Wadanda suke sane da labarai a yanar gizo, labaran da suke da nasaba da Anonymous, ayyukansu, za su san cewa shafukan yanar gizo kamar FBI, CIA, Ma'aikatar Shari'a ta Amurka, da sauran manyan shafuka (Interpol, Vatican, da sauransu) sun kasance ba su cikin layi na tsawon awanni da yawa ... don kar labarin ya yi tsayi too
Kamar 'yan kwanakin da suka gabata labari ya fito cewa ana zargin masu gudanar da sanannen gidan yanar gizon Taringa kuma za su fuskanci "adalci" a cikin shari'a. Kuma ayyuka ta Anonymous Ba su jira ba, saboda da sauri sun tafi ba layi (ta hanyar hare-haren DDoS) shafukan gwamnati daban-daban daga Argentina
Amma ... Menene harin DDoS?
Zanyi bayani a sauƙaƙe possible
Kai hari DDoS yana nufin harin na Musun Sabis. Kuma a takaice, game da samun damar dubun dubatar sau zuwa gidan yanar gizo. Watau, idan ni ko ni yanzu mun shiga rukunin yanar gizo na X, wannan yana haifar da wani nauyi (yana sanya uwar garken inda shafin zai yi aiki) ... 100 ko 1000 mutane masu shiga shafin iri ɗaya zasu samar da kaya sama da 10, wannan abu ne mai ma'ana. Da kyau, hare-haren DDoS daidai yake da ɗaruruwan ɗari (miliyoyin) na masu amfani da ke isa ga rukunin yanar gizon ɗaya PER SECOND. A takaice dai, 100.000 da ake zaton masu amfani zasu samu, amma bayan dakika 1 ana ƙara ƙarin ... kuma ana daɗa yawa a kowane dakika. sakamakon? ... mai sauki, akwai lokacin da zai zo lokacin da aikin uwar garken (inda gidan yanar gizon yake) zai kasance da yawa, amma KYAUTA, cewa kawai ya ƙare da RAM, kuma ba zai iya yin komai ba ... kuma wannan abokaina, za su yi gidan yanar gizo yana wajen layi.
Nayi kokarin bayyana shi a matsayin mai sauki kamar yadda zai yiwu hahaha. Wannan shine dalilin da ya sa watakila mafi ilmi na san zasu sami wani kuskure ko daki-daki wanda aka cire, gafarata game da wannan 😉
Yanzu, a nan zan koya muku yadda ake yin waɗannan hare-haren DDoS, ta amfani da kayan aiki da aka haɓaka iri ɗaya Anonymous: LOIQ.
Ee ... akwai LOICmenene ma'anarsa Orarancin Orbit Ion Cannon, kuma ana iya amfani dashi akan Windows, Mac ko Linux. Matsalar ita ce don amfani da shi a cikin Linux, kuna buƙatar shigar da Wine kuma a cikin wannan (a cikin Wine) Windows Net.Frameworks. Wato, don sanya shi aiki a Windows kuna buƙatar yin koyi da LOIC (.exe) a cikin distro din mu. Wata hanyar (wacce ban gwada ba) ita ce ta yin amfani da ɗakunan karatu na Mono.
Ni kaina ba na son ɗayan waɗannan hanyoyin biyu. Ba na son amfani da Wine sosai, kuma ina ƙin Mono ¬_¬… don haka me zan yi a wannan yanayin?
Abin farin, akwai sigar LOIC kira LOIQ (canza daga C zuwa Q) wanda aka rubuta a cikin C ++ ... kuma yana amfani da dakunan karatu na Qt 😀
A sauƙaƙe ...
Mun sauka kawai a .tar.gz, mun zare shi, kuma kawai muna gudanar da loiq file da BINGO !! muna da LOIQ (wanda yake daidai yake da LOIC) buɗe a cikin distro ɗinmu, kuma a shirye muke don amfani 😉… ko !! Suna iya shigar da a .deb kuma voila 😀
Anan ne hanyoyin saukarwa:
LOIQ (Orananan kewayon Ion Cannon a cikin C ++ da Qt) - "Taskar Amsoshi .DEB
LOIQ (Orananan kewayon Ion Cannon a cikin C ++ da Qt) - "Taskar Amsoshi TAR.BZ2
Kai tsaye ina amfani da .tar.bz2, saboda wannan yana ceton ni na girka wani kunshin akan tsarina.
Wato don ni in aiwatar da shi, sai na zazzage .tar.bz2, in kwance shi, in aiwatar.
Zan bar muku umarni wanda zaiyi haka:
- Zazzage fakitin .tar.bz2
- Bude shi.
- Kuma hakan zai baka damar kawai ta hanyar bugawa a wani m «loq»(Ba tare da ƙididdigar ba) sanya aikace-aikacen don su.
cd $HOME && wget http://ftp.desdelinux.net/loiq-0.3.1a.tar.bz2 && bzip2 -dc loiq-0.3.1a.tar.bz2 | tar -xv && mv loiq-0.3.1a .loiq-0.3.1a && sudo ln -s $HOME/.loiq-0.3.1a/loiq /usr/local/bin/
Za a tambaye su kalmar sirri, sai su rubuta ta su danna [Shiga], kuma wannan kenan, babu komai 😀
Bude wani tashar kuma rubuta «loq»(Ba tare da ambaton ba) kuma latsa [Shiga], mai zuwa ya kamata ya bayyana:
Kuma wannan shine LOIQ ... wanda bai fi haka ba ko kasa da haka LOIC amma don Linux, ta amfani da dakunan karatu na Qt.
Don yin hari (Zan yi gwaji tare da sabar aikina na ciki), a cikin filin 1 inda ya ce URL mun sanya yankin (misali, server.domain.com), ko kuma idan mun san IP za mu iya sanya wannan a cikin filin da ke ƙasa, wanda ya ce IP. Da zarar an rubuta bayanan a ɗayan waɗannan fannoni biyu, za mu danna maballin zuwa dama daga filin da ke cewa «Kullewa«. Na gaba, a ƙasa kuma a tsakiyar ana faɗin 10 da ƙasa «Sharhuna«, Thisara wannan zuwa kowane lamba, zan sanya 100. Wannan lambar za ta zama adadin fakitoci / buƙatun da za a yi, kuma dama kusa da (a sama inda ya ce Hanyar) mun zabi HTTP a cikin jerin kasa. Suna da ƙarin zaɓuɓɓuka da yawa, lokacin hutu, kundin adireshin da suke son kai hari, da dai sauransu.
Tunda kawai muna yin gwaji ne, bari kawai mu bar hakan a haka. Na bar hoton yadda abin ya kasance gare ni:
Sannan sannan, da zarar bayanan sun kasance ... kawai suna danna maɓallin mafi girma, wanda ke da wasiƙu masu ban mamaki da yawa hahaha (yana cewa: IMMAH CHARGIN MAH LAZOR)… Kuma harin ya fara 😀
Zan yi anan, kuma a cikin ƙasa da daƙiƙa 5 uwar garken da nake kaiwa hari (Na tuna, sabar daga nan a wurin aiki) zai sami kusan 100% na RAM ɗin da ke ciki, kuma CPUs a kalla ... duba:
Kamar yadda kake gani ... 4CPUs (na zahiri, ba na kamala ba), kuma 2GB na RAM sun tafi ƙasa, uwar garken wajen, babu wani rukunin yanar gizon da ke wurin da aka buɗe, sabis na POP3, sabis na IMAP, komai an sa shi a layi, saboda sabar ba ta da sauran albarkatun don amsa buƙatun da aka yi.
Kuma a tuna, mutum 1 ne kawai ya yi wannan (ni, LOIQ / LOIC guda ɗaya) kuma tare da buƙatu 100 kawai ... Shin za ku iya tunanin fiye da mutane 3000 da ke yin harin DDoS a kan wannan sabar? (ainihin adadi ...)… Na ce, hatta CIA da FBI sun yi nasara 😉
Na bayyana, cewa wannan karatun yana tare da DALILAN ILIMI !!
Makasudin sanya wannan darasin shine yan awanni kadan da bugawa, zamu sake sanya wani darasin kayan aiki da yadda ake samun kariya daga DDoS. Kawai don wannan mun sanya wannan karatun 😉
Sauran bayanai don la'akari ...
Idan zakuyi DDoS (wanda bana gaya muku kuyi hahaha ba), Ina baku shawarar fara karanta Jagoran tsaro mara izini, a can suke bayani game da VPN da sauransu.
Duk da haka. Ina fata kuna da kyau kuma kada kuyi amfani da wannan don dalilai masu cutarwa ... kar ku bari gefen duhu ya shafe ku 😀
gaisuwa
Ba da daɗewa ba duka yan fashin teku da wikileaks sun sha wahalar ddos na hoursan awanni kaɗan kuma yanzu kun zo da wannan.
Na sani ... yi imani da ni Ba na mantuwa da kowane irin bayani, ko kaɗan.
Ban yarda ba (ko da sau ɗaya ne) da abin da ya faru da PirateBay da WikiLeaks, kuma ina sane da cewa Masoya ba su halarci hukuma ko tallafawa ba (bayanan asusun su sun yi magana game da harin, kuma za a gano mai laifin ...).
Idan na sanya wannan darasin, kawai don bada ci gaba ne ga jerin jagororin / karatuttukan akan abubuwan rubutu da muke sanyawa, saboda koyawa mai zuwa zai kasance don samun kariya daga DDoS.
Wannan shine kawai dalilin da yasa na sanya wannan karatun.
Ina fatan wannan ba kuskure bane ...
Ck… aboki, aboki, kuna sa shi kamar na halarci DDoS akan PirateBay O_O…
Hanyar lahira cike da kyawawan niyya …….
Af, kun san ko wanene shi, ya kasance "ɗan tawaye" wanda ya yi ikirari a kan twitter.
Haka ne, kamar yadda intanet ke cike da koyarwa akan DDoS, SQLi, hping3, ambaliyar ruwa, XSS, amfani, da sauransu.
Ee, anan, mun sanya koyarwar DDoS, kuma aniyar shi BA abinda kuke tunani bane ... amma kuma, mun sanya darasi akan yadda ake samun kariya daga irin wannan harin.
Af, waɗancan ƙa'idodin ƙa'idodin dokoki daga koyarwar da marubucin ya gwada (kuma yayi amfani da su) a cikin aikinsa, yana tasiri akan hping3 da LOIC / LOIQ.
Assalamu alaikum aboki
Ni ban goyi bayan irin wannan labarin ba, amma fa. A karshen Anonymous kokarin yin adalci, yana aikata laifi.
Hannaye ba su amsa roƙon ba a bajan a cikin UCI .. Me ya faru ELAV ba sa son zuwa ...
Muna cikin abubuwa dubu biyu. Lokacin wucewa, Ina buƙatar ku bani amsa game da imel ɗin da na aiko muku, saboda lokaci yana ƙurewa kuma ina buƙatar matsawa da hakan ...
Da yawa ba za su ɗauki haƙuri ba don amfani da shi don dalilai na "ilimantarwa" 🙂
Ee, sun fayyace ne saboda dalilan neman ilimi don su watsar da sabar jami'a kamar yadda na fada muku a IRC LOL
Kada kuyi hakan, ku zama mafi alkhairi dasu kuma kar ku basu nishadi 🙂
Kyakkyawan bayani sosai, Na kasance ina sha'awar batun na dogon lokaci amma ban yi bincike mai yawa a kai ba. Jagoran ya bayyana karara, na gode sosai.
0000 OO
... da kuma @ KZKG ^ Gaara sun sami jarabawa daga sabobina zuwa ga sabobinsu jeej… bayani mai kyau, kawai ana amfani dashi ne don dalilai na ilimantarwa, kodayake kamar yadda KZKG ^ Gaara ke faɗi tare da daidaitattun daidaitattun Abubuwan ablesaukaka abin farin ciki ne cewa suna aiwatar da harin DdoS
Gwada shi don ku ga hahaha ... cewa na je can da kaina kuma na doke ku zuwa gidan wuta haha.
Nan da wani lokaci zan buga abubuwan da ake kira anti-DDoS tutorial hehe
Shin kun ma lura da loic's cf? wancan shirin yana amfani da IP ɗin ku na ainihi don aiwatar da harin, kuma duk hanyoyin shiga da IPs suna da rijista akan sabar, wanda ke nufin cewa zaku iya zuwa kai tsaye gidan yari don son wasa juanker.
Ta yaya har ba a sani ba amfani da VPNs, injin zombie ko gidajen yanar gizo don aiwatar da hare-hare ba tare da an gano su da sauƙi ba.
Karanta sakin layi na karshe don Allah ...
A can na bayyana, cewa da farko ya kamata su BA suyi DDoS, kuma kuma idan sun yi amfani da VPN a baya, har ma na sanya hanyar haɗi zuwa littafin tsaro mara suna.
Uffff, mai girma, wannan yana da kyau hehe: P .. Na gode sosai abokina.
PS: jiran kwatancen anti-DDoS na gaba
Na gode!
Ba da daɗewa ba, kawai muna buƙatar ɗaukar hoto don sanya shi a cikin gidan, cewa abubuwan iptables / firewall da muke da su mun riga mun yi amfani da yawa already
venga, todo el mundo a hacer ataques ddos a desdelinux para testear el server
hahaha
gaisuwa
🙂
Shin za ku iya? ... mutum, dole ne ka kasance da mummunan ji, ko kuma za mu yi maka wani abu mara kyau 🙁
magana ce kawai ta izgili ba tare da niyyar laifi ba
🙂
Duba. Zai yi kyau idan suka bamu namu maganin, bari mu gani idan KZKG ^ Gaara zai saurare ni ever
Maigida idan hikima ta dawwama ce hahahahaha
Na yarda da Elav, bana tsammanin sanya irin wannan koyarwar shine mafi nasara a cikin sararin jama'a kamar wannan, ban da ƙarfafa wani don yin wani abu na wauta, zai iya jawo hankalin da ba dole ba (ga kyakkyawar fahimta ...)
Da kyau, dole ne in ƙi yarda.
Bayan haka, koyawa na Linux har yanzu koyawa ne, kuma wannan labarin ba komai bane face bayanai masu ban sha'awa ga kowane mai amfani da Linux (ko yana da amfani ko a'a ya dogara da kowannensu). Loic a cikin shagunan sayar da littattafai na Qt? Ni, aƙalla, ban san shi ba kuma yanzu na sani.
Lallai. Ni, kamar kowane (ko aƙalla yawancin) masu kula da hanyar sadarwa, dole ne su kasance masu kirkirar abubuwa koyaushe, koya game da sabbin nau'ikan hare-hare da sauransu. Da zarar na karanta kuma na sami LOIC, sai na fahimci cewa sanya shi aiki a kan Linux matsala ce sosai, to (bayan watanni) na sami LOIQ, kuma ina tsammanin abin ban sha'awa ne a raba wannan.
Kari akan haka, babban manufar wannan sakon ba wani bane illa don bayar da sarari ga wanda muka sanya kusa da wannan, na tsaron anti-DDoS.
Gaisuwa aboki 😀
Hehe cewa mai ban sha'awa ne daidai a cikin jami'a ina ganin wannan batun abubuwan da suka faru na DDoS idan sun buga wannan kafin in ƙara wannan a matsayin wani ɓangare na misalin bincike na XD, kyakkyawan bayani, gaisuwa.
Muy buena entrada con muy buena información bien explicada para todo linuxero,yo en mi punto de vista siempre he pensado que este tipo de trabajos o pruebas de pentest se deben hacer desde Linux o algún Unix ya que Windows no me convence por tanto virus y otras cuestiones ,en Unix podemos hacer un netstat un tcpdump y vemos bien lo que estamos haciendo y por donde lo estamos haciendo.
Wani shiri mai ban sha'awa ko mafi kyawun kayan aiki shine wannan rubutun da aka rubuta cikin perl
slowloris
http://ha.ckers.org/slowloris/
Mai ban sha'awa sosai ga
Apache 1.x
Apache 2.x
dhttpd
GoAhead WebServer
A kan batun, yana da kyau a san yadda hare-haren suke aiki don fahimtar yadda tsaro ke aiki tunda wannan zai kara koya mana ne kawai, kuma wannan ma za mu yi shi ne kawai ga shafukanmu don gwaji tunda wani al'amari shi ne ip.
Gaisuwa 😀
hi, na bi koyawa:
cd $ GIDA && wget http://ftp.desdelinux.net/loiq-0.3.1a.tar.bz2 && bzip2 -dc loiq-0.3.1a.tar.bz2 | tar -xv && mv loiq-0.3.1a .loiq-0.3.1a && sudo ln -s $ HOME / .loiq-0.3.1a / loiq / usr / local / bin /
amma lokacin ƙoƙarin gudanar da aikace-aikacen:
tushen @ ubuntu: / usr / na gida / bin # ls
loq
tushen @ ubuntu: / usr / na gida / bin # loiq
yana jefa ni kuskuren mai zuwa:
tushen @ ubuntu: / usr / na gida / bin # loiq
loiq: kuskure yayin loda ɗakunan karatu: libQtGui.so. 4: ba zai iya buɗe fayil ɗin abu ɗaya ba: Babu irin wannan fayil ɗin ko kundin adireshin
wanda na iya kuskure daga abin da na fahimta ba za ku iya buɗe abin fayil ɗin da aka raba ba
Ba a sami kuskure ba a tsarin girke-girke, daki-daki shi ne cewa ba a sanya ɗakunan karatu na Qt masu muhimmanci don gudanar da aikace-aikacen ba a kan tsarinku. Kamar yadda abokin zama na Gara yi amfani da KDE, ba shi da wannan matsalar, ba tare da maimakon yadda kuka yi amfani da Gnome (GTK) kun sami "kuskuren" ba. Abun takaici a wannan lokacin bana amfani da Ubuntu / Debian akan kowace kwamfutar tawa don haka ba zan iya gaya muku abubuwan kunshin da ake buƙata don gudanar da aikin daidai ba :(.
@Gara kuna amfani da Debian, zai yi kyau idan kun fadada labarin don shawo kan wannan matsalar ...
Gaisuwa 😉
Kuskurena, yi haƙuri ... Ya kamata in bayyana wannan da ɗan ƙaramin ƙarfi.
Ya faru cewa LOIQ, kamar yadda na fada a cikin gidan, an rubuta shi tare da ɗakunan karatu na Qt, wannan shine… KDE, don haka idan kuna amfani da Gnome (Unity, Kirfa), Xfce ko wani yanayi wanda ba KDE ba, wannan zai faru da ku.
Don kar a rikice da yawa, gwada .deb 😉
Gaisuwa da kowace irin matsala anan shine zamu taimaka.
«Kuma ka tuna, wannan mutum 1 ne kawai ya aikata (ni, LOIQ / LOIC guda ɗaya) kuma tare da buƙatu 100 kawai ... Shin za ku iya tunanin fiye da mutane 3000 da ke yin harin DDoS a kan wannan sabar? (ainihin adadi ...) ... abin da aka fada, hatta CIA da FBI sun yi nasara »
Menene harin da aka kai akan hanyar sadarwar ku na gida zai yi da harin da aka kai ta Intanet? Duk da haka dai ... magana ba tare da wata ma'ana ba ... babban blog huh 🙂
Sannun ku da zuwa 😉
Tabbas babu komai, su kafofin watsa labarai ne guda biyu daban. Na faɗi abin da kuke faɗi a cikin sharhinku, don mai ƙarancin ƙwarewar mai amfani ya iya samun masaniyar abin da za a cimma, duba (kuma karanta a cikin 'yan kalmomi) abin da aka yi magana game da shi a farkon post ɗin, saboda ban yi nufin cewa wannan kawai ba ne moreaya daga cikin post na ka'idar ka'ida.
… Daidai, Bani da masaniya 😀
Shin zaku iya kasancewa idan kuna da kirki, ku bayyana min menene ko kuma inda nayi kuskure ko na faɗi wani abu ba daidai ba? Ka sani, mu sababbi muna da saurin yin kuskure 🙂
Na gode a kowane hali
Na gode da ziyarar ku da tsokaci, Ina jiran amsarku ^ - ^
@perseo, @ garaa gra .grax don bayanan na gwada kuma ina gaya muku yadda abin ya kasance ……
Gafarta dai abokina ka cire ta daga tashar wacce umarni zan yi amfani da ita? '
Idan kun girka ta amfani da .DEB, kawai kuna bincika kunshin ta amfani da Synaptic, ko amfani da:
binciken apt-cache loiq
Sannan ɗauka an kira kunshin: loiq
Wannan zai isa a share shi:
sudo apt-samun purge loiq
gaisuwa
Barka dai, barkanmu..mai sha'awar labarin… amma a matsayin ɓangare na biyu zai yi kyau a san yadda ake obfuscate ip ɗin don kada ya ƙare a gaban kotu. Jiran darussanku, malami kuma mai yiwuwa ƙarfin ya kasance tare da ku.
Na yi fice out. neman wani anti farmaki koyawa Na sami wannan…. Ba na faɗuwa daga mamakina ba, jarumi yaro ...
Uy ee Uy haka ne… Mu legion ne, ba a san mu ba ..
Barka dai, yaya sunan shirin inda kuke kallon buƙatun HTTP da zirga-zirgar da LOIQ ya samar?
Barka dai malamai, kuyi hakuri da wannan matsalar amma hanyar haɗin ta rage, shin wani zai iya kyautatawa wanda zai sake loda shi?
Ni sabo ne ga Linux, amma na yi ƙoƙari sosai.
PS: Shin wani ya san ainihin abin da ya san abin da ya sani don aiki a cikin tsaron kwamfuta?
saboda zan so shiga wannan kyakkyawan yankin,
kuma waɗanne harsuna ne suka fi dacewa da wannan duniyar?
Atte: Na gode ƙwarai.