The concept of Opera browser extensions is the same as with Firefox. They are small applications that can be installed and added to the browser. I decided to have a try at creating a couple of my own for Opera, and found it surprisingly easy. These are available from my page at SourceForge.net, and hopefully will be found on the Opera Widgets site shortly.
The only requirements for creating an extension are basic web development skills, a text/web editor, and a program for creating .zip archives.
Excellent tutorials and guides for developers are available from the Dev.Opera,/a> site, and there is also an SDK containing examples, code libraries and documentation.
Application Directory and Files
The first step is to create an application directory that contains:
- index.html – the basic interface for the application
- Images directory – all the images for the application
Creating the First Extension
The first extension I created, called OneClick, has just a set of icons that are clicked to change the content in a window. It consists merely of hyperlinked images that point to an iframe. With a bit of graphics design and editing, I was able to give it the appearance of a more professional application.
My Second Extension – Microformats Creator
In the application directory there must be an XML file called config.xml. This contains data about the extension that is read by the Opera browser and the widgets server, in order to identify the extension, the author, trusted domains and the window size of the application.
Packaging, Installing and Publishing
Before anyone can install the extension, it must be packaged as a single .wgt file. This is done by converting the applications directory into a .zip archive, then changing the file extension from .zip to .wgt.
There are two ways of installing the extension. The first is to drag-and-drop the file into the main browser window. The second is to open a link to the file, which Opera will recognise as an installable browser extension. The extension will appear in the browser’s Widget menu, and its icon should be displayed in the desktop as well.
The .wgt file can be uploaded to the Opera Widgets site where it will be reviewed before being made public. Alternatively the file can be published on any server, including SourceForge.net.
While I largely believe in what 4Chan stands for, especially when it put a stop to ACS:Law sending threat letters to pensioners who were in fact innocent of copyright theft, the methods are still questionable. Only a small minority of Anonymous are real hackers who know how LOIC works, can write their own scripts, and are familiar enough with the law to get themselves out of trouble if they get caught. The rest are putting themselves at risk, at least until the hackers there start employing the more effective ways of slowing down servers and covering ther tracks, unless they’re already doing that and using LOIC as cover.
Readers should also be aware this is an entirely different game from previous efforts that took down the copyright law firms. The current targets are larger companies who employ real hackers and professionals to manage their servers, which is why relatively little disruption has been caused.
Hopefully this post will give enough information to deter those who don’t know the risks from joining Anonymous and ending up with a 10 year prison sentence.
Sophos Security, who have taken a less tolerant attitude to LOIC since 2008, has posted a more general introduction to the code on its site. This post goes into a ittle more detail. The LOIC DDoS attacks work like this:
- Download the LOIC client
- Configure the client to connect to an IRC server
- The target gets flooded with requests from the LOIC clients operating in ‘Hive’ mode.
This is a classic Distributed Denial of Service (DDoS) using a botnet, except in this case people volunteer to join it. It’s important to note the LOIC client is a legitimate security testing application, apparently developed by Praetox Technologies. It does not include code for masking the originator’s IP address, which will show up somewhere on the target server’s logs and can easily be traced back to the user’s ISP account, and eventually the local router. A couple of teenagers have already been arrested and police are now investigating the latest round of DDoS attacks.
The C# source code for the LOIC client is available at GitHub for anyone who wants to look at it, and the executable should be found in the /bin directory. Readers might want to test the client on their own servers to see what shows up on the logs.
Most the files are for creating the interface, but three of them are of interest:
Main Form/GUI Code
The file frmMain.cs generates the main part of the user interface, and where the user specifies the URL or IP address of the target server. When the command IMMA CHARGIN MAH LAZER is recieved, the program does a series of checks for valid addresses, port numbers, payload, etc. before running the DDoS code for whichever of the three methods (TCP, UDP or XXP) is selected, until the command Stop Flooding is entered.
The rest of the code in that file’s for displaying the current status of the attack.
IRC and Hive Mode
In the ‘Hive’ mode, which is enabled with /hivemind entered, commands are sent to the LOIC client through IRC. The IRC server, channel and port are set through on of the Windows forms and defined in Program.cs, which uses the C# SmartIRC4NET library.
As you can see in the code, the default is channel #loic at port 6667. In this mode, the user has volunteered to join the botnet which collectively sends requests to whatever Anonymous decides the target is.
A typical command recieved by the client through IRC sets the parameters:
default targethost=http://server.com subsite=/ speed=3
threads=15 method=tcp message=Enjoy_the_DDoS port=80 start