Xerxes Video – Th3J35t3r

Viewing 10 reply threads
  • Author
    Posts
    • #4730
      Data_Raid
      Participant

      Infosec Island has gained exclusive access to a video demonstration of the XerXeS DoS attack as it is unleashed on the Taliban website http://www.alemarah.info, and carried out by infamous patriot hacker The Jester (th3j35t3r).

      The video release follows an earlier announcement that The Jester has been working to improve and automate aspects of the attack method, which unlike a DDoS attack, requires only one low spec machine to implement. Infosec Island has gained exclusive access to a video demonstration of the XerXeS DoS attack as it is unleashed on the Taliban website http://www.alemarah.info, and carried out by infamous patriot hacker The Jester (th3j35t3r).

      The video release follows an earlier announcement that The Jester has been working to improve and automate aspects of the attack method, which unlike a DDoS attack, requires only one low spec machine to implement.

      https://www.infosecisland.com/blogview/2990-Exclusive-Video-of-XerXeS-DoS-Attack.html

      Pretty cool vid .. and tool  😉

    • #29522
      UNIX
      Participant

      Looks quite fancy. Would be more interested on how it is implemented and achieving what it does though.

    • #29523
      hayabusa
      Participant

      No doubt.  I’m wondering how he manages to ‘effective’ DDoS the box, using only one machine, unless he somehow IS bouncing the attack off of multiple boxes along the way.  I’d like more detail, if he ever releases it, as to how this works.

    • #29524
      zeroflaw
      Participant

      Yea quite interesting. But don’t you need just one machine to control a DDoS attack. At least when you have a nice botnet you can control. Or maybe it’s some sort of amplification attack.

      Anyway, I never really liked denial of service attacks.

    • #29525
      hayabusa
      Participant

      Well, they make it seem as if this is all done from one machine, with no outside assistance / resources.  So that’s why I’m curious, as to how, as you say, they ‘amplified’ the attack, etc.

      I’m no fan of DDoS, either, however, for this type of purpose, it’s both effective, and curiously interesting (as to the ‘how to’)

    • #29526
      zeroflaw
      Participant

      @hayabusa wrote:

      Well, they make it seem as if this is all done from one machine, with no outside assistance / resources.  So that’s why I’m curious, as to how, as you say, they ‘amplified’ the attack, etc.

      Oh, now I get it. Well that also raises my curiosity 😛

    • #29527
      Data_Raid
      Participant

      Some additional information about ZerXes taken from an inteview (link posted at the end of my comments)

      Q:  How did you first develop your DoS technique?

      A:  Okay it started with a little script I wrote a while back to harden-test servers. I modified this script, and it was just a nasty script, very cumbersome. When I realized the extent of the jihad online recruiting and co-ordination involvement (much later), I realized I could turn this script into a weapon.  But the problem with that was it took me constantly shell hopping and wasn’t very user friendly. Now I have started on project XerXeS, an intelligent frontend with the ability to hit multiple targets autonomously.

      Q:  So the automation does not hinder your technique’s effectiveness?

      No, not at all. Each new wave uses a different IP (location). It starts with just one, but ramps it up if it detects system counter-measures.

      Q:  What are the implications if something like XerXeS was combined with a large zombie network, and coordinated against critical U.S. infrastructure, like our communications, power grids, or financial systems?

      XerXes requires no zombie network or botnet to be effective. Once a single attacking machine running XerXeS has smacked down a box, it’s down, there is no need for thousands of machines. But, XerXeS does not hurt intermediary nodes along its path to the target. So the answer is that such institutions’ systems would still be intact, as it causes no collateral damage, just not functional.

      https://www.infosecisland.com/blogview/2882-Jester-Unveils-XerXeS-Automated-DoS-Attack.html

    • #29528
      D4rk357
      Participant

      It is some sort of Smurf attack ?? my closest guess  ???

    • #29529
      MaXe
      Participant

      Most likely D4rk357.

      My best guess is a DNS Amplification Attack, POD (Ping of Death) and / or Slowloris style WebServer attack, perhaps all 3 combined for a higher success rate.

      I don’t think it’s something new even though I can’t confirm nor deny it.

      Update:
      Oh yeah I forgot about UDP and TCP DoS attacks too.  😀

      After all if he’s not attacking specific services on the target computers, such as
      web-servers, dns-servers etc. then he’s abusing the functionality of the ICMP, TCP and / or UDP protocols which hardly can’t be something new. Just better implemented.

    • #29530
      Ketchup
      Participant

      To me it seems that that there must be an element of a new attack there.  All of the old smurf, fraggle, etc attacks are fairly effective blocked by most modern firewalls.  Jester says that his attack is effective against 90% of the sites on the Internet.  It seems like the majority of the infrastructures would have patched their routers and firewalls to block simple stuff like the smurfs, fraggles, and PODs. 

    • #29531
      Anonymous
      Participant

      whoah this blog is excellent i love reading your posts.  Keep up the good work! You know, a lot of people are searching around for this info,  you can help them greatly.

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?