Denial of Service (DOS) Attacks

What are Denial of Service (DOS) attacks?

Denial of Service attacks have become more widely known due to extensive media coverage. But what exactly is a denial of service attack? Simply put, a denial of service attack is a type of cyber attack wherein a website or service is brought down by a hacker or a group of hackers by flooding it with bogus traffic. The web server becomes overloaded with this bogus traffic and the service eventually crashes.

This means that if a hacker performs a denial of service attack against a website, say for example a bank website, then all the online transitions of that bank will be halted. Both companies and individuals are no long able to log into their netbanking accounts for the duration of the attack, leading to loss in revenue for the bank. The bank will also lose reputation and credibility for failing to protect their IT infrastructure.  Similarly, if Gmail was attacked, millions of users will not be able to access their email accounts. In a typical DoS attack, one hacker performs the attack using a DoS tool or script. This is easy to mitigate. The only thing one needs to do is block the IP address of the attacker. To overcome this, hackers use a technique called Distributed Denial of Service or DDoS.

What are Distributed Denial of Service(DDoS) Attacks?

DDoS attacks involve hundreds, if not thousands of "volunteers" who install the DoS tool in their systems and launch a coordinated attack on the target at a specified time. This was the case when Anonymous hacker group took down Paypal  and Mastercard websites some time back. In case there are no "volunteers" involved, hackers use a networks of zombies called botnets to perform the same attack. These zombies are basically normal home computers which have been hacked and infected with the DoS tool. The controller is able to issue remote commands to these "bots" so that they can start attacking a particular website without the owners even noticing. 

Hackers and hactivists perform denial of service attacks by using an array of readymade tools. one such tools is called the Low Orbit Ion Cannon(LOIC). It is a simple GUI tool and volunteers can use it to launch attacks once they receive the green light from the controllers, usually via IRC or social networks. There are many other DoS tools such as HOIC,Hulk Web server, RUDY (R-U-Dead-Yet), Silent  DDoSer etc.

This disruption in service is one of the biggest challenges for companies today. There is no fool proof method to protect against DDoS attacks.  There are many ongoing research on how to mitigate DDoS attacks. As of now, big companies rely on IDS and firewalls and the cooperation of the ISPs to mitigate such attacks.

Would you like to know how to perform a denial of service yourself? Read my other article on  #how to perform DoS attack here.

How to perform a Denial of Service attack to crash a website

Denial of service is a very aggressive attack usually launched against websites as a form of protest or activism. The ultimate aim is to bring down or crash the web server. There are many readymade tools for this. Here, I will give instructions on how to use a very simple DoS tool called Low Orbit Ion Cannon (LOIC). LOIC is a free and open source and can be found in Sourceforge.

Please note that the information provides here is only for educational purpose. 

First download LOIC from here. The original version requires Microsoft .net to run. If you are using a Linux system, then you can use the java version, Java LOIC.

Once downloaded, you can go ahead and run the tool. The directions are pretty straight forward.

1. Enter the URL of the website you are planning to attack. There is also an option to enter the IP address.

2. Once the URL is entered, click on "Lock On"

3. Select the protocol you want to use. TCP is fine.

4. Enter the no of simultaneous threads. (In other words, the severity of your attack) 500 to 1000 threads will do.

5.Finally, click on the large button labelled as "IMMA CHARGIN MAH LAZER"

That will start the attack.  In the bottom, you will see a substantial increase in the no. of requested connections. This means your attack is on. After some time, the website will slow down and eventually stop responding(crash). The best way to observe this is by creating a web server in a virtual lab and attacking it. You can then analyze the web server logs  for more information.

Note: Please don't use tool on any website other than your own. It is a very powerful tool and you could get in trouble with the law.¶lol 

#9jaCZ said it!!! 

5 Best Tools For Hacking Web Applications

In an earlier post, I listed the top 10 general hacking tools. This time, I have listed 5 of the best tools specifically  to hack websites and web applications. Most of these tools are free and are very easy to use.

 If you want to hack a website or web application, knowledge of PHP, ASP, SQL etc are necessary. If you know these languages and technologies, you will be able to hack the website without the need for any tool. These tools make the life of a hacker easy by automating the tasks.

                                                              Image courtesy of chanpipat/ FreeDigitalPhotos.net

So, here is the list of the top 5 web application hacking tools. Starting off with..

1. Burp Suite

Burp suite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments. It is free, however, if you need the advanced features, you can always buy the premium version.

2. Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner provides a comprehensive environment to automatically  scan a website for vulnerabilities.  It scans the web application as well as the web server. Once Acunetix identifies the vulnerabilities in the website, you can go ahead and exploit it manually or use any of the other tools in this list.  Acunetix is however, a paid software, but if you are resourceful, you will know where to get it for free ;)

3. OWASP ZAP

ZAP  OWASP is similar to Burp Suite in functionality. However, ZAP is completely free.

According to the official website:

"The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing."

4. Havij

Havij is one of the best Automatic SQL injection tools. It is extremely easy to use, thanks to its GUI. All you have to do is provide a vulnerable link to Havij, and it will spew out database details such as tables, columns and rows.

5. Mozilla Firefox

Mozilla Firefox is a web browser. Why then, is it in this list? That is because every web application hacking will take place through a web browser. And what better browser than Firefox? Google Chrome is too simplistic, Internet explorer is too buggy and slow. Firefox is the preferred web hacking tool because it is fast, supports proxy (to be used with Burp Suite) and supports many  plug-ins  such as cookie editor.

Not successful in hacking that website? Crash it instead with my other article How to perform denial of service to crash a website.

Top 10 Best Hacking Tools

Hacking always involves tools. A good hacker knows how to use tools to his best advantage. An even better hacker writes his own tools. Here I have listed the top 10 most popular tools used in hacking. It is advisable to master these tools to become a good hacker. Note that all the tools listed here are completely free.

1. Nmap

Nmap is also known as the swiss army knife of hacking. It is the best port scanner with a lot of functions
In hacking, Nmap is usually used in the footprinting phase to scan the ports of the remote computer to find out wich ports are open.


2. Wireshark

Wireshark is a packet sniffer. It captures all network traffic going through a network adapter. When performing man in the middle attacks using tools like Cain, we can use Wireshark to capture the traffic and analyze it for juicy info like usernames and passwords. It is used by network administrators to perform network troubleshooting.

3. Cain and Abel

Cain and Abel is a multipurpose windows only hacking tool. It is a bit old now, but it still does the job well. Cain can be used to crack windows password, perform man in the middle attacks, capture network passwords etc.

4. Metasploit

Metasploit is a huge database of exploits. There are thousands of exploit codes, payloads that can be used to attack web servers or any computer for that matter. This is the ultimate hacking tool that will allow you to actually "hack" a computer. You will be able to get root access to the remote computer and plant backdoors or do any other stuff. It is best to use metasploit under linux.

5. Burp Suite

Burpsuite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments.

6. Aircrack-ng

Aircrack-ng is a set of tools that are used to crack wifi passwords. Using a combination of the tools in  aircrack, you can easily crack WEP passwords. WPA passwords can be cracked using dictionary or brute force.  Although aircrack-ng is available for Windows, it is best to use it under Linux environment. There are many issues if you use it under Windows environment.


8. Nessus

Nessus is a comprehensive  automatic vulnerability scanner.  You have to give it an IP address as input and it will scan that IP address to find out the vulnerabilities in that system. Once you know the vulnerabllities, you can use metasploit to exploit the vulnerablity. Nessus works both in Windows and Linux.



10. THC Hydra

Hydra is a fast password cracker tool. It cracks passwords of remote systems through the network. It can crack passwords of many protocols including ftp,http, smtp etc. You have the option to supply a dictionary file which contains possible passwords. It is best to use hydra under linux environment.

9. Netcat

Netcat is a great networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is also known as the swiss army knife for TCP/IP. This is because netcat is extremely versatile and can perform almost anything related to TCP/IP. In a hacking scenario, it can be used as a backdoor to access hacked computers remotely. The use of netcat is limited only by the user's imagination. Find out more about netcat at the official website.

10. Putty

Although putty is not a hacking software by itself, it is a very useful tool for a hacker. It is a client for SSH and telnet, which can be used to connect to remote computers. You may use putty when you want to connect to your Backtrack machine from your Windows PC.  It can also be used to perform SSH tunneling to bypass firewalls.

Note: This list is not comprehensive. There are many tools that I have left out. Those tools that did not make the list are; Sqlmap, Havij, Acunetix Web Scanner, SuperScan, John the Ripper, Kismet, Hping3.
I have written another article about the top 5 website hacking tools.