Before I explain how Unsolicited Commando works, I should probably explain how it does not work.
Unsolicited Commando is not an email filter. There are already plenty of email filters out there that one can use. Unsolicited Commando neither ties into your email programs nor responds to UCEs that your may have received. Having some sort of automated response to 'spams' would be nice, but this severly increases the complexity of the design and it opens the door for people to trick my system into attacking websites that were not actually advertised by spam. For example, if a mass-mailer sent out emails with links to the Federal Trade Commission's website my system might be tricked into attacking ftc.gov. That's no good. Unsolicited Commando does not 'DDoS' anyone's website, wether advertised by mass-emails or otherwise. DDoS stands for Distributed Denial of Service. DDoS-ing involves sending so many requests from distributed sources to a single server that the server in question cannot respond to all of them and therefore cannot respond to legitimate requests also. DDoS-ing is very much illegal in the US and against the policies of my web host. The attacks that are launched by Unsolicited Commando are far, far, FAR more subtle. Unsolicited Commando does not interfere with websites being advertised by UCE: it interferes with the business models of those who own said websites.
Unsolicited Commando is a set of N clients and a central server. The server controls the clients and I control the server. In this way, Unsolicited Commando is just an application that allows me to easily fill out a website's forms with false positives. If 1000 people are running my client software, then filling out a form somewhere 1000 times or more is as easy as uploading a single attack order to the central server.
Let's look at how the whole process works, shall we?
It all starts with the spammer: if it wasn't for him/her/it nothing here would have any meaning. The first step in that process is that I receive a commercial advertisement in an email that was unsolicited. It arrives in one of many email addresses that I used to use for everyday purposes. They are useless addresses now, totally reduced to a source of targets for UC. The website to which it refers is examined and, in particular, the forms it contains.
From the forms on the spamvertised website I can generate what I call Strategic Targets. These are scripts of very abstract orders. A meta-script, if you will, they generate more specific scripts that I call Tactical Orders. A Strategic Target might looks somthing like this:
OPEN "www.reducemydebtwithoutreducingthesizeofmypenis.com/signmeup.php"
METHOD "POST"
SETPARAM FIRSTNAME
SETPARAM LASTNAME
SETPARAM PHONENUMBER
SETPARAM BESTTIMETOCALL
EXECUTEIO
After a Strategic Target is generated, it is uploaded to the server at astrobastards.net where it sits among other Strategic Targets awaiting requests for orders from clients.
The client software begins its life anywhere in the world on any computer connected to the internet. Hopefully, the person who downloaded the UC client also put a link to it in their Startup menu. When executed, it creates a thread whose job is to communicate with astrobastards.net. Every 30 minutes it will request attack orders and possibly upload the results from previous attacks to the server. This communication is HTTP based and should be able to tunnel through most firewalls.
The server, upon receiving a request for orders, evaluates the IP address of the client against every Strategic Order on the server. I designed the system keeping in mind that I don't want too many attacks comming from any single IP address, so if the server thinks that insufficient time has passed since that IP was used previously then it will respond with no orders. In fact, most of time that is exactly what will happen. But, if the IP has never been used or has been used past a certain threshold time then the server will translate the appropriate Strategic Target into Tactical Orders to be interpreted by the client.
The Strategic Target example above might get translated into a Tactical Order such as this:
OPEN "www.reducemydebtwithoutreducingthesizeofmypenis.com/signmeup.php"
METHOD "POST"
SETPARAM "Beth"
SETPARAM "Cunningham"
SETPARAM "321-555-1234"
SETPARAM "anytime before noon"
EXECUTEIO
The client, after receiving Tactical Orders, spawns a new thread for every order. The threads interpret the orders and execute them as HTTP requests directed at the appropriate target. Information on the results are gathered(for example, were there any IOExceptions during the attack) and are placed into a buffer waiting to get shipped back to the server.
That is basically it. Not too complicated. I should mention three other things. One is that although the software has a simple interface it can run as a process in the background. If you close the window and the "On exit..." setting is "Run in background" the process should still be listed in the Windows Task Manager as "Commando.exe". It can be shut off there. Number two is that the software runs all of its threads in Java's thread priority Thread.MIN_PRIORITY. This can have different meanings on different machines, but should generally mean that the operating system will only allow UC's execution to continue if no other processes are requesting CPU time. This way UC won't be a drain on your system's resources while you are trying to use your computer for other things. The last thing I want to mention is that UC can only download and run Tactical Order scripts which are very limited in what they can do. You can read about them in the source code TacOrd.java. The UC Client CANNOT download and execute new .exe files onto your system. I can't use it to put a virus or a backdoor program. It won't give me access to your files or the emails you sent to your girlfriend. It only runs Tactical Order scripts, and that's it. It can't even install new versions of itself, although it can determine that your version of the software is outdated and will force a window to pop up reminding you that you should download the latest version from astrobastards.net/uc/.
astrobastards.net/uc/
astrobastards.net/
Surf this, Mr. Bot.