Attack Server

SetUp

To set up ourt front-line VPS attack server we will choosse a cloud providers that accepts Zcash or Monero coins.

List of cloud providers that support cryptocurrencies: https://acceptbitcoin.cash/

We pick a classic Ubuntu VPS and name our machine FrontLine, next we configure firewall rules to allow SSH traffic from our current public IP. Once the machine is up we connect to it using SSH.

Proxying Attacks

To run attacks to web applications, password sparying, among others, we want to make eavery single request from different Ips, so we dont get blocked.

- AWS API Gateway Pass-through Proxy

First, create an AWS account, preferably root access, to create a group and user account:

  • AWS Management Console > Services > IAM

  • IAM Dashboard > Access management > Groups

  • Create New Group > Select AmazonAPIGatewayAdministrator policy > Create the group

  • IAM Dashboard > Access management > Users

  • Add User > Access type > Programmatic access > Add user to previouslly created group > Create the user > Take note of the Access key ID and the Secret access key

Now, to automate the proxy creation, download and run FireProx:

git clone https://github.com/ustayready/fireprox

cd fireprox

virtualenv -p python3 .

source bin/activate

sudo pip install -r requirements.txt

python fire.py

python fire.py --access_key ACCESS_KEY --secret_access_key SECRET_ACCESS_KEY --region us-east-2 --command create --url TARGET_URL

Then, to evade detection, we can mask our source IP address by adding this custom header to our curl command “X-My-X-Forwarded-For: 127.0.0.1”.

curl -H "X-My-X-Forwarded-For: 127.0.0.1"https://FIREPROXURL.amazonaws.com/fprox/

- Residential or Phone Ips Rotating Proxies

We can use comercial tools that use residencial or phone Ips and rotate them: https://brightdata.com/luminati

- TOR

We can also proxy our attacks through the TOR network (i.e. firing up TOR and configuring its port in proxychains configuration).

Last updated