A new DDoS tool from Anonymous called high-orbit ion canon or HOIC come into light. Attackers are constantly changing their tactics and tools in response to defender's actions. HOIC is an Windows executable file. Once started, you will be presented with the following GUI screen. If the attacker clicks on the + sign under TARGETS they get another pop-up box where you can specify target data.
When you click on the+ button, a new window will open where you can specify following things
URL - is the target website to attack
Power -> sets the request velocity.
Booster - are config scripts that define the dynamic request attributes
HOIC includes a new feature called 'boosters' which are files you download or add to an attack
machine which enables the attacker to manipulate headers such as language, referrer, host, etc.
To launch the attack click on "FIRE TEH LAZER!" button.
The claim is this: LOIC did TCP, UDP and HTTP flooding, but HOIC focuses on HTTP only. HOIC includes a new feature called 'boosters' which are files you download or add to an attack machine which enables the attacker to manipulate headers such as language, referrer, host, etc. This new feature is designed to bypass signature based systems by using a lot of different headers. Additionally, HOIC is supposedly faster.
But is it really an improvement? Overall, not really. There are several reasons:
Problem 1: HOIC seems like a step backwards in terms of usability as it requires
client side installation and complex configuration files. LOIC offered the ability for
people with limited technical skills to perform DDoS--definitely not the case with HOIC.
Problem 2: HOIC is indeed HTTP focused. However, HTTP flood is inherently slower
than UDP flood and simple TCP flood.
Problem 3: Just writing in the tool's description "HOIC is faster" does not make it
faster and certainly does not explain why. As they say in the automobile industry: you
can't judge until the rubber hits the road.
Problem 4: The "boosters" are nothing but configuration files that just allows broader
targeting. HOIC could allow you to diversity DDoS attack, but mostly for pretty
sophisticated users. But as we point out in bullet #2 above, are you really gaining
more in firepower?
The high orbit ion cannon has the following features:
- High-speed multi-threaded HTTP Flood
- Simultaenously flood up to 256 websites at once
- Built in scripting system to allow the deployment of 'boosters', scripts
designed to thwart DDoS counter measures and increase DoS output.
- Easy to use interface
- C an be ported over to Linux/Mac with a few bug fixes (I do not have
either systems so I do
- Ability to select the number of threads in an ongoing attack
- Ability to throttle attacks individually with three settings: LOW, MEDIUM,
and HIGH
Disclaimer: Information provided in this post if for educational purposes only. I hold no responsibly for actions preformed based on the knowledge gained here.
/*Professional Author Box HTML Code*/
About Author:
Evilbot is a young Information System Security Hacker. Evilbot investigates security holes and solves them, and also giving classes about Hacking.
Let's Get Connected: Twitter | Facebook | Google Plus
/*Professional Author Box HTML Code*/
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon