Jump to content
kristoffersantiago

brainXploit 4: Attack on E Corp

Recommended Posts

caneacsu

The first ever attack was a DDOS attack called RUDY. This happens when we see Elliot just coming in the office. R.U.D.Y. (R-U-Dead-Yet?) is a slow-rate HTTP POST (Layer 7) denial-of-service tool created by Raviv Raz and named after the Children of Bodom album “Are You Dead Yet?” It achieves denial-of-service by using long form field submissions. By injecting one byte of information into an application POST field at a time and then waiting, R.U.D.Y. causes application threads to await the end of never-ending posts in order to perform processing (this behavior is necessary in order to allow web servers to support users with slower connections). Since R.U.D.Y. causes the target webserver to hang while waiting for the rest of an HTTP POST request, by initiating simultaneous connections to the server the attacker is ultimately able to exhaust the server’s connection table and create a denial-of-service condition.

The second attack of the episode is another DDOS, but this time a lot more serious, taking E Corp offline. The attackers also managed to get inside the network, installing a rootkit. This rootkit replicated itself every time a server was rebooted and crashed the host. They eventually solved the issue by taking all the servers down and cleaning the infected servers. However, Elliot makes a conscious decision and leaves a server infected, but restricts access to it and makes it available only to him. 

Story to be continued, watch the TV show, it's awesome ! :) 

  • Like 3

Share this post


Link to post
Share on other sites
kristoffersantiago

brainXploit4_answer.png

For more information on R.U.D.Y. attacks, refer to the reply above! :lol: That was a masterclass in Mr. Robot trivia, @caneacsu. Thanks! :D

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×