DOS Attack Explained

DOS Attack Explained Hello folks this is Halla with information leak again with yet another tutorial. This one is on iFrame denial service or bandwidth attacks. This kind of a silly topic but a bunch of people have been asking about like Denial Service Attacks and what they are and how they’re working with have you so. I’m going to figure that explain it and show you a really simple method that’s kind of really annoying and hard to stop. For better or worst I guess. Anyway Denial Service -Attack basically I will show you. I got my little paint open here. All right here’s how it works. You have a computer right. Let’s say that’s my web server and here’s you. So you connect to me and there you go beautiful, right everything is lovely. So, but, what if there was more of you and you were all connecting to me. Well, you’re putting a little bit of load on my server because you are connecting doing whatever you’re doing which is really not a lot of stuff being used up. It’s a teeny little bit overall out of what my computer is capable off and what these guys one, two, three one, two, three, four you know it’s like maybe a little bit more. But as you continue to add more and more people on to the and they continue to connect, you’re using more and more of my bandwidth which is slowing me down more and more and more and using that more and more of my processing power and my available bandwidth that eventually it’s going to fill up from all these different guys that are connecting and what’s going to happen is it’s going to kill me. Not so much kill me as much as now you get somebody here who’s a legitimate user, this is all you let’s say trying to connect to me. Now you get a legitimate user over here who wants to try to connect and they can’t because all of these connections here have already filled up the server, great diagram, and right thank you. Moving on and how you don’t want to save that. So I was going to show you examples but I can’t show you live examples obviously so I’m going to show you an example on this site that I own personally just for this particular situation, this is 631 web design. So this is how this kind of thing works. Check this out. You have a website right here it is and so let’s say well this is an image here and that’s probably a certain size that happens to be 24.23K which is a descent size and so we look around on the website and try to find the webpage that has the most amount of information on it. So that every time we were to reload something it would use the most amount of bandwidth trying to loaded stuff so like here beautiful pictures a whole bunch of them. Now you try one of this pictures are running about 87K, 23 yeah you get the idea plus this one. So this is a good page to mess with. All right so what we do is we copy that page, copy and now we have it. Now what we do is we open up new text document and we do a little HTML here. Now there’s a million different ways to do this but this is one way that’s really easy and it’s like so annoying I cannot explain it to. So anyway what this does is we— we’ll even do this. Width equals five height equals five. So basically, what I’ve done here I don’t know if you have the end of my phenomena if I get right now. Basically, what I’ve done here is middle of the webpage that with in it opens up that webpage that I specified, that I cut and copy and that’s all on a second. Bring this in and this can go. So if you open this up see that little tiny dot of nothing, that is actually contains the page that I put in. So if we were to change the source code to width equals 500 or whatever, and how this 500 and save it and anyone here on refreshed. See the webpage that we specified has been put into the other page that’s the iFrame which means that all these junk is loading inside there which is all kind of cool but what we going to do is we going to change back to five to see and get the idea five and five. Now, I told well and good but what if somebody always to do something like says this. Now that doesn’t seem like a lot of stuff going on, in fact that only even have many it is right now. Let’s count, one, two, three, four, five, six, seven, eight, nine, ten, eleven, and twelve, perfect. We have twelve so that’s a dozen times that, that site is opening eve time I load my one single page here named what it’s name, iFrame. So now what we’re going to do is take that 12 the 12 times it’s opening and turn it into something a little more crazy but before we do that, let’s take a look at the statistics of the site that we’re targeting. Here’s the statistics right here. Okay these are live so today being the 21st which is today as you can see this one it can’t get much traffic that’s why I’m using it as an example right now. We’ve had one visit and that one visit has been 35.35k of stuff we’re going to update it. Okay so we’ve had one visit, my visit and now since we’ve looked to all those other pages and opened all those other pages and what have you. Now, we’re dealing with 559k. Hurrah and we’ve refreshed it again I think that really is it. Yeah 559k so it’s likes the same thing. Now, check this out we go back into the SOS code of the page we wrote and we’re going to use our head a little bit. We’re going to go into head and we are going to make a Meta auto refresh. I know this is so stupid right but it works. You’ll be very surprised. Let’s do every one two five this is for simplicity sake, so here’s what’s going to happen and then in the head and then save it. Now, the second I hit refresh on this page over here. Now these 12 little dots which you are 12 copies of this page are going to refresh every single five seconds, meaning that every five seconds it’s going to open the page 12 times, the only reason I did five seconds is easy Math. So let’s try this shall we, we’re going to hit refresh and just like what watch would happens. So hit refresh, you could see the bar loading on the bottom and loads everything up and it’s loading it five times and then that’s that. Count five seconds, it’s done, you can see on the bottom and then in just a few seconds it should have to do the whole thing and here we go it’s doing the whole thing again. Now you get the idea, I’m using small numbers here that’s just an example and we’re just letting it go. You could even set an iFrame to match this page at the end so where the loop indefinitely, it will always be opening, you can start getting ridiculous with this, you can add as many as you want, you can put this page on your MySpace, you can put this code I your MySpace page and just allow of MySpace this iFrame but you got the idea. The more distributed this thing goes the better. I’m just letting it run for a little bit more and So anyway while this is going let’s check out the statistics, so we’ll update and back to March21st and let’s see what happens. Yeah 994K so far, let’s checks it again, now we’re up to one meg. See and that’s just reloading at the same page over and over and over again. I’m getting board, let’s go faster and let’s do more. Speed up a little bit and just bit it up a little bit and that’s all and here we go look at that. File save, go back to our webpage, refresh it oh actually it will refresh automatically, what am I doing. So you see what’s going on now, see how I have with an height equals five on this iFrame, you can do with an height equals zero and put it on a regular webpage and no one will realize what’s going on I’ll just be a well you notice this iFrame are and you could have an iFrame that equals zero height and with zero targeting an iFrame that attacks like this page that attacks another site and people will have no idea what’s going on it would just sit there and every now and then the little thing down on the bottom would flash if they’ve even noticed and that would be that. Anyway let me shot this off before our hell breaks loose and let’s see what we ended up with update now. So almost two meg so you can see how something this quick this stupid can be that effective, now one of the major things you have to worry about with this is this is why you should not have directory and you should have your directories on listing disabled because if somebody goes around and finds a website, I’m going to look around, I found this one just recently. I’m not going to show you well I must show it doesn’t really I’m not going to show you the URL just because I don’t need anyone close in hell but if you look at the source right and you look around, you can see that the guys get images. All these images are there all the software is there, everything is just right there. So if you will to sit down and make a list of let’s say let’s just do his images for example, these are all his images. So if you just sit down here and copy the links to all of this and had all these open up at once it will be pretty crazy you’ll be bidding the crop out of this pull guys bandwidth or what else do have software and think of us. Oh yes even worst I mean look at the sizes to this files. I mean not that big but have these things every second it opens up 70 times, you basically going to suck the life out of this pull means website. Don’t do that I’m sure that Clint is a Mr. Sprott perhaps, Professor Sprott is a good man and I do not condone attacking his website anyway. So don’t do it be good. In any case I hope I showed you this little pre for concept method. I hope you enjoyed it, hope I’ve explained it thoroughly. This is Halla from information leak available at informationleak.com or .net if you have questions, concerns or mama jokes. Hope you enjoyed the tutorial, until next time information leak for the win in carpe system. Bye, bye.