Use Google for DDoS on any site

Do you know that through Google and its services you can do DDoS on any website? Let's see.

FeedFetcher, DDoS, attack, Google, Excel

For those who do not know the DDoS or else Distributed Denial-of-Service is a type of attack that targets a server in order to overload it with connections and eventually "hang" and can not serve.

The logic behind DDoS is for the attacker to ask too many questions or requests to a server, many more than the server can handle in a unit of time. This means that the attacker has at his disposal a very good machine or a series of machines (botnet) to make simultaneous requests.

Attention, the technique is given for learning purposes only. In no way should not be used illegally or to cause harm.

The following technique uses Google computing, which is free to use and is accessible to anyone who has created a free gmail address.

It is based on the fact that Google in its spreadsheets uses the FeedFetcher crawler to secretly store anything embedded in the function = image ("link").

  Google TAG Chinese government hackers against Ukraine

So, for example, if we put = image ("http://example.com/image.jpg") in one of the cells in the Google spreadsheet, Google will send the FeedFetcher crawler to take the image and save in cache for display.

However in spreadsheets, one can append the random request that exists in one cell to several cells at once and tell FeedFetcher to scan the same file multiple times.

Let's say, for example, a website hosts a 10 mb file.pdf. So pasting the function into a row of 1000 (for example) spreadsheet cells will cause the Google crawler to retrieve the same file 1000 times.

=image("http://targetname/file.pdf?r=0")
=image("http://targetname/file.pdf?r=1")
=image("http://targetname/file.pdf?r=2")
=image("http://targetname/file.pdf?r=3")
...
=image("http://targetname/file.pdf?r=1000")

In fact, in the link of the function we can adjust a random parameter which will change in each cell and so each link will be treated as different. Anyone using a browser and opening only a few tabs on their computer can send a huge flood of HTTP GETs to a web server.

  Google Chrome 43 Stable 43.0.2357.81

The funny thing is that the intruder does not need to have a very good connection or a monstrous machine at all. The attacker asks Google to put the image link on the spreadsheet, Google retrieves 10 MB of data from the server, but because it is a PDF (imageless file), the attacker receives an N / A from Google. This type of traffic flow can be destructive.

Also the IP of the attacker is not visible anywhere since the traffic is created by the Google server. At the same time Google uses many IP addresses for crawling and although one can block the FeedFetcher user agent, to avoid these attacks, the victim will have to process the server configuration and in many cases it may be too late. The attack could so easily be extended for hours, simply because of its ease of use.

Registration in iGuRu.gr via email

Your email for sending each new post

Follow us on Google News iGuRu.gr at Google news

Leave a reply

Your email address Will not be published.

9 + 1 =  

Previous Story

Improve audio quality in Windows 10

Next Story

Handsfree in the washing machine