It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Is Anonymous testing a new DDoS tool?

page: 1
11
<<   2  3 >>

log in

join
share:

posted on Aug, 3 2011 @ 05:30 PM
link   

Is Anonymous testing a new DDoS tool?


gizmodo.com

Anonymous may abandon its current DDoS tool LOIC and develop a more powerful replacement to protect hackers from detection. LOIC was effective in Operation Payback, but it's also the reason hackers have been identified and arrested.

The new tool, supposedly called #RefRef, will use Javascript and SQL to attack a target website and use the site's own processing power against it. RefRef will be platform independent so it can be used off any device that supports Javascript including mobile phones.
(visit the link for the full news article)


Related News Links:
www.thehackernews.com




posted on Aug, 3 2011 @ 05:30 PM
link   
I'm pretty impressed with this new tool. A 17 second attack from a single machine took pastebin offline for over 40 minutes. Enough people using this will be able to cripple some bigger targets and if it truly keeps users Anonymous then it is going to be a powerful addition to the arsenal. Script kiddies rejoice!

I understood how LOIC worked, but am having a bit more trouble getting my head around this one. If any of the membership could maybe explain it in laymans terms it would be greatly appreciated.

I'm worried that as Anonymous grows in strength and notoriety our freedoms are going to be slowly but surely eroded. Hopefully this wont be the straw that breaks the camels back.

gizmodo.com
(visit the link for the full news article)



posted on Aug, 3 2011 @ 05:34 PM
link   
yes, we're coding powerful new toys
But dont say we didnt warned you



posted on Aug, 3 2011 @ 05:40 PM
link   
reply to post by AnonymousVan
 


If there was some sarcasm there (Im assuming with the eyeroll guy) I really missed it. What are you trying to say?



posted on Aug, 3 2011 @ 05:42 PM
link   
Our freedoms are already slowly but surely being erroded. It's been going on for way longer than this movement. Censorship has been around for as long as we've been publishing anything. (cough*bible*)

People can blame Anonymous if they want, but thats just the current scapegoat.

That "looking for someone to blame" makes "people" the problem.
If they blame Anonymous, they don't have to take any responsibility for sitting down and shutting up.

I also believe the only reason anyone wants to know "the real identities" behind the movement, is because its hard to lynch a word.


edit on 3-8-2011 by Forevever because: better wording




posted on Aug, 3 2011 @ 05:44 PM
link   
reply to post by Domo1
 


Don't quote me on this, but I may understand how this works.

It most likely uses the SQL database to route the actions of the _javascript, creating a mass of bots that will be hosted on this database (each bot being a simple entity similar to your individual account on this site). Therefore there will most likely be a physical server, separate from your isp or machine, that is executing the "attacks".

If this is true, BEWARE: It will be at the discretion of the owner of this SQL database whether they keep a record of IPs connecting or not. So while your IP will be anon to the victim, the database may or may not have records of your actions. Yet another issue of Anonymous being Anonymous .


edit on 3-8-2011 by EmVeeFF because: (no reason given)



posted on Aug, 3 2011 @ 05:45 PM
link   
reply to post by Domo1
 


absolutely no sarcasms here, we're serious
yes, we coded new powerful toys, the medias keep calling us script kiddies, good, so this way they never saw this one comming.

We warned many times, but nones took the threat seriously, so now its time to kick in gears abit faster and show our new toys.



posted on Aug, 3 2011 @ 05:46 PM
link   
Who really cares? Summer will be over soon and the kiddies will be back in school and we won't hear from them for a while.



posted on Aug, 3 2011 @ 05:47 PM
link   
reply to post by EmVeeFF
 


aaah glad to see someone a bit educated

Yes, the methodology is somehow similar, but we really tweaked it with multiples abilities for masquerading



posted on Aug, 3 2011 @ 05:48 PM
link   

Originally posted by AnonymousVan
reply to post by Domo1
 


absolutely no sarcasms here, we're serious
yes, we coded new powerful toys, the medias keep calling us script kiddies, good, so this way they never saw this one comming.

We warned many times, but nones took the threat seriously, so now its time to kick in gears abit faster and show our new toys.


Oh noes, they will destroy all the Internets!

I wonder how long it will be till the Pentagon creates the eNuke for mutually ensured destruction? (Or contract Apple, the iNuke
)



posted on Aug, 3 2011 @ 05:50 PM
link   

Originally posted by AnonymousVan
reply to post by EmVeeFF
 


aaah glad to see someone a bit educated

Yes, the methodology is somehow similar, but we really tweaked it with multiples abilities for masquerading



But can you address my issue; how will the operators know the database isn't owned or controlled by an untrustworthy entity?

Maybe find a way to host the SQL through a mass P2P platform? (is that even possible? what am I thinking, Anon delivers
)
edit on 3-8-2011 by EmVeeFF because: (no reason given)



posted on Aug, 3 2011 @ 06:21 PM
link   
reply to post by Domo1
 


It's about damn time.

I have no idea why they don't just use Xerxes.

ETA: You don't even need a botnet or anything. One computer can DOS a site on it's own. I thought DDoS was played out...

edit on 3-8-2011 by SpringHeeledJack because: (no reason given)



posted on Aug, 3 2011 @ 06:29 PM
link   
reply to post by SpringHeeledJack
 


I'm pretty sure the ideology behind DDoS is that with enough people participating, there is less risk and responsibility to the individual.


And I would REALLY appreciate an answer to the above question. I'm on the fence as to whether DDoS attacks are hurting or helping the liberation cause, but knowing your own weaknesses is a far more valuable thing than knowing your enemy's...
edit on 3-8-2011 by EmVeeFF because: (no reason given)



posted on Aug, 3 2011 @ 06:33 PM
link   
reply to post by EmVeeFF
 


Makes sense.

Just seems to me that Anonymous is creating something that already exists. If in fact, the members here are posting facts and not pure speculation or made-up fairy tales.

Which begs the question: Why?
We saw the results of LOIC. Mass arrests.
What exactly is being coded into this new tool that others don't have?
I'm not one to go after Anonymous but in this case, I am. There is no way at all to know the origin of this weapon and what it consists of unless you know how to take it apart and investigate. Most that are using it won't.

If I may make a prediction: More mass arrests will follow.



posted on Aug, 3 2011 @ 06:36 PM
link   
reply to post by SpringHeeledJack
 

the Xerxes source code is ten times cheaper than what we recently created,,im serious
For infos, xerxes is a tool we coded at first, then discarded it to build a better weapon

The code im publishing is only for educational purpose and totaly incomplete, so dont try to compil it kids
it cannot work if incomplete.

for thoses who know coding, just look and tell me its not a cheap code

Xerxes, yeah sure, a bit pretentious too

fprintf(stderr, "[Connecting -> %s:%sn", host, port);
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if((r=getaddrinfo(host, port, &hints, &servinfo))!=0) [
fprintf(stderr, "getaddrinfo: %sn", gai_strerror(r));
exit(0);
]
for(p = servinfo; p != NULL; p = p->ai_next) [
if((sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) [
continue;
]
if(connect(sock, p->ai_addr, p->ai_addrlen)==-1) [
close(sock);
continue;
]
break;
]
if(p == NULL) [
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "No connection could be maden");
exit(0);
]
if(servinfo)
freeaddrinfo(servinfo);
fprintf(stderr, "[Connected -> %s:%s]n", host, port);
return sock;
]

void broke(int s) [
// do nothing
]

#define CONNECTIONS 8
#define THREADS 48

void attack(char *host, char *port, int id) [
int sockets[CONNECTIONS];
int x, g=1, r;
for(x=0; x!= CONNECTIONS; x++)
sockets[x]=0;
signal(SIGPIPE, &broke);
while(1) [

PS :mods, i posted an INCOMPLETE code so dont come here accusing me of pushing people into hacking

edit on 3-8-2011 by AnonymousVan because: (no reason given)



posted on Aug, 3 2011 @ 06:38 PM
link   

Originally posted by EmVeeFF
And I would REALLY appreciate an answer to the above question. I'm on the fence as to whether DDoS attacks are hurting or helping the liberation cause, but knowing your own weaknesses is a far more valuable thing than knowing your enemy's...

No one is physically "hurt" by a DDoS attack.
They're done to draw attention to the group, so that they have a platform for their message.

Its just a way to get into play with the MSM


I have absolutely no doubt that they could do real damage if they wanted to.



posted on Aug, 3 2011 @ 07:00 PM
link   
What "Mass Arrests" are you talking about?
They got 20/30 people tops...
Go check Syria for Mass Arrests....
Or Egypt
Or...
Or...
You get the idea...



posted on Aug, 3 2011 @ 07:03 PM
link   
reply to post by EmVeeFF
 


What if you connect thru TOR? If I was into this kind of thing I would find a free wifi hotspot and launch from there.

This sounds like an impressive "weapon".
edit on 3-8-2011 by cripmeister because: (no reason given)



posted on Aug, 3 2011 @ 07:11 PM
link   
reply to post by drakus
 


I'm not here to argue definitions or semantics with you. If you can get on ATS, you can get to a search engine.

Not a single arrest is acceptable. This new tool should come with a bold warning and step-by-step guide.



posted on Aug, 3 2011 @ 07:51 PM
link   
I read the full story on www.thetechherald.c... om


Given that the tool leverages exploits to work, it is likely that its code will be reversed, and patches made available to the various SQL platforms. However, patches will need to be applied if the issues targeted by this new tool are to be properly addressed.


Also,


Most of those calling for the replacement of LOIC do so because of how it cannot hide the person launching an attack, much to the amusement of federal law enforcement. However, #RefRef still relies on a person attempting to hide themselves before using it. So while there is a stronger impact for a given attack, it isn’t really hiding anyone.





edit on 3-8-2011 by cripmeister because: (no reason given)



new topics

top topics



 
11
<<   2  3 >>

log in

join