DDos is defined as “Distributed Denail of Service Attack“. This tutorial explains what is DDosing and how to hack a website temporarily using DDos method.
It is a very common news when you hear that a website is hacked by a group or a website is crashed and etc. etc. Have you ever wonder how a hacker group take a website down or do you know the exact method of crashing a website? Actually there are several methods which are used by the hacker group. However, using Distributed Denail of Service Attack technology, any small website can be crashed very easily.
DDos – Distributed Denail of Service Attack
Every web server has it’s own capacity of handling requests at a particular time. A DDos can be occured when a web server or a system gets so many requests at one time which it can’t handle, then the system hangs or shuts down automatically. This results in a website is crashed or temporary down. When a website becomes a victim of DDos attack, it looses all it’s allotted bandwidth which makes the website server temporary down. Overloading a network or flooding a web server by sending huge amount of requests at a time results disconnection of data transmission between a server and a user. Thus a website goes to temporary down state or faces server unavailable problem due to DDos a website. Until the system administrator analyses all the requests, it is impossible to filter attackers’ request.
There are several ways to DDos a website. I mention here command line manually DDos and automatically DDos using free tool techniques.
Method #1: How to DDos a Website Manually Using Windows Command Prompt
- Select a small website that you want to DDos attack.
- Find the IP address of the website. To find the IP address of a specific website just use the following command:
ping www.example.com -t
The IP address looks similar to xxx.xxx.xxx.xxx
- Now type the following command:
ping [ip address] -t -l 65500
- Run the command for hours. If possible use multiple computers to run the same command at a same time.
- Now, when you visit the website after 2 or 3 hours, you will find the “website is temporary down” or “server unavailable” message.
Note: You should have a internet connection with unlimited bandwidth. Otherwise you lose all your internet bandwidth for performing the task.
Method #2: Website DDos Attack with LOIC Automatically
To lag down a website or to completely shut down a website you need a tool, named LOIC (Low Orbit Ion Canon). Lets see how to DDos a website using Low Orbit Ion Cannon.
- Download the software from the below link:
- Once, you download the software, extract the software to Windows desktop.
- Targeting the website: Double click the software icon to open it. LOIC is a portable software and requires no installation.
- Now, put the website address that you target in the ‘target URL’ field.
- It is optional to put the IP of the targeted website in the IP field. You can get the website IP by using ping command from your Windows.
- Press the ‘lock on’ button which is next to the text field.
- Under ‘Attack’, don’t change timeout, HTTP subsite, speed bar.
- Under ‘TCP/UDP Message’, enter whatever you want to right.
- Under the ‘Port’ field, change the value of the port of the targeted website. In most of the cases the value ’80’ should work.
- Under ‘Method’, from the drop-down list, select UDP option.
- Uncheck the ‘Wait for reply’ check box.
- Change the thread value to 20 if you have a good computer. Otherwise, keep the value to 10.
- Press the “IIMA CHARGIN MAH LAZER” button.
Run the software at least for an hour. Then, visit the website you target and you should see the “Service Unavailable” problem there. This is the way how you DDos a website and makes it down temporarily.
Method #3: How to Use Google Spreadsheet to DDos a Website
Google always use a feedfetcher crawler to capture the image, then display the cache image. Google use the same technique using Google Spreadsheet to cache and display any image that is inside =image(“”) value. For example, if i put =image(“https://www.techperiod.com/wp-content/uploads/2016/01/LOIC.png”) function in the spreadsheet, it fetches the image and display it.
Using a random parameter request, one can ask feedfetcher crawler to crawl exactly the same file multiple times. If I use a large pdf file link, Google feedfetcher crawler will fetch nothing. But, it crawls the website multiple times and results a lots of outgoing bandwidth/traffic loss. As, it fetches nothing, so there is no fear to loss your bandwidth.
In this case the spreadsheet function should be something like this:
=image("http://example.com/sample.pdf?r=0") =image("http://example.com/sample.pdf?r=1") =image("http://example.com/sample.pdf?r=2") ...... ...... =image("http://example.com/sample.pdf?r=999") =image("http://example.com/sample.pdf?r=1000")
So, using a single laptop, anyone can disaster a website and sends 250GB traffic within 45 minutes.
Disclaimer: This tutorial is only for learning purposes and this guide does not ask readers to crash any website; this tutorial is based on how to DDos a website. However, most of the reliable web hosting providers gives automatic protection against DDos attack now-a-days.