


The binary version of LOIC has three methods of attack as you can see at this image below: īased on this information we created the follow snort rule: alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"SLR - LOIC DoS ToolJS Version" flow: established,to_server uricontent:"id=" uricontent:"msg=" threshold: type threshold, track by_src, count 20, seconds 5 reference: url, classtype:misc-activity sid:1234568 rev:1 ) Binary Version Lot of connection with id and msg in short period.
#Ddos tool loic download mac os x#
The following shows an example request generated by this tool: GET /app/? id=1292337572944& msg=BOOM%2520HEADSHOT! HTTP/1.1Host: Mozilla/5.0 (Macintosh U Intel Mac OS X 10.5 en-US rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12Accept: text/html,application/xhtml+xml,application/xml q=0.9,*/* q=0.8Accept-Language: en-us,en q=0.5Accept-Encoding: gzip,deflateAccept-Charset: ISO-8859-1,utf-8 q=0.7,* q=0.7Keep-Alive: 115Connection: keep-aliveįor this version of LOIC, the following three items stand out: This version of LOIC allows an individual to contribute to a "DDoS Attack" using JavaScript embedded in a webpage. More details about this tool can be found at:

These four approaches allow you to attack a website using both a standalone tool, and a web-only version which utilizes JavaScript. We've had the chance to analyze two versions of LOIC, which use four different approaches. Many still remember the attacks on Paypal, Mastercard, and Visa, which used this tool. The LOIC tool has been in the news for quite some time now. Submitted By Rodrigo Montoro LOIC (Low Orbit Ion Cannon) DDoS/DoS Analysis
