Ok, saw a thread here asking if any of the YouTube RS ddos programs are legit and where can he download etc..
Just want this to be clear, none of them work.
I don't care how real the program looks, if it "worked" in the video and whatnot.
To further prove this I threw this together in about 5 minutes. It shows how easily this can be forged, I'd use this together with a video of me killing my friend/winning a stake after I "ddos'd" him using this tool.
There's a few flaws with these tools ^
First being, you can't grab IP's just from the players name.
Next one is that you can't download an application, enter an IP and expect to be able to flood that connection. These "floods" have to come from somewhere.
This is what your options are, a botnet ddos and a shell ddos.
Botnet means a collection of bots, bots are infected computers. You spread a file and collect these bots and maintain them, think of them like a ant farm, you try and protect them from other botnet herders/infections you want them to be exclusively yours.
Shells are either exploited or purchased dedicated servers, they normally have much larger bandwidth than standerd home computers, which means you need way less of them than you do bots. There's no specific formula that works out something like 1000 bots = 1 shell as it's entirely dependant on bots and shells bandwidths.
Then, using your bots/shells you send them commands to send packets to your target's IP, that will overwhelm the the target (i.e flood) until it renders it basically useless, the router at the end of that IP won't be able to send or receive data. This is why when they click their sharkies or brews the game doesn't register it, the packets containing that data never made it out the router, never mind to jagex servers.
DoS is similar to DDoS but it just means the flooding is coming from 1 shell/bot, makes sense since the word taken away is "Distributed". DoS's are generally useless unless sent from a powerful server or exploiting a flaw in a network, e.g exploiting SYN/ACK packets etc...
Also a lot of shell booters inflate their shell count with "GET"'s, these are very weak in comparison to shells like slowloris, I don't know the exact stats but I've commonly seen people saying things like "lol, would rather 5 slowloris' than 1k gets." so you can draw an assumption from that.
Below is an example of a flood script you'd upload to a server, got this from the #RefRef by Anonymous, I can't vouch for it usefulness but you can view it if you want an example, it was written in perl.
It apparently exploits a .js file that gets saved on the target's temp. Only works if the target is vuln, which apparently a lot currently are as it wasn't to popular of an exploit. Obviously now it's been released patches will be coming out in a big sweep.
So use it for learning more than using it to D/DoS:
http://www.refref.org/p/refref.html
Thanks for reading, hope I cleared some things up for some of you and maybe saved a couple from wasting their time and risking their accounts with YouTube.
I don't claim to be an expert on DDoS'ing, all the above information is what I've picked up from here and there, if you feel you could correct/better define anything I've said please let me know.
If you don't know any of the terms used then you can quickly Google them, any of the ones I didn't explain are widely known so would be one of the top results.
Just want this to be clear, none of them work.
I don't care how real the program looks, if it "worked" in the video and whatnot.
To further prove this I threw this together in about 5 minutes. It shows how easily this can be forged, I'd use this together with a video of me killing my friend/winning a stake after I "ddos'd" him using this tool.
There's a few flaws with these tools ^
First being, you can't grab IP's just from the players name.
Next one is that you can't download an application, enter an IP and expect to be able to flood that connection. These "floods" have to come from somewhere.
This is what your options are, a botnet ddos and a shell ddos.
Botnet means a collection of bots, bots are infected computers. You spread a file and collect these bots and maintain them, think of them like a ant farm, you try and protect them from other botnet herders/infections you want them to be exclusively yours.
Shells are either exploited or purchased dedicated servers, they normally have much larger bandwidth than standerd home computers, which means you need way less of them than you do bots. There's no specific formula that works out something like 1000 bots = 1 shell as it's entirely dependant on bots and shells bandwidths.
Then, using your bots/shells you send them commands to send packets to your target's IP, that will overwhelm the the target (i.e flood) until it renders it basically useless, the router at the end of that IP won't be able to send or receive data. This is why when they click their sharkies or brews the game doesn't register it, the packets containing that data never made it out the router, never mind to jagex servers.
DoS is similar to DDoS but it just means the flooding is coming from 1 shell/bot, makes sense since the word taken away is "Distributed". DoS's are generally useless unless sent from a powerful server or exploiting a flaw in a network, e.g exploiting SYN/ACK packets etc...
Also a lot of shell booters inflate their shell count with "GET"'s, these are very weak in comparison to shells like slowloris, I don't know the exact stats but I've commonly seen people saying things like "lol, would rather 5 slowloris' than 1k gets." so you can draw an assumption from that.
Below is an example of a flood script you'd upload to a server, got this from the #RefRef by Anonymous, I can't vouch for it usefulness but you can view it if you want an example, it was written in perl.
It apparently exploits a .js file that gets saved on the target's temp. Only works if the target is vuln, which apparently a lot currently are as it wasn't to popular of an exploit. Obviously now it's been released patches will be coming out in a big sweep.
So use it for learning more than using it to D/DoS:
http://www.refref.org/p/refref.html
Thanks for reading, hope I cleared some things up for some of you and maybe saved a couple from wasting their time and risking their accounts with YouTube.
I don't claim to be an expert on DDoS'ing, all the above information is what I've picked up from here and there, if you feel you could correct/better define anything I've said please let me know.
If you don't know any of the terms used then you can quickly Google them, any of the ones I didn't explain are widely known so would be one of the top results.
