How to create a DDOS program exploiting XenForo CMS
by kermer - November 03, 2019 at 12:00 PM
#1
In this tutorial i will teach how to create a DDOS program exploiting XenForo CMS.

Note: To create a DDOS program it require a lot of work before the first denial to take place.

1 - Create a text list of forums using XenForo CMS on the web.
2 - Register and activate your account on each Forum.
3 - Create a thread and type a random "Thread title" and type your target url in the message.
4 - Hit Preview, to generate a hit on the target url.

(The XenForo CMS will try to get the url title and basic info with the request)

By now you should have an idea how this thing works.

Now grab the source/POST Request from each Thread/Forum and paste in your DDOS program. Replicate 100/200 times and you should have a eficient DDOS program. The advantage of this method is that you can send hits to urls from different ips as the connection is always made from the forum server to the url. The second advantage is that forum admins will never suspect as you don't actually create a thread.

- Vulnerable Forum example
[Image: Hrp4q0oi_o.jpg]

- Details about the link to log
[Image: S7Mz17W0_o.jpg]

- IP from the Vulnerable Forum
[Image: u6gQlzJ5_o.jpg]
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Continued using monetized links after being warned / Multi accounting (hacxx)
Reply
#2
so this is some sort of Layer7 DDoS stressing technique?

I really dont think 100-200 would be more than enough for DDoS. Maybe cause some stress on the server but DDoS nada.
Reply
#3
I'm all about exploiting systems. I'm not saying that it will disrupt a service just a way to do it. DDoS isn't any thing new and even some people doesn't classify DDoS as hacking as it is very basic but under the law, yes it fall out on elicit act.

I have been for a few hours on a back server and with Windows Server or a linux distro you can switch off the attacks. The only problem is that you need to pay for a person to work all day ready for action and find patterns to block those attacks and you really need to scale the projects.
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Continued using monetized links after being warned / Multi accounting (hacxx)
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
✅[FORMATION FRENCH] ELLIOT HEWITT - FOREX PRO TRADER PROGRAM (2021)✅ H4KIG 78 6,539 4 hours ago
Last Post: daron7123
Cars and trucks diagnostic program (step-by-step installation + images) LusoLeader 2 339 7 hours ago
Last Post: LusoLeader
22_Silenced_Pistol - Create your own pistol at home LusoLeader 37 1,628 Yesterday at 10:25 PM
Last Post: LusoLeader

 Users browsing this thread: 1 Guest(s)