Sunday, February 19, 2012

Think your safe when using HOIC/LOIC? Guess again.


So I was talking to a friend of mine, and he said that I should talk about “LOIC” and “HOIC”. Me and him both agree that many people believe that this is the best Hacking Tool there is. They believe that when using this “tool” they can not get caught. Im about to tell you the truth.

“DoS attacks work by flooding the access routers with bogus traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).”

Ddos is the same, but there are multiple IP's being used so depending on how the attack is set up it might be difficult to locate the real attacker. Here ill explain it a little bit more:

Ddos is a Distributed Denial of Service. What this means is that there is many computers working together to overload a website. This is usually done by use of a botnet. A botnet is a server which holds bots/zombies/victims. The person who controls this network of bots can use these bots/zombies to Ddos a site, because of this many machines who are Ddosing a computer do not get investigated because it was by force and not by choice, but with how things are now people are using HOIC and LOIC more and more, and the percentage of Ddos's that are done by willing machines has gone up, and they are investigating more and more every day.

When you study HOIC/LOIC and virus's you see how they act, what kind of packets they send and what kind of information is in those packets. Thats how they catch you. If they see that your using HOIC/LOIC with a packet sniffer then you are done for. Attacking a government website is Treason, and soon instead of charging you for it they will have Soldiers bust in your house to shoot you on site because its soon going to be considered an act of terrorism.

“40 warrants out for the arrest of members of the Hacker group known as “Anonymous”

Do you remember seeing that back in the day? The reasoning for it is that these people were either talking about doing attacks, or got caught because they were at home using one of these tools.

Though I do want to stress that using one of these tools does NOT make you a Hacker, I still want to tell you how to use these tools safely.

Heres how you use LOIC and HOIC safely:

Use a Linux OS like BT5 or BlackBuntu (Or if you use Linux on a day-to-day basis then use that)
Open (Or install) macchanger (sudo apt-get macchanger-gtk” if your using a Debian based OS, BT5 and BlackBuntu should already have this program installed, but if they dont then install it with that command)
Now that you have it installed open up a terminal and type:
iwconfig
It will say something like this after you press “Enter”:
lo no wireless extensions.

eth0 no wireless extensions.

wlan0 IEEE 802.11bgn ESSID: “DisIsMyInterwebzConnection”
(More information will be here)
You see how “wlan0” has information behind it instead of saying “no wireless extensions. ”? Thats good, that means that “wlan0” is your wireless driver, it might look different “wlan1” or something smiler, remember this is for WiFi, not for Dial up or any Ethernet connection. You should use WiFi because you will be at a location other then your house, McDonalds or somewhere else that offers free internet to customers (Make sure there are no cameras in the store before you go there)

Now for the commands I enter next change “wlan0” to whatever your drivers name is, if yours is “wlan0” then leave it how it is.

Sudo ifconfig wlan0 down

(If you are connected to the internet, you have just lost connection, you might want to temporarly disable your ability to connect to the internet because if it connects you automatically then you wont be able to do the next commands)

Now type:
macchanger –show wlan0
This will show something like this:
Current MAC: 99:t5:g4:69:98:36 (unknown)

That shows your MAC Address, which is built into your Wireless Card and is only yours, no one will have the same MAC Address by default, only if they change it. Take note of the digits ( 99:t5:g4:69:98:36) and see if it changes later

Sudo macchanger-gtk

Wait a few seconds and this box should show up, click the drop down next to “options” and press “Another (Any kind)” Then for “Network interface” put “wlan0” or whatever your interface is. Then press “Change MAC” and exit out

Now type:
macchanger –show wlan0 again and see if it changed, if it did then it worked! If it didnt then type “sudo macchanger-gtk” again and try until it works. There are times it will tell you its successful when its actually not.

Now almost nothing can go back to you, once you restart your computer your MAC Address will go back to normal. As long as you dont allow shoulder no one will be able to see what your doing, and you will be safe.

Be careful, there are always ways for you to be taken down. One of the most humorus ways is for you to run up to your friend and say “HEY DUUUUUUDE I HACKERD THE GOVERNMENT!” Although Dosing and Ddosing is not Hacking it is still illegal, do not get caught doing anything illegal, and make sure that if you Ddos its for a reason and no “for teh lulz”.
Hopefully this helped answer some questions and I hope it helps keep at least the majority of people safe.

P.S. If you dont know how to get BlackBuntu or BT5 then google “Backtrack5” “Blackbuntu” and youll find the downloads, then burn the .ISO to a DVD-RW, put it in your laptops CD/DVD drive and turn your computer off. When you turn it on youll see a logo (“HP” “DELL” or whatever type of computer you have) then press “ESC” “F10” “F12” Or something smiler to boot up the DVD. After BT5 loads it will tell you to type “startx” to start it, so do just that and then follow my instructions.

 
~The Dyzaster


EDIT: Also, big_willy didnt know that all this should be done on a network other then your own, like a McDonalds that has no cameras in or around the store, or some other place that offers open WiFi and has no cameras. I personally use McDonalds because they have no cameras.

8 comments:

  1. Bravo! I like this. I never DDOS but this is what people should read. They aren't "Anonymous" or even if they use a VPN they would attack there own self.

    ReplyDelete
    Replies
    1. thats what it is about, a vpn, tor, i dont care what you can come up with, i would like for someone to prove him wrong using windows and a packet sniffer on their own server...............BEFORE THEY DO SOME DUMB SHIT!!!!!!

      Delete
  2. notice there are no windows instructions................. Ddos will send every packet using windows........... i have tested this with every single tool i know of, yet a freeware like commview will sniff the packet and show a real IP................... beware skidz #opblackmarch has begun

    ReplyDelete
    Replies
    1. I apologize, i forgot to mention that you should do this at a different place such as a McDonalds that does not have any cameras, or another place with open WiFi that have no cameras.

      I obviously dont expect someone to do anything illegal from their own house, thats something that i expect you as a viewer to already assume.

      Changing your Mac Address just makes it a bit harder for them to track that you were at the McDonalds that you used to attack with, and that cuts almost all ties with you. Not to mention if you use a Linux OS to do this everything on that disk should be set back to normal, and that disk is easier to destroy then your computer. So if anything was to happen, you evidence is easier to dispose of.



      The reason i didnt give instructions about Windows computers is because i dont encourage the use of them, also because of what i just stated above.

      I dont encourage the use of Mac's either.

      In my honest opinion, Linux is the best OS you can use, if you do not like that opinion then thats fine, no one forced you to read anything i write.

      Delete
  3. You do know it is a stupid idea to run a Linux distribution such as BT5 or Blackbuntu don't you?

    You people don't even realize how vulnerable these systems are and people reading this blog are going to think that it's a great idea to run one of these distro's as an everyday, all purpose OS.

    I'm sorry to break it to you but it's a stupid idea.

    ReplyDelete
    Replies
    1. I never said run it everyday. I dont even think you should have the option to install those OS's as they are just for Pentesting, not for everyday use.

      But you are correct, some people might feel that they should run it for everyday use, and i dont want them to think that.

      Do not run these OS's for everyday use, if you want Hacking tools then install another OS and install the needed programs to do whatever you wish to do.

      Delete
  4. Can this be done on Ubuntu? I can't find out how to install HOIC on here.

    ReplyDelete
  5. so is it true that HOIC and LOIC are active tools for DDOS ?

    ReplyDelete