Do you know that through Google and its services you can do DDoS on any website? Let's see.
For those who do not know the DDoS or else Distributed Denial of Service is a type of attack that targets a server in order to overload it with connections and eventually "hang" and can not serve.
The logic behind DDoS is for an attacker to make too many questions or requests to a server, more than the server can handle. unit next year. This means that the attacker has at his disposal a very good machine or a set of machines (botnet) to perform concurrent requests.
| Caution, the technique is given for learning purposes only. In no way should not be used illegally or to cause harm. |
The following technique uses Google computing gender, which is free to use and is accessible to anyone who has created a free gmail address.
It's based on Google's spreadsheets using the program detections FeedFetcher to cache whatever is placed inside the function =image("link").
So, for example, if we put = image ("http://example.com/image.jpg") in one of the cells in the Google spreadsheet, Google will send the FeedFetcher crawler to take the image and save in cache for display.
However in spreadsheets, one can append the random request that exists in one cell to several cells at once and tell FeedFetcher to scan the same file multiple times.
Let's say, for example, a website hosts a 10 mb file.pdf. So pasting the function into a row of 1000 (for example) spreadsheet cells will cause the Google crawler to retrieve the same file 1000 times.
=image("http://targetname/file.pdf?r=0") |
In fact, in the link of the function we can adjust a random parameter which will change in each cell and so each link will be treated as different. Anyone using a browser and opening only a few tabs on their computer can send a huge flood of HTTP GETs to a web server.
The funny thing is, the attacker doesn't have to have a very good one at all connection or a monstrous machine. The attacker asks Google to set the connection image in the spreadsheet, Google retrieves the 10 MB data from the server, but since it is a PDF (file without an image), the attacker gets N/A from Google. This type of traffic flow can become destructive.
Also, the attacker's IP is nowhere to be seen since the traffic is generated by the Google server. At the same time Google uses many IP addresses for detection and although one can block the FeedFetcher user agent, to avoid these attacks, the victim will have to edit the server configuration and in many cases it can be too late. The attack could so easily drag on for hours, just because of its ease of use.
