Downloaded files will now be saved under directory
downloads and downloaded screenshots under
screenshots under directory
Some Icons have been removed to speed up Remote Hacker Probe.