DDOS Attacks Tutorial Part 2

Brought to you by

Created by : Lelouch
 Requirements

- Kali Linux or any Linux Distro.

- PostIt.py (http://pastebin.com/Xab455k2)
- Basic Knowledge on DDOS/DOS Attacks
- Configured Proxychains With Tor
DDOS IN A NUTSHELL
 Reconaissance

● First of all before we do some DDOS

Attacks we need to Scan the target,
find its open ports and do some
intensive scanning on the target site.
Before we Start doing reconaissance
lets configure first Proxychains to
suite with tor.
 Proxychains

Lets open a terminal then the syntax is:

root@kyu:~#apt-get install proxychains
root@kyu:~#apt-get install tor
root@kyu:~#leafpad /etc/proxychains.conf
Tor
 Tor

Then type service tor start

Proxychains
Proxychains
 Proxychains

Choose Dynamic Chain

Put # (number sign) in Strict Chain
Then Remove the # (number sign) In Dynamic
Chain
And Press ctrl+S to save the file and finally we
can now do some reconaissance
 Proxychains

● root@kyu:~# proxychains
● ProxyChains-3.1 (http://proxychains.sf.net)
● usage:
● proxychains <prog> [args]
 Using NMAP

Syntax:
root@kyu:~#proxychains nmap -Pn -v 127.0.0.1
NMAP
 NMAP

● So now,we know the current open Ports in the

target website/server,Time to Release the
Sperms :D
 Firing teh Sperms

● Now,i Supposed you have basic knowledge on

how to run python scripts,For this tutorial we
will used a .py script its a layer7.
 Firing teh Sperms

● Using Postit.py (i renamed it as l7.py)

Firing teh sperms
 Firing teh Sperms

● So now :D Lets Verify if the attack worked on

the target :D Lets view the access Logs!
Firing teh Sperms
 Firing teh Sperms

● On this tutorial i didnt use proxychains,This time no

sites will be involved on the Tutorial.
But if you are planning to Scan and Attack
websites,use proxychains to hide your ass :D
 About the Script

● Postit.py is a Layer 7 DDOS Script,I guess its a python

version of Slowloris,More Powerful but the difference is.it
can be CONFIGURED to send ANY HTTP METHOD
LIKE GET,HEAD,POST,TRACE,CONNECT :D (you know
what i mean :D Be Creative as you can shutdown
anywebsites using this tool if you configured it Properly
:D )
 Thank You!

● Credits will go to Lelouch and his team MCA and

PHU DDOS Team.
I hope this time you learned a lot.
Give us a Like and Follow on Facebook and
Twitter.
Facebook.com/mcaphuddosquad
Twitter.com/mcaddosteam