clock menu more-arrow no yes mobile

Filed under:

Who hacks the hackers? Security firm reveals vulnerabilities in popular DDoS tools

New, 12 comments

Security firm Prolexic has turned the tables on DDoS attackers, publishing a report revealing a swathe of basic vulnerabilities in the popular Dirt Jumper family of tools.

Dirt Jumper DDoS exploit
Dirt Jumper DDoS exploit

Researchers at security firm Prolexic have published a guide detailing serious vulnerabilities in the popular Dirt Jumper family of distributed denial of service (DDoS) tools, potentially allowing "white hat" hackers to hijack command and control servers and prevent malicious attacks. Ironically, the developers of the tools — which are similar to the favored weapons of groups like Anonymous and LulzSec — appear to have neglected many basic security precautions, including sanitizing user input to prevent so-called SQL injection attacks.

SQL injection involves inserting database instructions in unexpected and unprotected places, effectively taking charge of a web application's database from the outside. According to the Prolexic report, the open source penetration testing tool sqlmap can be used to dump the contents of Dirt Jumper's database configuration file in a matter of seconds, revealing administrative usernames and passwords.

The biggest problem with putting these vigilante techniques into practice — legal implications aside — is locating command and control servers in the first place. Still, as Ars Technica points out, "it wouldn't be surprising if the software transmits a unique signature that can be detected using port-scanning software or other tools." A poor show from a product that sells for around $5,000 in the shadier parts of the internet.