How to do a DDoS Attack?
In this post I will try and address all the basics of a DDoS attack and how to launch your very own small attack. After a series of targeted attacks performed by the infamousAnonymous group, this word has been on the news for quite a while now.
DDoS is a form of organized attacks from various computers targeting a server by overloading it.This is usually done by sending huge number of useless packets packets to the remote website.
For instance, I had written some PHP code that sends the same information onto my SQL server over and over again.As a result, my webhost was taken down (accidentally) in a few minutes by a mere bug in my code. As an experience, I've made sure, I always use a good hosting provider with a good firewall for this very reason.
Below is a simple command to understand how DDoS attacks work.
To put it in simple words, the geeks sitting behind those server are just smarter than you. :) If I were to launch an attack from my computer, they would immediately be warned by a few small checks done by their firewall.As a result, any pings made from my computer will be identified as a potential treat and hence,blocked.
Usually, the best DDoS attacks are performed by millions of computers (usually, which have been hacked by a hacker by RATs or Worms) simultaneously to take down the best of the government websites.Such organized attacks have been performed successfully in the past by 'Anonymous'.
This open source tool coded in C# was used by Anonymous during the attacks of Project Chanology.This tool attempts to DDoS the target site by using all its bandwidth, sending TCP, UDP, or HTTP requests to the server until it crashes.
Download: http://sourceforge.net/projects/loic/
Usage Instructions:
What is DDoS Attack?
DDoS is a form of organized attacks from various computers targeting a server by overloading it.This is usually done by sending huge number of useless packets packets to the remote website.
 |
| A representation of DDoS Attack - Courtsey: Cisco |
For instance, I had written some PHP code that sends the same information onto my SQL server over and over again.As a result, my webhost was taken down (accidentally) in a few minutes by a mere bug in my code. As an experience, I've made sure, I always use a good hosting provider with a good firewall for this very reason.
Sample Attack
Below is a simple command to understand how DDoS attacks work.
- This is a batch file. Save it as .bat
:astartgoto a - Now, before you run this, its better you save your files because this is mostly likely going to crash your computer.
- This happens because this little sucker is going to continuously create copies of this file.
- By this, you actually create useless tasks in your computer's RAM hence hogging up your resources.
Why doesn't my DDoS attack crash a Server?
To put it in simple words, the geeks sitting behind those server are just smarter than you. :) If I were to launch an attack from my computer, they would immediately be warned by a few small checks done by their firewall.As a result, any pings made from my computer will be identified as a potential treat and hence,blocked.
Usually, the best DDoS attacks are performed by millions of computers (usually, which have been hacked by a hacker by RATs or Worms) simultaneously to take down the best of the government websites.Such organized attacks have been performed successfully in the past by 'Anonymous'.
Types of DDoS Attacks.
- DDoS by Ping Flood - Start up your server. And type in the ping command
This will repeatedly ping a server till your server crashes or this gets tired.In this case, I've used localhost.You could also ping a remote address provided an IP address.By default the ping will send 32bytes of data to the server, so you must change this to a bigger number. The maximum is 65,500bytes, so that is what we used.If you send a server any number higher than 65,500bytes it will instantly crash. This is called "Ping of Death".ping -t -a -l 65500 localhost - DDoS by Reloading - This requires a bit of knowledge of PHP and HTML forms. Basically, you create a GET/POST method to remote webpage of the server. Then, when you run the .php page, the browser will ask you to re-load the page.Reload it and continue till its down. There are severals methods to automate this task, google will be your friend here.
- + other gazillion methods!
Low-Orbit Ion Cannon
This open source tool coded in C# was used by Anonymous during the attacks of Project Chanology.This tool attempts to DDoS the target site by using all its bandwidth, sending TCP, UDP, or HTTP requests to the server until it crashes.
Download: http://sourceforge.net/projects/loic/
Usage Instructions:
- Open LOIC.exe and fill out the below information.
- IP or URL = IP or URL that you wish to DDoS.
- TCP / UDP message = information being sent, just write something random. Or leave it as default.
- Port = Server's port.
- Method = Server's Method, leave as TCP if unknown.If you are gonna try to take down a website then use HTTP.
- Speed = set to "<= faster".
- Threads = How many users it should simulate, the higher the number the faster it will crash. Set to 10,000. Note that this might make your computer lag, if so, set to a lower amount.
- Click on "IMMA CHARGIN MAH LAZER".This starts your the program.
No comments:
Post a Comment
Thanks for your Comments we will soon reply you if you have any queries.
By Hacking Group of SAR