A month and a half ago chr13 discovered how to DDoS someone with the help of Google Spreadsheet, and now he applied such a method to Facebook Notes. And it worked!
Operating procedure is absolutely the same as in Google Spreadsheet:
- Create a list with «unique» «photos»:
<img src="http://targetname/file?r=1" /> <img src="http://targetname/file?r=2" /> ... <img src="http://targetname/file?r=1000" />
- Write a note with the help of m.facebook.com. The service will cut the note after some fixed length.
- Create several notes with one or several accounts. Each note will make 1000+ HTTP-requests.
- Open all the notes at the same time. Specified server will get a mountainous pile of HTTP-traffic. Thousands of requests will go to the server within a couple of seconds.
The author managed to overload a gigabit channel at his VPS. 127 Facebook servers were involved in the DDoS attack.
Facebook marked the problem as “Won’t fix”.