Dear participants, I contact you with an explanation of what is necessary for organizing a DDoS attack and how to write everything you need? Thanks in advance, I look forward to hearing ...

  • one
    not quite doin me. saw the DDoS architecture of the attack. Participants: 1-attacking 2-demons 3-zombie network. I can not understand how the attacking rakes up demons for themselves and how the demons in turn organize the zombie network. Is this all implemented in one program? and how does the attacker then give the command to start the attack? Thanks for the answer. - Pentium
  • 3
    You'd better ask how to protect yourself from them .. hackers Mlyn = \\ - Vitaly Kustov
  • one
    to be able to defend, you need to know how to attack. Otherwise, build a high-quality protection can not be. - KoVadim 2:21
  • Absolutely agree with KoVadim. The attack is not for mercenary purposes, I assure you. - Pentium

2 answers 2

I will try to seriously answer)

To get started, read everything you find on the botnets. They are usually created by quiet virys who sit, do not touch anyone, and once in N minutes they send a request to the “base”. The base can be one server or several, then requests alternate.

When a task is detected at the base (usually transmitted as a structure, for example, "1/2 / 123.45.67.89: 80/4 / register.php? Save = 1" may mean "task 1 (ddos), method 2 (het) on IP 123.45.67.89 port 80, intensity 4, address /register.php?save=1 "), the bot starts to perform it. Accordingly, there must be handlers for each job. As a rule, for get- and post-attacks, non-cacheable, heavy pages (news, login, user galleries, etc.) are preselected on the site.

In fact, the main difficulties are the writing of the viray (and it is quite difficult to burn them of this kind, because the behavior in "stand by" is not much different from asi) and the organization of the base. The second difficulty is to hide the relationship between the base and you, well, bots and you, but it is easier. Special craftsmen lay the address of the base as a result of a pseudo-random generator, then in case of the fall of the main base all bots will spread to the next address. So when covering the base, the creator cannot be identified, and the bots stupidly change the address and continue to work, then it remains only to loudly call for help from Casper or Spiderman.

Well, respectively, the viruses here will not write to you, but to organize a base on the freehosting is quite possible with the help and heart support of anonymizers, of which there is not a great network, but there are many.

Oh yes, protection)) We protect from pinging by blocking IP more than the limit of Q requests for T sec, from the getta post: lvl1 is the same lock, lvl2 check for the number of identical requests (if the page is specific, and requests are scaled - block, depending from danger, IP or page), lvl3 all heuristics, captcha and so on.

  • thank you so much. but I still have so many questions. if you don't mind answering, I can ask them ... - Pentium
  • @Pentium, I would not say that the pros are in this topic, but you can try) in any case, the only non-standard skill for a progger is bypassing antivirus and virus writing in general. The rest is not bad searched according to the words "server setup", "daemon", "socket" and "botnet", well, it would be nice to know the protocols HTTP, CONNECT, SOCKS4 / 5. - Sh4dow
  • Sh4dow in the end, I should get the software. can you help type of attack is not important, the main thing is that the DDoS attack was well, I think that http flood is more common and easier to write. what do you say? hope for help ... thanks - Pentium
  • one
    Do the ddos ​​in another way, without writing viruses. You can rent a bot there is no network (search the hacker forum) or order the DDoS attack itself (rates by day). It will be cheaper and faster than writing yourself. Well, if you are thinking of writing, then you need to look for a commercial application, because this whole undertaking will not pay off! - org
  • one
    @Pentium, here the software needs a great many) To begin with, isolate the comp - an old (buggy, but working) bundle - Odysseus + FreeCap. Take for development a thread free hosting (ie. + To the software - the server). Find some tiny library with sockets, sort it out and write vir. Actually, I can help on all points except Virya, for I have never done this. Contacts in profile. So yes, I don’t care what you do with it) I love weapons, and who do not know how to use, usually suffers. In this case, note that a good DDoS = a huge fine and / or 5-10 years. - Sh4dow

DDOS . Starting from the second paragraph - the theory. The practice in most cases is to run a ping command or similar. If it is started from several computers - it will be ddos.

For Windows:

  1. ping -n 65000 we write in several consoles. Explanation: In the lower left corner of the keyboard there is a Ctrl button. Moving from it to the right, we find a button that is different from alt, ctrl, fn and the space bar. Most often, four twisted squares are drawn on it. If there is no such button, we throw out the keyboard and buy the next one. This button is called WIN. We press it and, without releasing, R. Win + R. If the OS is Windows, it will open a black screen with gray letters. There we recruit what is indicated at the very beginning. Repeat the item several times without closing the black screen.
  2. First, we collect from the provider. Explanation: the provider (a group of harsh men and, rarely, aunts who do Internet distributions all day), having discovered that pings are coming in from someone in the wild, will first take an interest in the subscriber’s address, then quietly stop distributing Internet to him will wait for the call. The call will answer that it was necessary to read the user agreement, in which it is written in Russian and white that this activity is illegal.
  3. then from the one who was pinged, because it was he who pushed the provider against you.
  4. then from mom, because mom wanted to sit in the internet, and here is such a setup. Yes, and a fine, probably, will be.
  5. ??? // your further fate depends on the severity of 2,3,4, as well as on the number of packets that you managed to send.
  6. PROFIT!
  • four
    Yes, yes, in particular, describe the process of otbrebaniya, I think the question with ddos ​​will disappear by itself =) - Ozim
  • Is done. ^ ___ ^ troll - knes
  • one
    @Qzim, well, you never know, maybe academic interest. * double-trollface * - knes
  • Thank you, smiled :) - metazet
  • 2
    I suspect that "demons" are servers that distribute instructions to zombies. That is, zombies (just infected machines) are connected to the "demons" at a certain interval and see if there are any "tasks" there. If there is - perform. And the command is given very simply - a file with a task is laid out on the servers of the demons (or maybe just a record in the database, and whatever). Is all this organized in one program? theoretically, you can do this, but in practice it is not necessary. Why, what would every zombie have a network control panel? Yes, and extra megabytes. - KoVadim 1:49