Student Makes X4U Doser DDoS Tool Available
Just like PDF tools or programs for blocking online ads, tools for running DDoS attacks can be simply downloaded from the internet, free of charge. One of these programs was created by a student calling themselves FathurION. The tool called X4U Doser enables anyone to launch DDoS attacks on targets of their choosing, even without any in-depth technical knowledge.
Stress test tool available to anyone on the internet
X4U Doser can be easily found on the clear web as a zip file download. This is a description by its creator: “X4U Doser is a free , strong , and maximum network stress testing and distributes / denial-of-service attack application , written in .net languanges , and developed by X4U Hacker.” The X4UD_V3.0.zip version is a program of approximately 6 MB that places a red and black icon on the desktop after unzipping. The user interface is in red and black as well. The “! About” button in the top right corner indicates that X4U Doser is freeware. Users can report bugs and issues by e-mail to x4uhacker.develop[at]gmail.com. The “CHECK FOR UPDATE” button leads to the official download platform www.x4uhacker.wordpress.com/, which also offers a spamming tool and an MD5 converter.
The programmer has made it as simple as possible to use the tool. An IP address has to be entered as a target. The “Find IP Address” button converts the target’s URL into a usable address. For example, www.dosme.de (an LSOC test URL) is turned into the IP address 192.168.100.200 and then only requires confirmation by clicking “Confirm".
X4U Doser offers various attack options. “Army Quality”, “Ping Quality” and “UDP Quality” can be set to “Minimum”, “Normal”, “Extreme”, “Maximum” or “X-Maximum”. For testing purposes, the LSOC selected the highest level, X-Maximum, for all 3 parameters. Port 80 (http) is preset as a default. Before launching the attack using “ATTACK !”, the LSOC activated packet capture to track network traffic.
When the attack was confirmed, X4U Doser recommended to refrain from opening other programs to conserve RAM.
DDoS attacks in just a few clicks
The Windows Task Manager indicated an elevated CPU load.
Both the network and Wireshark Trace filled up with packets, so the LSOC could terminate the attack after only 2 minutes.
The test attack had 3 DDoS vectors
The first attack vector on www.dosme.de was identified as an ICMP flood. It peaked at approximately 120 ICMP requests per second.
Moreover, UDP packets were found as part of a UDP garbage flood. Simultaneously with the ICMP flood, various UDP ports were hit at 19 bytes per packet.
The third vector in this attack was a HTTP GET flood on “/” with HTTP in the 1.0 version. The network analysis indicated that up to 600 HTTP requests reached the server.
DDoS attacks with X4U Doser have limited effect
It’s not necessary to have in-depth IT knowledge to put X4U Doser to work. The program is clearly aimed at „noobs“ looking to use overload attacks to support hacktivism activities or pursue their own goals. X4U Doser makes it possible to bring 3 attack vectors to bear simultaneously to hit a target. Web servers are kept busy with HTTP requests, while ICMP and UDP packets clog up the lines. The firewall, too, has to process all 3 attack vectors. In multi-vector attacks like this, 1 successful vector can be enough to take the target offline.
Still, the attack was unsuccessful, and the unprotected test server stayed online continuously. The attacking PC, on the other hand, was very poorly equipped. If the test attacks were repeated using significantly more powerful computers, the results may be different. Cybercriminals Anonymous work collectively in many cases, with many attackers bombarding targets instead of just one. This strategy is what turns a DoS attack into a DDoS attack with considerably higher packet rates.
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
A simple visualization of how the Underground Cybercrime Economy cashes in on data and DDoS attacks. To learn more,…
9 Retweets 8Read More
How to protect your business and website from DDoS attacks during the biggest sales period of the year:…
5 Retweets 6Read More
What are DDoS Attacks and how do cybercriminals use them as weapons to shut down IT infrastructures? And more impor…
7 Retweets 5Read More
This is why (and how) you should block bots on your business website (includes a list of most common bot attacks):…
13 Retweets 9Read More
What is Web Application Firewall, why do you need it and how does it protect your company? Learn more by reading ou…
3 Retweets 5Read More
@RandyLoss Hah, you weren't the only one saying that.
0 Retweets 0
@vxtrade Your company might ;)
0 Retweets 1
@deckhand25 He is not, but close enough! ;)
0 Retweets 1
What would you do if you received a 180 000€ DDoS extortion email warning to exceed your web infrastructure defense…
1 Retweets 4Read More
Get a detailed and up to date overview of the global DDoS threat landscape by taking a look at our DDoS Report from…
6 Retweets 5Read More
@SecurityParalok Link11 DDoS Protection can help!
0 Retweets 0