Re: XerXes DoS tool Leak. not so 0day now!

[anonymous-tips () hushmail me]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Same code base, same mechanism of attack.

Essentially octopus flood routed via TOR.

Ironically, SlowLoris routed via TOR with rapid exit node
switching, combined with a modification to entropy's Torshammer
HTTP POST DoS tool (using TOR also) is far more effective against
live targets than this technique.

On Fri, 08 Jul 2011 20:42:57 +0100 Laurelai <laurelai () oneechan org>
wrote:
> On 7/8/2011 1:58 PM, anonymous-tips () hushmail me wrote:
> > Laurelai, nice of you to join us.
> >
> > How this tool seems to work is it just routes via a literal ton
> of
> > TOR servers to open connections to the target... Reminds me of
> > Anonoctopus.c except using TOR.
> >
> > It does seem to be just as effective as the j35t3rs "modified"
> > (read as: he added a GUI) version...
> >
> > Fellow Full Disclosure Users, I apologise if my CC'ing method is
> > incorrect, just trying to ensure we all get it :)
> >
> > On Fri, 08 Jul 2011 19:55:02 +0100 Laurelai Storm
> > <laurelai () oneechan org> wrote:
> > > Oh snap.
> > > On Jul 8, 2011 1:52 PM, <anonymous-tips () hushmail me> wrote:
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > >
> > > > hey guys,
> > > > thought the world needed this leaked, if only so j35t3r
> cannot
> > > > continue his nonsense with his "31337 0day tool"
> > > >
> > > > http://pastebin.com/raw.php?i=MLFs5m1K
> > > >
> > > > Thats the sauce :)
> > > >
> > > > Have fun, and I will be watching this to see when it is
> patched.
> > > > BTW, H.D. Moore, and Fyodor, if you read this, we love you
> guys
> > > :)
> > > > ~LulzSec
> Hmm, well i have just been told by a friend of mine he wrote this
> code
> and not jester.. @Sanguinarious on twitter by the way,
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wsBcBAEBAgAGBQJOF2dLAAoJEJicku1BO3ojfLwH/0wAS0TdY2ZGUwftEnmBJx8uiWh4
J5sxoaa7Pkus7tBIys/XLYIRxazy8fFWweQzxRT38EwlE6I0GX0jvm0RGoBWYNPf59Yg
VkoufYB+pjX0lH090LpwP43R9XLPatuw7/HLqKXlPbK2GN0cx1AKvIRua4aOrrO1z+G2
a0OATBEsv1Cf4UXRsRIhkX4+nckD3B3l1nUgfoxAxOVpix8/QmkPOfDTqmbQphlmClpv
J3vwBDgwr4bHaHgxBu8Emf6onjvuYEyNCT6VaxKlAsmMF9mrgzEmmM1gItI6lWUs4djA
fe2xIvyC5zVMNltDlUW/2hWByJSrVIro3udRv6XxfSc=
=9ALw
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/