- What is a DDoS?
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable
by overwhelming it with traffic from multiple sources.
- What is a Botnet?
A Botnet is a collection of computers often referred to as "zombies" that allows an attacker
to control them.
- For what is used UFONet?
UFONet is a tool designed to test DDoS attacks against a target using 'Open Redirect' vectors
on third party web applications like botnet.
- Do you recieve a salary for develop this tool?
No. This 'magic' cannot be sold.
- Is UFONet a "strong" botnet?
Well. That's depends on how you understand a botnet as "strong". If you understand it as;
* 'privacy'; UFONet is the best -ninja- DDoS tool.
* 'traffic volume'; that's depends on 'zombies', bandwidth, target's conf, etc...
With UFONet it's not question about having a lot of 'zombies' but is more that those that you have
You can 'defeat' a 'small' webserver just with a 'couple of dozens', if they are nice...
Or for example, if your target is using a VPS service with some limited bandwidth rate (ex: 1GB/month),
for you is just question of wait until UFONet/zombies traffic (noise) reach that top... etc.
Also people understand a botnet as an individual tool. Imagine more than one UFONet running together
against a target, sharing 'zombies', etc... effects can be more powerful than running the tool alone.
- For what UFONet is more special than other DDoS tools?
Basically, because UFONet (if propertly configurated) never connects directly to the target, therefore
leaves no traces (IPs, etc...) about the origin of the attack.
- Is it doing any kind of DoS reflection?
No. This is not related with 'Open Redirect' vulnerability.
- How it works technically?
This schema shows you how architecture of requests is working.
- What's the difference between: 'zombies', 'aliens', 'droids', 'ucavs'...?
* Zombie: HTTP GET 'Open Redirect' bot
* Droid: HTTP GET 'Open Redirect' bot with params required
* Alien: HTTP POST 'Open Redirect' bot
* Drone: HTTP GET 'Web Abuse' bot
* X-RPC: HTTP POST XML-RPC PingBack Vulnerability
- Is it possible to stress target's database by using UFONet?
Yes, it is. For example, you can order to your 'zombies' to submit random valid requests
on a target's search input form. This floods database with queries.
ex(wordpress): ./ufonet -a 'http://TARGET-WORDPRESS.com' --db '?s='
- How can I start with UFONet; for example using GNU/Linux (ex: Kali)?
linux% wget http://ufonet.03c8.net/ufonet/ufonet-v0.8.tar.gz
linux% tar zxfv ufonet-v0.8.tar.gz
linux% cd ufonet-v0.8
linux% cd ufonet
botnet core docs server ufonet
linux% sudo apt-get install python-pycurl python-geoip python-crypto
linux% pip install geoip
linux% pip install requests
linux% pip install pycrypto
linux% ./ufonet --help
- Which libs version may I use?
python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library
python-crypto - Cryptographic algorithms and protocols for Python
* Python (>v2.7.9)
- Is it there any command for HELP?
ufonet --help (-h)
- How can I start a Graphical User Interface (GUI)?
- What is a 'wormhole'?
It is an IRC gateway to Freenode where UFONet 'masters' can meet.
- Is it possible to update tool automatically?
Yes. But only if you have cloned UFONet from Github repository.
* git clone https://github.com/epsylon/ufonet
* ufonet --update
- What is a 'blackhole'?
It is a P2P daemon to share 'zombies' with other UFONet 'masters'.
- Where can I download more 'zombies'?
You should search for accessible 'blackholes'. Some of them are on darknet...
By the way, there is a Community list of 'zombies' that you can download by using:
- Can I spread 'zombies' with a web-server?
Yes. You only need to create a 'blackhole' and share your IP with other UFONet 'masters'...
ufonet --blackhole (daemonize it with: ufonet --blackhole &)
- How can I test if my 'zombies' are working properly?
ufonet -t 'botnet/zombies.txt'
- Where can I report a bug?
You can report bugs on: UFONet Github issues.
- Error: can't start new thread
This "bug" is related with how your OS is managing python threads.
UFONet tries to reduce as max as possible this issue by establishing a 'reaction timeout'
for each thread created (to try to close it correctly if fails).
If you have this problem, probably you need to update your 'zombies' list.
When a 'zombie' fails on a request, UFONet manages that on one way that depending on your config
can results on a threading overflow.
Traceback (most recent call last):
File "/home/user/ufonet/ufonet/core/main.py", line 272, in run
test = self.testing(zombies)
File "/home/user/ufonet/ufonet/core/main.py", line 1917, in testing
File "/home/user/ufonet/ufonet/core/main.py", line 420, in connect_zombies
File "/usr/lib/python2.7/threading.py", line 736, in start
error: can't start new thread
Also you can use --delay and --retries options to manage time connections,
--threads to reduce/increase threading, etc..
But the best solution is; to reduce your 'zombies' list to those that really works.
- Error: importing pygeoip lib
It happens when you cannot view global map correctly. You will see this message on the shell:
Error importing: pygeoip lib.
On Debian based systems:
$ sudo apt-get install python-geoip
This "bug" is related on how your OS is managing python-geoip path to lib.
You can fix it by installing pygeoip from pip: pip install geoip
- Can I pay you for DDoS a target?
No. But you can keep sending me ridiculous 'job' offers....
- Do you sell botnets?
No. Actually, I am providing you one for free/gratis... hehe.
- Is it there any music songs mentioning UFONet?
No. And should be nice to have some... Are you a musician? ;-)