i bought a DDoS attack on the DARK WEB (don't do this)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] so i bought a ddos attack on the dark web i got on my vpn client launched my tor browser and i got on the dark web i found the dark web marketplace i signed up for it and i found a ddos attack i could purchase now what is that it's a distributed denial of service attack and it's not like regular hacking or i'm trying to gain access to your system steal your information make money off you no i want to bring you down i don't want to hack into your website i want your website to disappear and be inaccessible to everyone disclaimer this is for educational purposes only never do this to anyone without their permission ever but i will show you in this video how to use that denial of service attack i'll even give you access to it as long as you promise to only use it on people you have permission to use it on like yourself or your friends use it on your friends that'll be fun did i mention i also built a botnet which is kind of crazy if you don't know what that is you'll find out anyways let's get into it and also a huge shout out to itpro tv they are the official sponsor of this series i actually use their stuff to prepare for this video and learn about denial of service and all the attacks we can use so if you want to go deeper into hacking or anything else in it check it out got a link below you'll get 30 off forever so check it out now the stuff i bought is crazy like let me let me show you real quick here's one of these it's a tool called sapphira and this thing is it's scary it's a python script and it's sophisticated i can watch as i scroll through this thing i mean a lot of code a lot of cool things going on and i'll show you how to use this i even built a botnet which is an army of servers that will attack using this code all at the same time that's actually called a distributed denial of service attacker ddos but do you know what the scariest part about a dos attack is it's crazy easy to do an attack like this like anyone can do it and you can cause some serious damage and honestly you don't even need scary dark web scripts like i have you don't have to go there in fact you shouldn't don't do not go on the dark web now one of the tools you can download and use right now is the low orbit ion cannon and this thing's crazy easy to use check this out so i've got my web server here works fine i'm actually pinging it from another server as well so we can see how healthy it is and we know it's healthy when we look at the time it takes to get there i'm sending a ping he's responding back and that's how long it takes sub millisecond it's on a local lan it's perfect but if we use the ion cannon check this out again you can do this easily windows mac linux you can get this free tool and mess with your family and friends so i put in my ip 10.7.1.50 that's my web server here i'm gonna lock in my target's ready or i'm ready he's not ready my method will be udp so i'm about to dos attack myself now please again don't attack anyone without permission you can go to jail for this people have gone to jail for this so be careful anyways i'm in charge of my laser go it's flooding it's going it's blah like look at this look at all the traffic i'm sending right now and notice over here we are affecting the server it's gone from sub millisecond response time to now we got almost two milliseconds two three look at that now i know for some of you that's like well chuck that was kind of underwhelming why isn't it taking down the server why isn't the canon just blasting away i'll talk about that here in a second but just know that when we're dosing something or denial of servicing something we basically have two goals we want to overwhelm or confuse or both we want to overwhelm that server with a bunch of stuff that's what we're doing here we're sending a bunch of internet traffic to just confuse the heck out of that server and overwhelm him but we still couldn't take it down why let me show you denial service started out with just pinging a server just like this and by the way this is harmless this is what actually we use to see if servers are up we say hey are you up and they respond yes we are and that's beautiful we use that all the time but hackers want to take a good thing and make it a bad thing so they think okay what if i'm not sending a ping every second what if i increase that frequency maybe if i send a bunch of stuff really fast i can overwhelm that server so something like this i can use a popular hacking tool called hping3 which you can install most linux distributions just apt install h ping 3 but here we go the switch i'll use is dash 1 for a ping icmp protocol i'll do a flood which basically means we're going to send as many pings as we possibly can as fast as we can we're just going to overload this server and then my target 10.7.1.50 and let's go so now it's sending a ton of traffic right now and uh but what we'll notice too is that if i look back at my ping on my server the time really hasn't changed much honestly it really hasn't changed at all but why well the simple answer is that it's just not enough traffic to overwhelm my server he's got plenty of bandwidth and he can handle all those ping requests so something like that an attack like that really isn't effective now but what if we did this what if instead of one computer i'm using to attack it what if i use another what if i start sending pings from there and from here and from here what if i keep adding them let's try that let's see if it affects it do it from one server another server another server and that should be enough let's see if anything happened okay we're actually seeing something happen now this is significant watch this we've gone from sub millisecond to at times 19 milliseconds which is huge on a local lan so now we have all this traffic going to the server he's handling all these pings which is stressful for him and we're using up the bandwidth this is what we call a distributed denial of service attack or a ddos attack because we're using multiple computers to attack our target because you know what one computer one nic one processor in memory isn't quite enough to attack and just confuse an overwhelming server we need multiple now again this is not hard to do you get a few servers spun up you run hp 3 and you can overwhelm a device now this attack is called a ping flood or a icmp flood and again it just takes advantage of a protocol on a tool that we all use all it people use to make sure things are up but we use them to take it down which is kind of cool now the problem with this attack is that it's pretty easy to defeat all you got to do is turn off icmp on your server turn off ping turn it off to where your server does not respond to pings and you can't attack him anymore it's done how lame so attacks like an icmp flood there's even an attack called a a ping of death which sounds awesome but it doesn't work anymore the ping of death was cool because you could send a super just heavy large packet to your victim so large they couldn't handle it and it would cause them just to feel overwhelmed buffer overflows doesn't work anymore so if these don't work anymore then what do we do now well we get smarter we make our attacks more complex we find something else and that's what happened let me show all my attacks down and this is exactly why i want to show you these ddos scripts i downloaded from the dark web they have become more complex and they are insane and crazy but we're gonna build up to that so let's keep going so getting back into the mind of a hacker hackers they just try to find ways to make good things into bad things one of those things is the tcp protocol which is how we connect to our websites when i want to access a website on the server i connect to tcp port 80 or 443 and to establish that connection we have a thing called the three-way handshake this happens every single time so basically you know let's say me over here my beard and my coffee when i connect to that website i'm going to do a three-way handshake it looks like this i send a send request the server will then respond back with a sin act request and then i respond back with an ack and then my connection is established and we can communicate but see hackers saw this and they go hey we can screw this up a little bit let's do that this attack is called a sin flood attack we're gonna take advantage of the three handshake we're basically going hey nice to meet you oh and we're doing that like 50 000 times but now i'm going from just a regular person to a hacker and what i'm going to do now is send that send request to open a connection but then just not reply back but what i'm going to keep doing is sending a ton more send requests i'm going to keep sending them like crazy sending them the goal here is again to overwhelm the server with so many connection requests that he can't handle it because you know a server can only handles a certain amount of connections before he's like ah so let's do that we'll use our same tool as before h ping three it's a powerful tool now before i use the switch dash 1 to make it an icmp ping i'm not going to do that now it defaults using tcp which is what we want to use three-way handshake man i'm going to attack port 80 because this is a web server we're attacking and then i'll use the switch dash uppercase s this is for our send attack i'm going to do dash dash flood just to kill this server and of course my target 10.7.1.50 i want to add one more thing here i'm going to make it a bit bigger too let's add some data to that packet so i'll do dash d let's add 200 bytes ready set go now as before we're not seeing a big hit on the server because it's just me and it's hard for one person one computer one attacker to overwhelm a server so let's bring in our friends let's take this from a simple dos attack to a dd os attack one server two server three server and that should be enough let's take a look now okay he's feeling the pain look at that see now we're packing a punch aren't we we are overwhelming the server 20 40 milliseconds of latency let's see if the website's even up um he's having a hard time not even loading at all let me try my ipad here yeah not loading on my ipad at all look at this it's crazy i finally loaded so he's he's definitely struggling so he has yeah yeah he's he's dying so again this is where our attacks become more sophisticated we're using a sin flood attack to kind of exploit the tcp protocol the way it's supposed to work but we make it bad doing a lot of handshakes new dance move for hackers now this works great but it's not perfect and let me tell you why most servers on the internet are going to have some type of security to protect them right and that often comes in the form of a firewall that's my firewall in case you can't tell what that is and when we're sending attacks like this that firewall he catches on so let's say we just start sending a ton of syn float attacks from a bunch of different machines it won't take long for that firewall to go oh i'm being attacked i'm gonna shut those down right now just block the ips and i can do that quickly resolve it really fast and in a lot of cases these attacks don't even matter like it's like spotting a fly for a firewall oh leave me alone now here is where the scripts i bought on the dark web come into play they go far beyond just simple send float attacks or pings or anything they're pretty sophisticated let's check them out so here we are looking back at sapphira which honestly is a pretty nasty ddos attack and here's why remember how i said the firewall can detect when an attack is happening and just shut them down making it harder for attackers to attack this is where scripts like this come in so the attacker once again me with my beard and coffee when i run this safari script it's going to attack the http protocol specifically this is actually an attack called an http flood attack and what it will do is it will send a ton of http get request which are normal things that happen all the time when you go to connect to a website you want to access the home page you're sending a get request saying get me that home page and the web server sends it back to you so it's a legitimate thing and again remember hackers take advantage of legitimate things but make them bad so what we do with sapphire is we send not one get request but a ton of get requests as we do when we didn't do a dos attacks but you see these aren't just normal get requests because if we just sent them as regular get requests and they were all the same well that firewall would catch on real quick wouldn't they they would say oh these ips are sending these get requests and they all look really similar i'm going to shut them down but see that's where the script like this comes in and here's what it does i'll scroll through it here real quick it pulls all these headers like as i'm scrolling through here these are all different headers it'll use to construct unique get requests changing the the user agents um pretty much everything about the request to make it look unique this script alone can compile one million unique get requests and just bam bam bam attack i was moving around a lot and when i get to the end you can kind of see the guts of the python script of how it actually takes that information and constructs all these get requests and attacks and again the the goal the this script is to overwhelm and confuse the server now this guy is bad enough just from one computer but imagine you have it distributed amongst a bunch of computers like let me try it right now i'll show you how to run script and honestly i i told you i got this off the dark web and i did i paid bitcoin with that sucker but then i later found out you can just download these for free on github so yeah and this is not the only one though there's a ton of them like you want to see check this out if i jump into my anonymous folder here look at all these different scripts i have you may be familiar with a few of these but man they're they're cool and the fun part is we get to not only you know test them out but we can go into the scripts and look at how the python was constructed what how do they do this and we can learn ourselves you know now running them is really really simple i just do python specify the script i'm going to run so this will be sapphira dot pi and then my web server url so http colon forward slash and then just put the idp in 10.7.1.50 and it's going to do it done it's starting the attack like that's that easy like weird how easy that is right now i am doing a ddos attack right now i have this tool running on all of my servers and what i'm noticing it doesn't have the effect i was kind of hoping for i don't see a lot of impact and i'm thinking a tool like this is meant to be more hidden and more distributed or i'm just using it wrong but i did do some wireshark captures and i saw the traffic going across it's not as quick so i don't know what's wrong maybe it's probably me so i'll put the link below you can go in and try these attacks yourself pretty much any device that can have python can run these scripts and that's kind of crazy so now if attacks like this need a bunch of servers a bunch of uh computers to attack how do hackers do that is it just getting the community up and and downloading and running these scripts sometimes the majority of the time though they the attackers don't know they're attacking people they're unaware they might be your grandma your mom your friend your your boss their computer is attacking someone maybe right now and they don't even know that's called a botnet see what attackers can do is they can actually um send a phishing email or maybe have a fake website and and they and people will download this malware and run it and they don't know what it is and it might even stay hidden for a long time but it actually is malware that when called upon can run an attack like this on a server and that's a botnet it's an army of basically zombie computers that have no idea what they're doing but when called upon they rise and they attack and this is how some of the most impressive and devastating ddos attacks have happened so it got me to thinking how do they build these botnets how do they do this and going down that rabbit hole i actually built one myself now i didn't like program or anything i found a a framework called build your own botnet or byob and it's kind of simple to set up a little scary how simple it is check this out and honestly it has this beautiful gui built into it it's awesome and yeah check this out i'll go to my control panel and if i scroll down here i have my bots this is my command to control server and this is how i can call upon my bots to do something it's a common thing so setting these things up is not that hard this is one of the cooler frameworks i found because it's open source and it's meant for education and you should be used for education but there's really nothing stopping you from using it for nefarious things so don't do that but it's still neat but here i have my three bots and these could just be victims that i tricked into downloading some software now these are my servers i didn't trick anybody but i can do whatever i want here like if i wanted to get a shell access to these guys i can't just click on one of their shells here and i've got a tcp reverse shell i'm in the server which is crazy right now how do i make these bots become bots that's the scary part it's not that hard if i go to my payloads this is where i can generate a file that they can just have run on their computer and they become a slave a zombie to my command and control center it's honestly just a python script i go in here and say yeah i want a python script and it generates one for me if i run that python script on a computer on a linux server it will just become my zombie maybe you want to do windows servers or windows machines you can do that too operating system windows and just generate one it's an exe an executable and it just takes control it's crazy now what can you do with that well whatever you think and why if i go back to my control panel here i have a bunch of built-in post exploitation modules which means things i want to do to these servers after i have control and if i select um look at this i've got a miner a cryptocurrency miner i could run on all my zombies by default it mines monero you can make some money keylogger you can escalate privileges packet sniffer webcam icloud and those are just built in you can build your own you can run all the attacks i downloaded from the dark web here that's scary right like that's crazy i always wondered how hackers did this apparently it's kind of an easy framework and yeah you still have to go through the process of writing malware i can get past firewalls and and antivirus but still the frameworks are pretty easy to set up now if you want to do this yourself if you want to set up your own botnet and and control some servers and do some cool stuff i've got a link below with a walkthrough you can try it out it's it's neat like it's it's really neat so dos attacks and ddos attacks are some of the worst things we have to combat in it so as a person like yourself maybe learn to become a hacker an ethical hacker obviously your job is to help companies be prepared for these situations now i think rarely you're actually going to perform your own ddos attack or dos attack on a client but you still need to come prepared to understand how those attacks work because they may call upon you to help them prepare or maybe recover from an attack like that so what can you do well the biggest thing is to make sure your network is secure get a firewall in there make sure that firewall's up to date and you've got best practice there also man patch all your stuff your servers and any application you have patch it with all the latest os releases hackers are fast but you know what the good guys catch up just as fast too hopefully then lastly really no network is safe from a ddos attack if anonymous or whoever it is can get enough people attacking one server or one firewall one network they can probably take it down they've taken down some of the largest networks with some of the best security the best way to mitigate that is just make sure you're as redundant as possible that you have multiple servers multiple firewalls doing those best practice things will help keep you safe not foolproof but safe and the good news is with people moving to the cloud and relying on cloud-based services there's a lot of protection out there for ddos so if you have um your your stuff on amazon aws or azure or use a service like cloudflare that sits in front of your website you're much less prone to ddos attacks not immune but you're safer now speaking of attacks if you want to practice and you want to practice not in your own house but you want to practice on a live website i'd like you to do that i'm giving you a website to attack and i want to see if you can bring that down now i'm only giving you permission to attack my website this specific url and that's it so don't don't go attacking anyone else but the url is ddos.networkchuck.com if you can bring that site down that'd be really cool so try to access it now see if it works and if it does work do some attacks on it i give you permission anyways guys that's about it if you want to dive deeper into ddos dos attacks i highly encourage you to check out it pro tv that's what i use to learn about this stuff and they go deeper than i do so go check them out link below you get 30 off forever and of course don't forget to like this video if you like it subscribe if you like what i'm doing here and consider joining the membership and yeah that's all i got again disclaimer don't attack anyone without permission you can get in trouble you can go to jail so just be careful out there and yeah that's all i got i'll catch you guys later [Music] you
Info
Channel: NetworkChuck
Views: 3,885,535
Rating: undefined out of 5
Keywords: dark web, deep web, denial of service, ddos attack, distributed denial of service, denial-of-service attack, ddos attack explained, how to ddos, access the dark web, dark web tutorial, loic, low orbit ion cannon, saphyra, ddos.py, ethical hacking, hacking, hacker, dark net, dos attack, ping of death, icmp flood, http flood, network stresser, ping flood, tor browser
Id: eZYtnzODpW4
Channel Id: undefined
Length: 19min 27sec (1167 seconds)
Published: Fri Oct 02 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.