Dear J. I miss you buddy. - Zero

a guest Jul 15th, 2013 1,780 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [Insert Catchy Intro Here]
  3. First:
  5. This is no disrespect to J. I wish he would unblock me so we could have fine afternoon chats about security and our personal life. But, I understand if he doesn't like me cuz I can take down xbox live and he can't.
  7. Background:
  9. So @th3j35t3r is a hacker who performs mostly DoS attack from his tool he calls XerXes.
  10. He still claims the attack is NOT done via a layer 7 DoS attack and does NOT use amplification.
  11. So, I decided to make disproving this a little project.
  13. First I noticed Jester was going to be targeting
  14. He announced this via Twitter. &
  16. So I decided to perform a "surprise adoption" on the website and server to check out some of the logs.
  17. I also posted the server details on the main page as proof. &
  19. As I was viewing the logs I saw this:
  21. - - [06/Jul/2013:22:50:34 +0330] "HEAD / HTTP/1.0" 200 4011 "-" "XerXes - Jihad Down. TANGO DOWN
  22. - - [06/Jul/2013:22:50:34 +0330] "HEAD / HTTP/1.0" 200 4011 "-" "XerXes - Jihad Down. TANGO DOWN
  23. - - [06/Jul/2013:22:50:34 +0330] "HEAD / HTTP/1.0" 200 4011 "-" "XerXes - Jihad Down. TANGO DOWN
  25. Well, the logs are from the same time Jester attack the site. Check his tweet
  28. The HTTP request sends the info "XerXes" & "Jihad Down"
  29. Hmm... who do we know who would be that arrogant to put his tools name in the request and who hates Jihad?
  30. Oh yea.. Jester
  32. And proof that is the website:
  35. Plus notice how 3 requests were sent at the very same second.
  36. A Layer 7 DoS attack is not a fast attack.
  37. So server logs should not have requests sent at that speed. Well unless...
  38. Jester is using multiple machines or other servers as amplification.
  40. Conclusion:
  42. So what have we learned?
  44. Jester uses a Layer 7 DoS attack to send HTTP requests through an amplification technique.
  45. All of which he denies.
  46. Also IP logs reveled that he routes traffic through TOR and other servers such as
  48. PS: I'm not just Anon skid who should stay out of your way. If you would like to chat you can always unblock me.
  49. Or just keep chatting with my sock account. I enjoy that as well.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand