Ufonet v0.5b - Invasion released - DDoS attacks via Web Abuse.

Ufonet v0.5b – Invasion released – DDoS attacks via Web Abuse.

NOTE: “THIS CODE IS NOT FOR EDUCATIONAL PURPOSE

UFONet – is a tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet.

UFONet - is a tool designed to launch DDoS attacks against a target, using 'Open Redirect' vectors on third party web applications, like botnet

UFONet – is a tool designed to launch DDoS attacks against a target, using ‘Open Redirect’ vectors on third party web applications, like botnet

Features :
– Auto-update
– Clean code (only needs python-pycurl)
– Documentation with examples
– Web/GUI Interface
– Proxy to connect to ‘zombies’ (ex: tor)
– Change HTTP Headers (User-Agent, Referer, Host…)
– Configure requests (Timeout, Retries, Delay…)
– Search for ‘zombies’ on google results (using a pattern or a list of dorks)
– Test ‘Open Redirect’ vulnerabilities on ‘zombies’
– Download/Upload ‘zombies’ from Community
– Inspect a target (HTML objects sizes)
– Set a place to ‘bit’ on a target (ex: big file)
– Control number of rounds to attack
– Apply cache evasion techniques

Ufonet Schema

Ufonet Schema

See this links for more info:
http://cwe.mitre.org/data/definitions/601.html
– https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2

Installing:
UFONet runs on many platforms. It requires Python and the following library:
— python-pycurl – Python bindings to libcurl
On Debian-based systems (ex: Ubuntu), run:
— sudo apt-get install python-pycurl
Source libs: Python | PyCurl

UFONet - is a tool designed to launch DDoS attacks against a target

UFONet – is a tool designed to launch DDoS attacks against a target

Attacking a target:
Enter a target to attack, with the number of rounds that will be attacked:
./ufonet -a http://target.com -r 10This will attack the target, with the list of ‘zombies’ that your provided on: “zombies.txt”, a number of 10 times for each ‘zombie’. That means, that if you have a list of 1.000 ‘zombies’,
the program will launch 1.000 ‘zombies’ x 10 rounds = 10.000 ‘hits’ to the target.

::By default, if you don’t put any round, it will apply only 1. ::
Additionally, you can choose a place to recharge on target’s site. For example, a large image, a big size file or a flash movie. In some scenarios where targets doesn’t use cache systems,
this will do the attack more effective.

Testing botnet:
Open ‘zombies.txt’ (or another file) and create a list of possible ‘zombies’. Urls of the ‘zombies’ should be like this: http://target.com/check?uri=

After that, launch it:
./ufonet -t zombies.txt

At the end of the process, you will be asked if you want to update the list adding automatically only ‘vulnerable’ web apps.
Wanna update your list (Y/n)
If you reply ‘Y’, your file: zombies.txt will be updated.

Download :
UFONet-v0.5b(.zip)
UFONet-v0.5b(.tar.gz)
Source : https://github.com/epsylon | Our Post Before