http://arstechnica.com/security/2012/08/ddos-take-down-manual/ By Dan Goodin Ars Technica Aug 15, 2012 Turning the tables on miscreants who paralyze websites with torrents of junk data, security researchers have published a detailed manual that shows how to neutralize some of the Internet's most popular denial-of-service tools. The do-it-yourself how-to provides instructions that even hacking novices can follow to exploit critical vulnerabilities in "Dirt Jumper," a family of tools used to wage the crippling denial-of-service attacks. By targeting SQL injection flaws in the software—which is sold for thousands of dollars in underground forums—counter-attackers can commandeer the master control servers used to distribute commands to large numbers of infected computers, which act as foot soldiers in such attacks. The manual was published on Tuesday by researchers with DDoS mitigation provider Prolexic. "The authors of this malware overlooked security for critical portions of its toolkits," the Prolexic researchers wrote in the report, which can be downloaded here, after completing the Web form at the right side of the page. "The weakest link within this malware family is the insecure coding practices used in the creation of the C&C panels. They are simple PHP/MySQL scripts that are pieced together to manage the infected bots." A handful of command-line strings, the open-source penetration-testing tool SQLMap, and knowledge of a command server's location are pretty much all that's required to gain access to its back-end database and server-side configuration files. Compromise of the server's Web application can then be used to perform a DIY downing of the host server. Take for instance the following command: [...]Received on Thu Aug 16 2012 - 03:07:26 PDT
This archive was generated by hypermail 2.2.0 : Thu Aug 16 2012 - 03:10:24 PDT