XerXes
DoS Attack Video Part 2
The Hacking tool used to DoS Wikileaks
This is demonstration of a XerXes DoS Attack in action against atahadi.com
Whats new from the first demo video is that more is revealed about the attack technique.
See for yourself :
Activate FullScreen for a better experience
Click on this link to view the first video
This second video of XerXeS shows more of the XerXeS dashboard, and reveals even more about the attack technique – It's an Enhanced version of XerXes able to dos secured Apache servers !
Take a look at 02.25 when he sets up the target server:
XerXes can now affect multiple server flavors – some still more are under development.
This time he dropped a Secured server which is supposed have the Apache setup that is impervious to a XerXeS hit.
Denial of Service (DoS) Attacks
The basic premise to this attack is that by sending (but never fully completing) numerous requests to Apache, one could get the Apache process to consume all system resources and stop serving up the actual web content.
Exploitation
The Apache vulnerability is only the beginning, Xerxes will be able to hit IIS in the future.
DoS or DDoS ?
The attack is performed on a single low-spec computer, and while The Jester sends relatively few packets from his own machine, the attack results in brief outages of the target site.
So he is not using any intermediaries or botnets, sorry for having wrote DDoS in my first post xD
You can view part 1 here: XerXes in action
You surely can follow Jester here:
http://twitter.com/th3j35t3r