X4U Doser, or X4UD, a free online tool for mounting DDoS attacks, was launched in the summer of 2016. It has been updated various times, and is now available in a 3.0 iteration. Its creator, a student calling themselves FathurION, describes it as “a free, strong, and maximum network stress testing and distributes/denial-of-service attack application , written in .net languanges , and developed by X4U Hacker.”
UK cybersecurity firm Link11 recently ran a profile on X4UD, which we will summarize here.
X4UD can easily be downloaded from the web as a zip file. The X4UD_V3.0.zip version is a program of around 6 MB that after unzipping places a red and black icon on the desktop. Its “! About” button indicates that X4U Doser is freeware. It tells you that users can report bugs and issues by e-mail to x4uhacker.develop[at]gmail.com. The “CHECK FOR UPDATE” button leads you to an official download platform (www.x4uhacker.wordpress.com/), which offers a spamming tool and an MD5 converter.
You then enter a target IP address. The “Find IP Address” button converts the target’s URL into a usable IP address, which then simply requires confirmation by clicking “Confirm”.
X4U Doser offers several types of attack: “Army Quality”, “Ping Quality” and “UDP Quality”, each of which can be set to “Minimum”, “Normal”, “Extreme”, “Maximum” or “X-Maximum”.
The Link11 Security Operation Center (LSOC) selected the highest level, X-Maximum, for all 3 parameters, for testing purposes. Port 80 (http) is preset as a default. Before launching the attack using the “ATTACK !” button, the LSOC activated packet capture in order to track network traffic.
Once the attack was confirmed, X4U Doser recommended not opening other products to conserve RAM.
The first attack vector used was an ICMP flood, which peaked at around 120 ICMP requests per second, the next was a UDP garbage flood, and the final one was a HTTP GET flood on “/” with HTTP in the 1.0 version.
To put X4U Doser to work, detailed IT knowledge is unnecessary. The program is targeted at “noobs“ looking to use DDoS attacks for hacktivism or other individual goals. X4U Doser allows you to bring three attack vectors to bear at once to hit a target. Web servers are wrapped up with HTTP requests while ICMP and UDP packets clog up the lines. The firewall also has to process all three attack vectors. In such attacks, just one successful vector can be sufficient to take the target down.
However, the attack run by LSOC was unsuccessful: the unprotected test server stayed online continuously. The attacking PC, however, was poorly equipped. LSOC commented, “If the test attacks were repeated using significantly more powerful computers, the results may be different. Cybercriminals Anonymous work collectively in many cases, with many attackers bombarding targets instead of just one. This strategy is what turns a DoS attack into a DDoS attack with considerably higher packet rates.”