Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

< March 31, 2012 - Operation: BLACKOUT >

By: a guest on Feb 19th, 2012  |  syntax: None  |  size: 4.42 KB  |  views: 222,691  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. "The greatest enemy of freedom is a happy slave."
  2.  
  3. To protest SOPA, Wallstreet, our irresponsible leaders and the beloved
  4. bankers who are starving the world for their own selfish needs out of
  5. sheer sadistic fun, On March 31, anonymous will shut the Internet down.
  6.  
  7. -----------------------------------------------------------------------
  8.  
  9. In order to shut the Internet down, one thing is to be done. Down the
  10. 13 root DNS servers of the Internet. Those servers are as follow:
  11.  
  12. A 198.41.0.4
  13. B 192.228.79.201
  14. C 192.33.4.12
  15. D 128.8.10.90
  16. E 192.203.230.10
  17. F 192.5.5.241
  18. G 192.112.36.4
  19. H 128.63.2.53
  20. I 192.36.148.17
  21. J 192.58.128.30
  22. K 193.0.14.129
  23. L 199.7.83.42
  24. M 202.12.27.33
  25.  
  26. By cutting these off the Internet, nobody will be able to perform a
  27. domain name look-up, thus, disabling the HTTP Internet, which is,
  28. after all, the most widely used function of the Web. Anybody entering
  29. "http://www.google.com" or ANY other url, will get an error page,
  30. thus, they will think the Internet is down, which is, close enough.
  31. Remember, this is a protest, we are not trying to 'kill' the Internet,
  32. we are only temporarily shutting it down where it hurts the most.
  33.  
  34. While some ISPs uses DNS caching, most are configured to use a low
  35. expire time for the cache, thus not being a valid failover solution
  36. in the case the root servers are down. It is mostly used for speed,
  37. not redundancy.
  38.  
  39. We have compiled a Reflective DNS Amplification DDoS tool to be used for
  40. this attack. It is based on AntiSec's DHN, contains a few bugfix, a
  41. different dns list/target support and is a bit stripped down for speed.
  42.  
  43. The principle is simple; a flaw that uses forged UDP packets is to be
  44. used to trigger a rush of DNS queries all redirected and reflected to
  45. those 13 IPs. The flaw is as follow; since the UDP protocol allows it,
  46. we can change the source IP of the sender to our target, thus spoofing
  47. the source of the DNS query.
  48.  
  49. The DNS server will then respond to that query by sending the answer to
  50. the spoofed IP. Since the answer is always bigger than the query, the
  51. DNS answers will then flood the target ip. It is called an amplified
  52. because we can use small packets to generate large traffic. It is called
  53. reflective because we will not send the queries to the root name servers,
  54. instead, we will use a list of known vulnerable DNS servers which will
  55. attack the root servers for us.
  56.  
  57. DDoS request ---> [Vulnerable DNS Server ] <---> Normal client requests
  58. \
  59. | ( Spoofed UDP requests
  60. | will redirect the answers
  61. | to the root name server )
  62. |
  63. [ 13 root servers ] * BAM
  64.  
  65. Since the attack will be using static IP addresses, it will not rely
  66. on name server resolution, thus enabling us to keep the attack up even
  67. while the Internet is down. The very fact that nobody will be able to
  68. make new requests to use the Internet will slow down those who will try
  69. to stop the attack. It may only lasts one hour, maybe more, maybe even
  70. a few days. No matter what, it will be global. It will be known.
  71.  
  72. -----------------------------------------------------------------------
  73.  
  74. download link in #opGlobalBlackout
  75. The tool is named "ramp" and stands for Reflective Amplification. It is
  76. located in the \ramp\ folder.
  77.  
  78. ----------> Windows users
  79.  
  80. In order to run "ramp", you will need to download and install these two
  81. applications;
  82.  
  83. WINPCAP DRIVER - www.winpcap.org/install/default.htm
  84. TOR - www.torproject.org/dist/vidalia-bundles/
  85.  
  86. The Winpcap driver is a standard library and the TOR client is used as
  87. a proxy client for using the TOR network.
  88.  
  89. It is also recommended to use a VPN, feel free to choose your own flavor of this.
  90.  
  91. To launch the tool, just execute "\ramp\launch.bat" and wait. The attack
  92. will start by itself.
  93.  
  94. ----------> Linux users
  95.  
  96. The "ramp" linux client is located under the \ramp\linux\ folder and
  97. needs a working installation of python and scapy.
  98.  
  99. Read more: www.disclose.tv/forum/on-march-31-anonymous-will-shut-the-internet-down-t67878.html#ixzz1modrC1Jn
  100.  
  101. "He who sacrifices freedom for security deserves neither."
  102. Benjamin Franklin
  103.  
  104. We know you won't listen. We know you won't change. We know it's because
  105. you don't want to. We know it's because you like it how it is. You bullied
  106. us into your delusion. We have seen you brutalize harmless old womans who were
  107. protesting for peace. We do not forget because we know you will only use that
  108. to start again. We know your true face. We know you will never stop. Neither
  109. are we. We know.
  110.  
  111. We are Anonymous.
  112. We are Legion.
  113. We do not Forgive.
  114. We do not Forget.
  115. You know who you are, Expect us.