Interesting. I wonder if the js version behaves identically to the .net one. If so, it could offer plausible deniability to any LOICers out there. I'm not condoning the practice, but it is a creative solution to having your primary tool be rendered toxic by the op payback arrests.
setInterval(function(){
var i = new Image();
i.src = target + randId + msg;
... // event handling
}, 0)
so you end up requesting an url every 0 ms the randId is just a simple `Date.now`, the message is an actual message taken from an input in the html. Source code: http://hastebin.com/gasitinafo.js
That's pretty nasty.
Surely defense against this kind of thing should be built into browsers although you would need to detect an unending loop causing HTTP requests so run into the halting problem I guess.
If they are tricking people into performing what is potentially a criminal act then they lose the limited amount of respect I did have for them.
Reeling in unwitting volunteers from Twitter