Let me tell you a little story.
Then came the 17th. I checked the site, whoa, there is some perl code there. Then I read it and it sounded nothing like the tool as described. Rumor around the Intertubes was that #RefRef was/is a hoax and that the people responsible were collecting donations for R&D.
This is what we actually have for the tool that was released on the RefRef site does:
GET /%20and%20(select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f)) HTTP/1.1
Connection: TE, close
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:22.214.171.124) Gecko/20080201Firefox/126.96.36.199
The way this works is that it requests a large amount of benchmark queries against the database. This is very similar to SQL Injection in that the request contains database commands which are then passed by the application server to the database. In this case, the SQL command is “benchmark” which executes the query multiple times to build test performance of the query. As you would guess, it generates a ton of database server load. However, it’s only applicable to MySQL.