- An automatic tool for initiating DDoS attacks
- Written on Python / GPL v3.0
- First edition:
-- Born as an XSSer module (2009)
-- Started: v0.1b --> 2013
- Exploit Layer 7 (HTTP / Web *****)
-- "Open redirection" vectors
OWASP: Top 10 2013-A10- Invalid redirects and referrals
- Objective --> Exhaustion of resources (DoS)
How does it work?
+CWE-601: URL redirecting to inaccurate wesite
This web application accepts user-controlled login
Whoever defines a link to an external site and
uses these links in redirection
+OWASP: ***** of URL redirection
The applications accept arbitrary URLs defined by the user
As input, which are then used as targets
For redirection. Users can be accidentally redirected
To a malicious site from a site they trust. (Phishing Attacks)
- Dark.png (46.49 KiB) Viewed 35514 times
Installation
UFONet works on many platforms. It requires Python (> 2.7.9) and the following libraries:
Python-pycurl - Python connection to libcurl
Python-geoip - Python connections to the geoIP IP resolver library to the country
Python-crypto - Cryptographic algorithms and Python protocols
On Debian-based systems (such as Ubuntu), run:
sudo apt-get install python-pycurl python-python python-crypto
On other systems such as: Kali, Ubuntu, ArchLinux, ParrotSec, Fedora, etc. the following also appear:
pip install geoip
pip install requests
pip install pycrypto
Main functions:
Modularity:
- Code from scratch (clean)
Proxy: (e.g., Tor)
- Master = Proxy → Proxy (Zombie) → Target
+Spoofing: (HTTP headers)
- User-Agent / Referer / Host / X-Forwarded-For / ...
Botnet Management:
- Search for "zombies" on the internet
- Vulnerability test (Open Redirect)
Impact: Request (s) / Avoid the target cache / ...
For more info: https://ufonet.03c8.net/
