lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 13 Feb 2012 15:52:32 -0500
From: Terrence <secretpackets@...il.com>
To: Sanguinarious Rose <SanguineRose@...ultusterra.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Arbitrary DDoS PoC

Haha lets all ddos through tor.....and proxies...thats how we speed shit up.
--
tuna
65617420646120706f6f20706f6f



On Mon, Feb 13, 2012 at 14:14, Sanguinarious Rose
<SanguineRose@...ultusterra.com> wrote:
> Ah what a wonderful gem of pure and real research into todays upcoming
> threats. Today is the day we learn to phear sites like xroxy.com
> because God forbid some of those silly kids using their 9001 proxies
> from their 56k dial-ups will over-run google, youtube, facebook, and
> the world! Dear God what will we do?!?!? When will it end! Think of
> the cute kittens you deprive us of evil proxy hackers!
>
> Today is the day I learned hackers can cast magick upon outgoing
> packets through proxies to somehow make them more bigger. I propose
> these are some kind of Christian hackers with God on their side to
> manipulate the very foundational laws of physics and electricity!
>
> Excuse me Mr. Amorim but what God alas do you pray to for this? Is it
> some kind of Christian Magick?
>
> On Sun, Feb 12, 2012 at 9:09 AM, Lucas Fernando Amorim
> <lf.amorim@...oo.com.br> wrote:
>> With the recent wave of DDoS, a concern that was not taken is the model
>> where the zombies were not compromised by a Trojan. In the standard
>> modeling of DDoS attack, the machines are purchased, usually in a VPS,
>> or are obtained through Trojans, thus forming a botnet. But the
>> arbitrary shape doesn't need acquire a collection of computers.
>> Programs, servers and protocols are used to arbitrarily make requests on
>> the target. P2P programs are especially vulnerable, DNS, internet
>> proxies, and many sites that make requests of user like Facebook or W3C,
>> also are.
>>
>> Precisely I made a proof-of-concept script of 60 lines hitting most of
>> HTTP servers on the Internet, even if they have protections likely
>> mod_security, mod_evasive. This can be found on this link [1] at GitHub.
>> The solution of the problem depends only on the reformulation of
>> protocols and limitations on the number of concurrent requests and
>> totals by proxies and programs for a given site, when exceeded returning
>> a cached copy of the last request.
>>
>> [1] https://github.com/lfamorim/barrelroll
>>
>> Cheers,
>> Lucas Fernando Amorim
>> http://twitter.com/lfamorim
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ