DDoS and DoS attacks have become a common trend over the internet in the past few years. Hackers use DoS, the Denial of Service attack, to send an uncontrollable amount of requests to a server, resulting in overflooding the server, that eventually causes it to go offline. Using this same on multiple computers is known as DDoS also referred to as the Distributed Denial of Service. DDoS, in every aspect is the most dangerous as well as one of the common and easiest form of hacking attacks adopted by hackers to take down a server.
Web hacking, even though unethical, is one of the most lucrative industry in the world. While a portion of people hack for the fun of it, there are others, who pursue it professionally. A hacker’s usage of skills varies from website to website and the same is the case for DDoS.
For a hacker to perform DDoS, he/she first requires to create a virtual a. This army is Malware, the BotNet army, installed on multiple computers at one time. Doing so creates an autopilot attack on a targeted website’s IP address, thus damaging it.
There are many methods of using DDoS to crash a website’s IP and they are discussed in detail, below. Let’s see how these methods work.
Use Command Prompt- manual Procedure
- To start out with this procedure, find out a small and compatible website that you can use to initiate your attack using DDoS.
- Your next step is to fetch the IP address of this website by using the command below on your DoS screen.
ping www.example.com –t
- This will fetch you an IP address in the following format
All these “x’s” ,represent numbers.
- After retrieval of IP address, next go ahead and type the flowing command
ping [ip address] -t -l 65500
- Run The Command For Long Time
Now run this command for a long time, preferably for several hours. If feasible use multiple computers to execute this command simultaneously
- Visit Website After Few Hours
- You will see that message that “the server is unavailable” or “temporarily down.” Hence, you have successfully been able to Crash a website as you wanted.
LOIC Automatic DDoS Attack
LOIC also Low Orbit Ion Cannon is a tool to permanently shut down or disable a website. Here are the steps to use it.
- First of all you need to download the LOIC software. You can do so from here.
- Upon completion of download, extract all its content from the downloaded zip file to the PC’s Desktop.
- The software requires no installation since it is a portable software, and will open when you click on its icon.
- Insert the website URL that you wish to crash. If you want, you may also enter the IP address in the IP field, found from the ping command on Windows. However, this is an optional process.
- The next step is to click on the tab in the software that says “Lock On”. Here go to the TCP/UDP Message Option and choose the option that you want.
- Next change the Port Option values
under the ‘Port‘ section. You can input value 80 for most cases.
- Moving on move on to the ‘Method‘ section and select UDP option from the given dropdown menu.
- You may also change the thread value if your computer is really good. Put the value at 10 or 20, which ahould make everything work out well.
- Last but not the least after all configurations have been taken care of, click on the “IIMA CHARGIN MAH LAZER” button and allow the software to run for at least one hour.
When you visit the website after an hour, it will display a “Service Unavailable” sign.
Other than LOIC there are other tools that hackers use like,
- HULK (HTTP Unbearable Load King).
- DDOSIM – Layer 7 DDoS Simulator
- R-U-Dead-Yet; and
- Tor’s Hammer
Using Google Spreadsheet
Hackers often use Google Spreadsheets to incessantly ask for an image or PDF of a website’s data, which is stored in the cache. In this procedure, hackers use a script, to create a never ending loop. This loop enables the Google Spreadsheet to consistently keep asking the website to fetch the image.
These requests eventually increases by the day causing an overcrowded traffic to the site, which prevents the site from sending outward traffic to visitors. This procedure is quite different from other DDos tactics to crash a website in the sense that it does not send over large amounts of information packages to flood the website. Instead, the hacker makes small data requests which after a certain point of time crash a website’s functionality.
Hackers use this form of attack on websites by sending data that makes no sense at all, in small packets, which then reassemble again upon reaching the server.
Since data is broken to smaller packets, a server fails to reorder them as per the malicious offset parameters. This method is quicker than the rest as it quickly quickly devours available resources until everything comes to a standstill and the website crashes with it.
As time passes, DDoS attacks are said to increase. The tutorial above is not an attempt to encourage users to hack any website and disable it unless absolutely necessary.
Fortunately, DDoS attacks are short lived and only have a short-term impact. Yet, even though most of the reliable web hosting providers give automatic protection against the DDos attack, it’s still best to be prepared for the worst case scenario.