Hi All,
Want to have a look at the tools which Jester (the one who did a Ddos distributed denial of service) attack against Wikileaks ?
just go :part-1
xerxes in action The tool used to Ddos Wikileak
Want to have a look at the tools which Jester (the one who did a Ddos distributed denial of service) attack against Wikileaks ?
just go :part-1
xerxes in action The tool used to Ddos Wikileak
Xerxes DOS Attack from Infosec Island on Vimeo.
This is demonstration of a XerXes DoS Attack in action against atahadi.com
Whats new from the first demo video is that more is revealed about the attack technique.
See for yourself : part-2
This second video of XerXeS shows more of the XerXeS dashboard, and reveals even more about the attack technique – It's an Enhanced version of XerXes able to dos secured Apache servers !
Take a look at 02.25 when he sets up the target server:
XerXes can now affect multiple server flavors – some still more are under development.
This time he dropped a Secured server which is supposed have the Apache setup that is impervious to a XerXeS hit.
Denial of Service (DoS) Attacks
The basic premise to this attack is that by sending (but never fully completing) numerous requests to Apache, one could get the Apache process to consume all system resources and stop serving up the actual web content.
Exploitation
The Apache vulnerability is only the beginning, Xerxes will be able to hit IIS in the future.
DoS or DDoS ?
The attack is performed on a single low-spec computer, and while The Jester sends relatively few packets from his own machine, the attack results in brief outages of the target site.
So he is not using any intermediaries or botnets, sorry for having wrote DDoS in my first post xD
You surely can follow Jester here:
http://twitter.com/th3j35t3r
It's working only in windows servers in IIS only , Now the tool under development for apache in linux .
It's working only in windows servers in IIS only , Now the tool under development for apache in linux .
No comments:
Post a Comment