LockBit 2.0 Ransomware add DDoS protection to victim blog

image 3

The ransomware group have added DDoS protection to the victim blog using Nginx-Lua-Anti-DDoS from the github repo located here: https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS/blob/master/lua/anti_ddos_challenge.lua

image
github repo

The scripts they are using was created by Conor McKnight who is a developer of Lua, PHP, HTML, Javascript, MySQL, Visual Basics and various other languages over the years. This script was his solution to check web traffic coming into webservers to authenticate that the inbound traffic is a legitimate browser and request,
It was to help the main internet structure as well as every form of webserver that sends traffic by HTTP(S) protect themselves from the DoS / DDoS (Distributed Denial of Service) antics of the internet.

In essence, it creates a puzzle that the browser must solve before it will allow the traffic past, similar to how Cloudflare js works.

image 1
javascript the browser needs to execute

at least they are testing the code before they push it out, lol

image 2
debugging

well, I guess, back to work to find a bypass so I can get back to automated scraping the site for victim data.