FAQ: UFONet v0.8 [Revision:30/10/2016]

Project Website: http://ufonet.03c8.net
  • What is a DDoS?
  • A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
  • What is a Botnet?
  • A Botnet is a collection of computers often referred to as "zombies" that allows an attacker to control them.
  • For what is used UFONet?
  • UFONet is a tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet.
  • Do you recieve a salary for develop this tool?
  • No. This 'magic' cannot be sold.
  • Is UFONet a "strong" botnet?
  • Well. That's depends on how you understand a botnet as "strong". If you understand it as; * 'privacy'; UFONet is the best -ninja- DDoS tool. * 'traffic volume'; that's depends on 'zombies', bandwidth, target's conf, etc... With UFONet it's not question about having a lot of 'zombies' but is more that those that you have work properly. You can 'defeat' a 'small' webserver just with a 'couple of dozens', if they are nice... Or for example, if your target is using a VPS service with some limited bandwidth rate (ex: 1GB/month), for you is just question of wait until UFONet/zombies traffic (noise) reach that top... etc. Also people understand a botnet as an individual tool. Imagine more than one UFONet running together against a target, sharing 'zombies', etc... effects can be more powerful than running the tool alone.
  • For what UFONet is more special than other DDoS tools?
  • Basically, because UFONet (if propertly configurated) never connects directly to the target, therefore leaves no traces (IPs, etc...) about the origin of the attack.
  • Is it doing any kind of DoS reflection?
  • No. This is not related with 'Open Redirect' vulnerability.
  • How it works technically?
  • This schema shows you how architecture of requests is working.
  • What's the difference between: 'zombies', 'aliens', 'droids', 'ucavs'...?
  • * Zombie: HTTP GET 'Open Redirect' bot ex: https://ZOMBIE.com/check?uri=$TARGET * Droid: HTTP GET 'Open Redirect' bot with params required ex: https://ZOMBIE.COM/css-validator/validator?uri=$TARGET&profile=css3&usermedium=all&vextwarning=true * Alien: HTTP POST 'Open Redirect' bot ex: https://ZOMBIE.com/analyze.html;$POST;url=$TARGET * Drone: HTTP GET 'Web Abuse' bot ex: https://www.isup.me/$TARGET * X-RPC: HTTP POST XML-RPC PingBack Vulnerability ex: https://ZOMBIE.COM/xmlrpc.php
  • Is it possible to stress target's database by using UFONet?
  • Yes, it is. For example, you can order to your 'zombies' to submit random valid requests on a target's search input form. This floods database with queries. ex(wordpress): ./ufonet -a 'http://TARGET-WORDPRESS.com' --db '?s='
  • How can I start with UFONet; for example using GNU/Linux (ex: Kali)?
  • linux% pwd /home/user/Desktop linux% wget http://ufonet.03c8.net/ufonet/ufonet-v0.8.tar.gz linux% tar zxfv ufonet-v0.8.tar.gz linux% cd ufonet-v0.8 linux% ls README.md ufonet linux% cd ufonet linux% ls botnet core docs server ufonet linux% sudo apt-get install python-pycurl python-geoip python-crypto linux% pip install geoip linux% pip install requests linux% pip install pycrypto linux% ./ufonet --help
  • Which libs version may I use?
  • python-pycurl - Python bindings to libcurl python-geoip - Python bindings for the GeoIP IP-to-country resolver library python-crypto - Cryptographic algorithms and protocols for Python * Python (>v2.7.9) * PyCurl * PyGeoIP * PyCrypto
  • Is it there any command for HELP?
  • ufonet --help (-h)
  • How can I start a Graphical User Interface (GUI)?
  • ufonet --gui
  • What is a 'wormhole'?
  • It is an IRC gateway to Freenode where UFONet 'masters' can meet.
  • Is it possible to update tool automatically?
  • Yes. But only if you have cloned UFONet from Github repository. * git clone https://github.com/epsylon/ufonet * ufonet --update
  • What is a 'blackhole'?
  • It is a P2P daemon to share 'zombies' with other UFONet 'masters'.
  • Where can I download more 'zombies'?
  • You should search for accessible 'blackholes'. Some of them are on darknet... By the way, there is a Community list of 'zombies' that you can download by using: ufonet --download-zombies
  • Can I spread 'zombies' with a web-server?
  • Yes. You only need to create a 'blackhole' and share your IP with other UFONet 'masters'... ufonet --blackhole (daemonize it with: ufonet --blackhole &)
  • How can I test if my 'zombies' are working properly?
  • ufonet -t 'botnet/zombies.txt'
  • Where can I report a bug?
  • You can report bugs on: UFONet Github issues.
  • Error: can't start new thread
  • This "bug" is related with how your OS is managing python threads. UFONet tries to reduce as max as possible this issue by establishing a 'reaction timeout' for each thread created (to try to close it correctly if fails). If you have this problem, probably you need to update your 'zombies' list. When a 'zombie' fails on a request, UFONet manages that on one way that depending on your config can results on a threading overflow. Traceback (most recent call last): File "/home/user/ufonet/ufonet/core/main.py", line 272, in run test = self.testing(zombies) File "/home/user/ufonet/ufonet/core/main.py", line 1917, in testing self.connect_zombies(zombie) File "/home/user/ufonet/ufonet/core/main.py", line 420, in connect_zombies t.start() File "/usr/lib/python2.7/threading.py", line 736, in start _start_new_thread(self.__bootstrap, ()) error: can't start new thread Also you can use --delay and --retries options to manage time connections, --threads to reduce/increase threading, etc.. But the best solution is; to reduce your 'zombies' list to those that really works.
  • Error: importing pygeoip lib
  • It happens when you cannot view global map correctly. You will see this message on the shell: Error importing: pygeoip lib. On Debian based systems: $ sudo apt-get install python-geoip This "bug" is related on how your OS is managing python-geoip path to lib. You can fix it by installing pygeoip from pip: pip install geoip
  • Can I pay you for DDoS a target?
  • No. But you can keep sending me ridiculous 'job' offers....
  • Do you sell botnets?
  • No. Actually, I am providing you one for free/gratis... hehe.
  • Is it there any music songs mentioning UFONet?
  • No. And should be nice to have some... Are you a musician? ;-)