This is pretty simple and you just need a command prompt and the handy ping tool. This is the standard procedure to just DoS some website. But when it comes to routers and modems they can easily be overpowered by a single user. Now, obviously you don't want to DoS yourself that would be idiotic but it's handy method to ruin someone else Internet experience.
If you're using ADSL and you get a WAN IP address like abc.dfg.lol.mnf [123.147.125.144 etc ] then you can just change the mnf numbers and target the users on the ISP.
Basically we're going to DoS some modems and routers which are using the same ISP. Since it's hard to DoS a system it's fairly easy to DoS a simple modem. My ISP sucks when it comes to planning and the Internet I get is shitty. During this guide I got disconnected 10 times and I got bored so I DoS'ed my modem just for the fuck of it.
To test this:
type ping routerip -t -l 65500
ping 192.168.3.1 -t -l 65500 <-- that
You will get a TTL response < 38ms or more.
If you just ping the router/modem you will get <1ms if you're directly connected.
Just open as many command prompts as you like or can and just start entering that simple line and hit enter. Pretty soon you will see the TTL response increase from 38ms to 160+ and 180ms. My router crashed when it reached 190ms and I only opened like 25 windows.
So, in short if you want to fuck someone randomly.
A) login to your router.
Get the IP of default gateway and your IP.
C) Move the numbers up and down or use a scanner to check for port 80. Once you find some good targets then check those routers by opening the Admin page. If it's modem/router then.
D) Use the ping and have fun.
Granted this may or may not work on many systems but it overpower small modems and routers easily. The user will lose Internet connection and if the router recovers it will still get stalled in the end.
That scenario can easily be turned in DDoS. You can target modems and routers of offices by flooding them with bytes.
Anyway, I am off to sleep. Can somone test this on some different systems.
Comments
CMS Status:
http://en.wikipedia.org/wiki/LOIC
Isn't LOIC monitored or something now, after that LOIC shit went down on Wikileaks behalf?
Here's how a very easy way to create an effective denial of service situation using the distributed denial of service method:
1. Download a high speed port scanner (these are much more powerful than a standard port scanner). There are many free multithread-capable port scanners on the web ie: http://www.radmin.com/products/previousversions/portscanner.php The faster your machine is the faster you can scan. If it can scan 2000 ports/second, then it's half-decent.
2. Scan address ranges in high speed service providers such as in Rogers, Time Warner, Roadrunner, looking for port 27374 and 1243. These ports are either honey pots for SubSeven or real backdoor ports for SubSeven.
3. Compile an orderly list of individual IP addresses which appear to have these ports open. There may be as many as a few hundred, depending on how many IP ranges were scanned.
4. Next, using the author master password [14438136782715101980] for Subseven on port 27374 and master password [pizda] for Subseven on port 1243, try each one individually using Telnet to see if it's just a honey pot or the real backdoor. The honey pots will respond through Telnet with a bogus welcome message, whereas the real one will not give the standard welcome message > "welcome to Sub7... standing by..." if the login attempt is coming in through Telnet or by any means other than the geuine Subseven client. Make a second list to keep the IP addresses of the real Subseven backdoors.
5. Now, after downloading the SubSeven 2.1.1 Gold client (it should still work on XP, even if the site says it won't) from any one of numerous download sites ie: http://www.hackpr.net/~sub7/downloads.shtml, use the client to log into each IP on the list using the respective master password for the respective port, just testing to see which ones allow unobstructed root access (95% will, or you wouldn't have seen their IPs in the port scan lists). Create a third list which has just the IPs of the machines which are wide open and willing. This list could literally have over a hundred IP addresses on it easy. Each of these machines are fully compromised, and will allow full and complete root access to their systems, just as if they were being operated by the actual owner. They will all be high speed boxes as well.
6. Now comes the fun part. Logging into each mule one at a time using the client, go into "Connection" > "IP Scanner", then start scanning more broadband IP ranges through each mule (Sub7's built-in port scanner is also high speed), copy/pasta the IP results from each mule into a text document periodically, always searching for ports 27374 and 1243. You can have a hundred mules all scanning IP ranges at once, and this can generate thousands of possible backdoor IP addresses out there. Verify each hit manually for verification, just as before, using Telnet.
7. Once several hundred highspeed backdoors are located and verified as genuine, the network resources of each mule can then be directed in concert at the exposed/open port of a single target. The best way to accomplish this is by:
a/ use the Subseven client to log into each mule one at a time
b/ in the client go into "Advanced"> "App Redirect" (Lets you run an MS-DOS command on the remote machine and pipes the output back to you)
c/ using ftp.exe through the mule machine's MS-Dos, download a MS-Dos-based high speed packet flooder to the mule machine, and direct it by command-line at the prime target machine's IP address (the mule will not see either the packet flooder or its output, as Sub7 automatically makes things invisible for you server-side). Repeat for all mule machines, and have them all direct floods at the open port of the same IP address.
Using this method, any machine, no matter how powerful it is, will be brought to its knees in short order.
screenshots of the Subseven client:
Keep in mind, too, Subseven is only one of several dozen backdoors which are still out there by the millions, so this technique can work just as well on any one of them using the author master password. The point of this attack is to get as many machines under control as possible and direct them all at a single IP target's open port, so it doesn't matter how they get gotten. Every backdoor out there has its own default assigned port to scan for.
Enjoy...