Wednesday, February 23, 2011

How to LOIC

Don't really know what to write about today, so I'm going to teach how to DoS a website using LOIC.

For those who don't know:
DoS = Denial of Service, not to be confused with DOS(disk operating system), or GLaDOS (Genetic Lifeform and Disk Operating System). 
DDoS = distributed denial of service attack, which is linking a bunch of computers together to take down a target site.
LOIC = Low Orbit Ion Cannon, an easy to use GUI, for performing DoS or DDoS attacks.
GUI = Graphical User Interface

How it works:
Basically DoS attacks work by overloading your target's servers with more page requests than they can handle.  This program called LOIC is capable of sending a lot of requests very fast.

Step 1:
Download LOIC.  You can get it at http://sourceforge.net/projects/loic/ by clicking the big green download button.  Note that some antivirus products may give you a warning.  Mine identified it as a hacker tool, which it is, but it isn't harmful to MY system, so i told it not to worry about it.  It won't harm your comp, so don't worry.

Step 2:
Set your target.  This can be used for website stability testing by attacking your own site, it isn't purely for malicious purposes.  So umm I guess I should absolve myself of liability and tell you not to use this to break the law, or something.

Sooo, for this example lets say I own stock in mastercard.  Since I own a share of the company I'd like to make sure my company's site is reliable.  In the "Select your Target" box you'd put in www.mastercard.com and click "Lock On".  If done correctly you'll see the targets IP number pop up in the display.  See pic for reference.






Step 3:
Attack mode and options.
TCP - this is the default and you shouldn't change it, for now.  Skip to step 4 until your IP gets banned.
UDP - sends junk requests in a different way, use this when your TCP requests stop working.
HTTP - actually calls the sites http server and reports on successful/unsuccessful downloads to use up their bandwidth.  It won't work once the site goes down though.

Step 4:
Press the big button in the upper right that says "IMMA CHARGIN MAH LAZER".  If set up properly, your requests will climb.  If/When they stop increasing you can try restarting LOIC or changing your IP.  Or see step 3 and check out UDP mode.  It should look like this:





Other Notes:
The site in the background of the above picture is a useful tool for checking that a site is really down.  You can use it by going to http://www.downforeveryoneorjustme.com/

Using a proxy:  You can't LOIC with a proxy, the requests will hit the proxy and not the target and it defeats the purpose.

Legal: DoSing(NOT DDoSing) is a legal grey area in most places but check local laws to be sure.  I've never heard of an arrest for a DoS, but have heard of a few for DDoSing(though it's incredibly rare and usually just if you're running the server).

Deciding who to target:  Use your power for good.  I know a lot of people used DDoS attacks against the Egyptian government recently to support the protests over there, and I approve of things like that.

Also sony recently started banning modified PS3s from online services, and I personally think that if you paid good money for the machine, it's yours to modify however you want and maybe they should be denied some services themselves, but I'm not suggesting you go out and target Sony.com on your own.  You wouldn't be likely to take them down without a strong network DDoS.  I just think they deserve the hit for what they're doing.

Support good or funny causes.  Hope somebody finds this article useful.  I just didn't have much to write about today.

Squeaked by Anonymouse at 12:00 AM
Labels: , , , , , ,

49 comments:

  1. BubiFebruary 23, 2011 at 12:58 AM

    Nice post, good info, thanks

    ReplyDelete
  2. GFebruary 23, 2011 at 6:17 AM

    interesting post...never had the need to use stuff like this, and always worried about the trouble it might cause

    ReplyDelete
  3. Chris C.February 23, 2011 at 6:22 AM

    Anything for us Linux users?

    ReplyDelete
  4. AnonFebruary 23, 2011 at 6:28 AM

    nice tutorial, but this will be an open door for all the script kiddis :D

    ReplyDelete
  5. Electric AddictFebruary 23, 2011 at 10:34 AM

    I remember windows 98 would Blue Screen from one Linux ping command LOL good stuff thanks :)

    ReplyDelete
  6. RoseFebruary 23, 2011 at 10:41 AM

    DDOS is very illegal!

    ReplyDelete
  7. shishimaruFebruary 23, 2011 at 11:57 AM

    heheh loic... awesome shtuff.

    ReplyDelete
  8. Paranormal ExplorerFebruary 23, 2011 at 12:58 PM

    I guess I know what I'm doing tonight :P

    ReplyDelete
  9. AnonymousFebruary 23, 2011 at 1:21 PM

    Thanks for the info.

    ReplyDelete
  10. IsaacFebruary 23, 2011 at 2:41 PM

    Be careful bro, don't wanna see you get banned for a post like this :(

    ReplyDelete
  11. AnonymouseFebruary 23, 2011 at 3:09 PM

    @Chris C.
    i might cover that in a future post. thanks for the idea.

    @Anon,
    yeah but i'm ok with that.

    @Rose,
    yes it is, but DoS isn't always illegal.

    @Isaac,
    As i mentioned. It is legitimately useful for website stability testing, so I don't think they'd ban me for teaching this.

    ReplyDelete
  12. AnonymouseFebruary 23, 2011 at 3:26 PM

    @Chris C.
    I actually doubt i'll do a future post on it since i don't have linux installed on this machine currently. My advice would be look into slow loris, since I know there's a linux script for it somewhere...

    It's a different way to go about things, more of an http DoS or SYN flood, but it may still work depending on your goals with it.

    A good starting place for some info might be this link. :) hope it helps.

    ReplyDelete
  13. philFebruary 23, 2011 at 4:20 PM

    Cheers dude - I've often wondered how dos attacks were carried out

    ReplyDelete
  14. RondarielFebruary 23, 2011 at 4:58 PM

    There are ways to DDOS without LOIC, which I prefer, as you don't rely on the software. I used to have an informational picture on it...

    ReplyDelete
  15. mindFebruary 23, 2011 at 5:25 PM

    so much fun with friends

    ReplyDelete
  16. Con QuesoFebruary 23, 2011 at 5:41 PM

    lol...back to the iffy stuff, eh? I'm actually glad I learn this. I didn't know there was an easy to use GUI for this stuff haha.

    ReplyDelete
  17. pizzafuckyesFebruary 23, 2011 at 6:21 PM

    good info here, nice.

    ReplyDelete
  18. HavueleteFebruary 23, 2011 at 6:29 PM

    wow, very interesting and useful, thanks.
    Has anyone really used it? and can you do something alone or need a big group?

    ReplyDelete
  19. RabidmooseFebruary 23, 2011 at 6:32 PM

    Very useful, definitely will only use this to "test" site stability ;).

    ReplyDelete
  20. FrostyFebruary 23, 2011 at 6:34 PM

    Interesting about the egyptian dos'ing. That's a good way to look at it, though I heard of a few recent arrests about ddosing

    ReplyDelete
  21. AnonymouseFebruary 23, 2011 at 7:01 PM

    @Rondariel,
    yeah i have that pic somewhere too, LOIC is just popular and easy so i figured I'd just write about that for now.

    @Havuelete,
    yes, i've used it successfully, and it depends on the site you want to point it at. that shot of mastercard getting taken down was not done solo. but you could probably test the stability of some smaller sites on your own.

    @Frosty,
    yeah during operation payback in december i know somebody in the netherlands got arrested for DDoS'ing postfinance bank, but it's pretty uncommon.

    ReplyDelete
  22. ChandraFebruary 23, 2011 at 7:21 PM

    Very interesting :) Thanks for the information! :D

    ReplyDelete
  23. Eric PFebruary 23, 2011 at 7:51 PM

    not planning on doing this anytime soon, but it's interesting to know more about it.

    ReplyDelete
  24. AnonymousFebruary 23, 2011 at 7:54 PM

    useful info

    ReplyDelete
  25. TJamFebruary 23, 2011 at 9:14 PM

    I've actually always wondered what people were talking about when they received a DoS attack, but I was always too bothered to actually look it up.

    ReplyDelete
  26. Meghan MoranFebruary 23, 2011 at 10:06 PM

    one of the few ways we can come together to fight an unjust cause.

    ReplyDelete
  27. rndmg123February 23, 2011 at 10:12 PM

    so this is how its done...interesting

    ReplyDelete
  28. l33 v4n cl33fFebruary 23, 2011 at 10:19 PM

    very interesting read, i might try this.
    following ;)

    ReplyDelete
  29. THEFROGFebruary 23, 2011 at 11:07 PM

    instantly clicked follow when i saw the title. nice work!

    ReplyDelete
  30. diceyshortstoriesFebruary 23, 2011 at 11:14 PM

    Man the harpoons--errrrr....yeah, I guess this would work instead. :)

    ReplyDelete
  31. PoliticallyInsaneFebruary 23, 2011 at 11:39 PM

    Great stuff!

    ReplyDelete
  32. MorgFebruary 23, 2011 at 11:54 PM

    nice.. following

    ReplyDelete
  33. College KidFebruary 24, 2011 at 12:46 AM

    This is a really great post, I learned so much here. I always wondered how this worked.

    ReplyDelete
  34. QfalkFebruary 24, 2011 at 1:48 AM

    good stuff, supporting

    ReplyDelete
  35. PiepantsFebruary 24, 2011 at 2:03 AM

    Nice, I definitely didn't know this crap. Thank you for the info, good sir!

    ReplyDelete
  36. HillDogFebruary 24, 2011 at 10:08 PM

    I might use this sometime. Thanks for the info.

    ReplyDelete
  37. TasosFebruary 25, 2011 at 11:28 AM

    I'll keep that in mind, although in need quite a long work. Thanks!

    ReplyDelete
  38. Hombre720February 25, 2011 at 3:56 PM

    Might be useful...:D

    ReplyDelete
  39. !sense!February 25, 2011 at 9:37 PM

    isnt this illegal though?

    ReplyDelete
  40. AnonymouseFebruary 26, 2011 at 2:38 AM

    @!sense!,
    depends how it's used.

    ReplyDelete
  41. AnonymousAugust 25, 2011 at 10:23 PM

    will it knock an individual user offline... Like my neighbor?

    ReplyDelete
  42. AnonymouseSeptember 21, 2011 at 6:31 PM

    nope sorry anon, it isnt really good for that.

    ReplyDelete
  43. AnonymousJanuary 29, 2012 at 4:21 PM

    why dont my request numbers move? it just sits at zero

    ReplyDelete
  44. AnonymousFebruary 8, 2012 at 9:31 AM

    i used the loic to test one of my sites and now i cant access any website from that server (webs.com). i think they blocked my ip, does the block ever get taken down or is there a way to get rid of it?

    ReplyDelete
  45. AnonymousApril 3, 2012 at 5:34 AM

    Since it won't go through proxy servers, does that mean that the people that I DDoS can directly track my IP back to my address?

    If so, then would having a dynamic IP actually make a difference?

    ReplyDelete
  46. AnonymousJuly 27, 2012 at 5:20 AM

    German prisoners need dos app 4 f***king android 2.2 phone ...we will attack motherf***king justice if anybody help us ....

    ReplyDelete
  47. AnonymousSeptember 3, 2012 at 5:15 AM

    will it blend?

    ReplyDelete
  48. AnonymousOctober 12, 2012 at 2:42 AM

    can i use a vpn rather than a proxy?

    ReplyDelete
  49. UnknownMarch 2, 2013 at 4:21 PM

    Yes it did open for the scripot kiddies like myself thanks for the post/tutorial I'm a script kiddy but getting there I mneed to upgrade my Machine excusemina@gmail.com

    ReplyDelete

Subscribe to: Post Comments (Atom)