UFONet is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS attacks, using ‘Open Redirect’ vectors, generally located on third part-y web applications (a botnet) and other powerful DoS attacks, some including different OSI model layers, as for example the TCP/SYN flood attack, which is perform on Layer 3 (Network).
There is a large list of possible DoS and DDoS attack with this tool:
- The tool allow to inspect your target to have more information and vulnerabilities.
- Stress database on target by requesting random valid strings
- Exploits XML-RPC Pingback Vulnerability, generating callback requests and increasing processing required by target.
- Connect LOIC (with proxy support), to make a determinate number of recursive requests directly to your target.
- Connect LORIS to make requests leave open threads on the target and make the web server work slower
- Connect UFOSYN to start a powerful TCP/SYN flood attack
- Make a SPRAY attack to launch a Distributed ‘Reflection’ Denial of Service (DrDoS)
- A SMURF attack to send Distributed ICMP ‘Broadcast’ packets
- XMAS attack that will flood your target with ‘Christmas Tree’ packets
- A STARVATION attack that will knock down your target in seconds, if it does not have a minimum level of protection
- All ways could be combined, so UFONet can attack DDoS and DoS, at the same time.
- The last but not least is Generating Blackhole where user may connect the system with P2P options to share/keep ‘zombies’ with other ‘motherships’. Some of them are shared on the darknet.
Installing UFONet
UFONet runs on many platforms. It requires Python (>2.7.9) and the following libraries:
python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library
python-whois - Python module for retrieving WHOIS information - Python 2
python-crypto - Cryptographic algorithms and protocols for Python
python-requests - elegant and simple HTTP library for Python2, built for human beings
python-scapy - Packet generator/sniffer and network scanner/discovery
You can automatically get all required libraries using (as root):
sudo python setup.py install
For manual installation, on Debian-based systems (ex: Ubuntu), run:
sudo apt-get install python-pycurl python-geoip python-whois python-crypto python-requests python-scapy
On other systems such as: Kali, Ubuntu, ArchLinux, ParrotSec, Fedora, etc… also run:
pip install geoip
pip install requests
pip install pycrypto
pip install scapy
Source libs:
- Python: https://www.python.org/downloads/
- PyCurl: http://pycurl.sourceforge.net/
- PyGeoIP: https://pypi.python.org/pypi/GeoIP/
- PyWhois: https://pypi.python.org/pypi/whois
- PyCrypto: https://pypi.python.org/pypi/pycrypto
- PyRequests: https://pypi.python.org/pypi/requests
- PyScapy: https://pypi.org/project/scapy/
- Leaflet: http://leafletjs.com/ (provided)
Screenshots
You can read more and download this tool over here: https://github.com/epsylon/ufonet
