[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Arbitrary DDoS PoC



Haha lets all ddos through tor.....and proxies...thats how we speed shit up.
--
tuna
65617420646120706f6f20706f6f



On Mon, Feb 13, 2012 at 14:14, Sanguinarious Rose
<SanguineRose@xxxxxxxxxxxxxxxxx> wrote:
> Ah what a wonderful gem of pure and real research into todays upcoming
> threats. Today is the day we learn to phear sites like xroxy.com
> because God forbid some of those silly kids using their 9001 proxies
> from their 56k dial-ups will over-run google, youtube, facebook, and
> the world! Dear God what will we do?!?!? When will it end! Think of
> the cute kittens you deprive us of evil proxy hackers!
>
> Today is the day I learned hackers can cast magick upon outgoing
> packets through proxies to somehow make them more bigger. I propose
> these are some kind of Christian hackers with God on their side to
> manipulate the very foundational laws of physics and electricity!
>
> Excuse me Mr. Amorim but what God alas do you pray to for this? Is it
> some kind of Christian Magick?
>
> On Sun, Feb 12, 2012 at 9:09 AM, Lucas Fernando Amorim
> <lf.amorim@xxxxxxxxxxxx> wrote:
>> With the recent wave of DDoS, a concern that was not taken is the model
>> where the zombies were not compromised by a Trojan. In the standard
>> modeling of DDoS attack, the machines are purchased, usually in a VPS,
>> or are obtained through Trojans, thus forming a botnet. But the
>> arbitrary shape doesn't need acquire a collection of computers.
>> Programs, servers and protocols are used to arbitrarily make requests on
>> the target. P2P programs are especially vulnerable, DNS, internet
>> proxies, and many sites that make requests of user like Facebook or W3C,
>> also are.
>>
>> Precisely I made a proof-of-concept script of 60 lines hitting most of
>> HTTP servers on the Internet, even if they have protections likely
>> mod_security, mod_evasive. This can be found on this link [1] at GitHub.
>> The solution of the problem depends only on the reformulation of
>> protocols and limitations on the number of concurrent requests and
>> totals by proxies and programs for a given site, when exceeded returning
>> a cached copy of the last request.
>>
>> [1] https://github.com/lfamorim/barrelroll
>>
>> Cheers,
>> Lucas Fernando Amorim
>> http://twitter.com/lfamorim
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/