The LOIC was originally developed by Praetox Technologies as a stress testing application before becoming available within the public domain. The tool is able to perform a simple dos attack by sending a large sequence of UDP, TCP or HTTP requests to the target server. It’s a very easy tool to use, even by those lacking any basic knowledge of hacking. The only thing a user needs to know for using the tool is the URL of the target. A would-be hacker need only then select some easy options (address of target system and method of attack) and click a button to start the attack.
The tool takes the URL of the target server on which you want to perform the attack. You can also enter the IP address of the target system. The IP address of the target is used in place of an internal local network where DNS is not being used. The tool has three chief methods of attack: TCP, UDP and HTTP. You can select the method of attack on the target server. Some other options include timeout, TCP/UDP message, Port and threads. See the basic screen of the tool in the snapshot above in Figure 1.
The LOIC version used by Anonymous group attacks was different than the original LOIC. It had an option to connect the client to the IRC (Internet Relay Chat). This allowed the tool to be remotely controlled, using the IRC protocol. In that case, the user machine became part of a botnet. A botnet is a system of compromised computer systems connected to each other via the internet, which are in turn controlled by the attacker who directs the malware toward his / her target. The bigger the botnet, the more powerful the attack is.
Type of attacks: As I’d mentioned previously, the LOIC uses three different types of attacks (TCP, UDP and HTTP). All three methods implement the same mechanism of attack. The tool opens multiple connections to the target server and sends a continuous sequence of messages which can be defined from the TCP/UDP message parameter option available on the tool. In the TCP and UDP attacks, the string is sent as a plain text but in the HTTP attack, it is included in the contents of a HTTP GET message.
This tool continues sending requests to the target server; after some time, the target server becomes overloaded. In this way, the target server will no longer be able to respond to requests from legitimate users, effectively shutting it down.
Analysis of the attack :
UDP Attack: To perform the UDP attack, select the method of attack as UDP. It has port 80 as the default option selected, but you can change this according to your need. Change the message string or leave it as the default.
TCP Attack: This method is similar to UDP attack. Select the type of attack as TCP to use this.
HTTP Attack: In this attack, the tool sends HTTP requests to the target server. A web application firewall can detect this type of attack easily.
How to use LOIC to perform a Dos attack: Just follow these simple steps to enact a DOS attack against a website (but do so at your own risk).