topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday December 10, 2024, 2:02 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Facebook: Your new botnet for DDoS attacks!  (Read 3341 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Facebook: Your new botnet for DDoS attacks!
« on: April 26, 2014, 08:49 AM »
Want to take down some sites? Get a Facebook account and access to their almost unlimited bandwidth.

http://chr13.com/201...to-ddos-any-website/

Steps to re-create the bug as reported to Facebook Bug Bounty on March 03, 2014.
Step 1. Create a list of unique img tags as one tag is crawled only once

Code: HTML [Select]
  1. <img src=http://targetname/file?r=1></img>
  2.         <img src=http://targetname/file?r=1></img>
  3.         ..
  4.         <img src=http://targetname/file?r=1000></img>

Step 2. Use m.facebook.com to create the notes. It silently truncates the notes to a fixed length.

Step 3. Create several notes from the same user or different user. Each note is now responsible for 1000+ http request.

Step 4. View all the notes at the same time. The target server is observed to have massive http get flood. Thousands of get request are sent to a single server in a couple of seconds. Total number of facebook servers accessing in parallel is 100+.

It won't get fixed. More on that at the link.

Have fun~! :P

 :-\
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Facebook: Your new botnet for DDoS attacks!
« Reply #1 on: April 26, 2014, 09:06 AM »
Now all we need is a new meme for FaceDoS'ing

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,190
    • View Profile
    • Donate to Member
Re: Facebook: Your new botnet for DDoS attacks!
« Reply #2 on: April 26, 2014, 10:57 AM »
Another link: http://thehackernews...-anyone-to-ddos.html

Unfortunately, Facebook has no plans to fix this critical vulnerability, “In the end, the conclusion is that there’s no real way to us fix this that would stop “attacks” against small consumer grade sites without also significantly degrading the overall functionality,” Facebook replied to the researcher.

What the what?

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Facebook: Your new botnet for DDoS attacks!
« Reply #3 on: April 26, 2014, 10:57 AM »
It won't get fixed. More on that at the link.

Oh, if behavior like that persists, it'll get fixed. Just not the way Facebook wants. Businesses and ISPs will just configure their networks to deny all Facebook-owned IP addresses from accessing their networks.

I'm sure there are sysadmins who fight off the temptation of doing it every day. All they need is an excuse.

Would I want to see that happen?

Hmm...a little bit. Yeah.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,885
    • View Profile
    • Donate to Member
Re: Facebook: Your new botnet for DDoS attacks!
« Reply #4 on: April 26, 2014, 09:58 PM »
You did notice how he mentioned that Google has a similar issue, and that when you combine them, the attack is much worse?

Google also seems to not want to fix it.

http://chr13.com/201...to-ddos-any-website/