Do you know that through Google and its services you can do DDoS on any website? Let's see.
For those who do not know the DDoS or else Distributed Denial of Service it is a kind of attackwhich targets a server in order to overload it with connections and in the end "hang" and not be able to serve.
The logic behind DDoS is for the attacker to make too many questions or requests to a server, more than the server can handle in a unit of time. This means that the attacker has a very good one at his disposal machine or a series of machines (botnet) to make simultaneous requests.
| Caution, the technique is given for learning purposes only. In no way should not be used illegally or to cause harm. |
The following technique uses Google computing gender, which is free to use and is accessible to anyone who has created a free gmail address.
It is based on the fact that Google in its spreadsheets uses the FeedFetcher crawler to secretly store anything embedded in the function =image("link").
So, for example, if we put = image ("http://example.com/image.jpg") in one of the cells in the Google spreadsheet, Google will send the FeedFetcher crawler to take the image and save in cache for display.
However in spreadsheets, one can append the random request that exists in one cell to several cells at once and tell FeedFetcher to scan the same file multiple times.
Let's say, for example, a website hosts a 10 mb file.pdf. So pasting the function into a row of 1000 (for example) spreadsheet cells will cause the Google crawler to retrieve the same file 1000 times.
=image("http://targetname/file.pdf?r=0") |
And in fact in the function link we can adjust a random parameter which will change in each cell and thus each link will be treated as different. Anyone using a program tours and only opens a few tabs in it computer of can send massive HTTP GET flood to a web server.
The funny thing is that the intruder does not need to have a very good connection or a monstrous machine at all. The attacker asks Google to put the image link on the spreadsheet, Google retrieves 10 MB of data from the server, but because it is a PDF (imageless file), the attacker receives an N / A from Google. This type of traffic flow can be destructive.
Also, the attacker's IP is nowhere to be seen since the traffic is generated by the Google server. At the same time Google uses many IP addresses for detection and although one can block the FeedFetcher user agent, to avoid these attacks, the victim will have to edit the server configuration and in many cases it can be too late. The attack could so easily drag on for hours, just because of its ease of use.
