- What is a DDoS?
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable
by overwhelming it with traffic from multiple sources.
- What is a Botnet?
A Botnet is a collection of computers often referred to as "zombies" that allows an attacker
to control them.
- For what is used UFONet?
UFONet is a tool designed to test DDoS attacks against a target using 'Open Redirect' vectors
on third party web applications like botnet.
- Is UFONet a "strong" botnet?
Well. That's depends on how you understand a botnet as "strong". If you understand it as;
* 'privacy'; UFONet is the best -ninja- DDoS tool.
* 'traffic volume'; that's depends on 'zombies', bandwidth, target's conf, etc...
With UFONet it's not question about having a lot of 'zombies' but is more that those that you have
You can 'defeat' a 'small' webserver just with a 'couple of dozens', if they are nice...
Or for example, if your target is using a VPS service with some limited bandwidth rate (ex: 1GB/month),
for you is just question of wait until UFONet/zombies traffic (noise) reach that top... etc.
Also people understand a botnet as an individual tool. Imagine more than one UFONet running together
against a target, sharing 'zombies', etc... effects can be more powerful than running the tool alone.
- For what UFONet is more special than other DDoS tools?
Basically, because UFONet never connects directly to the target, therefore, leaves no traces (IPs, etc...)
of the origin of the attack.
- Is it doing any kind of DoS reflection?
No. This is not related with 'Open Redirect' vulnerability.
- How it works technically?
This schema shows you how the architecture of the requests are working.
- What's the difference between: 'zombies', 'aliens', 'droids', 'ucavs'...?
* Zombie: HTTP GET 'Open Redirect' bot
* Droid: HTTP GET 'Open Redirect' bot with params
* Alien: HTTP POST 'Open Redirect' bot
* Drone: HTTP 'Web Abuse' bot
* X-RPC: XML-RPC Vulnerability
- Is it possible to stress target's database by using UFONet?
Yes, it is. For example, you can order to your 'zombies' to submit random valid requests
on a target's search input form. This floods database with queries.
ex(wordpress): ./ufonet -a 'http://TARGET.com' --db '?s='
- Is there a LOIC connected to UFONet?
Yes, hehe... It has implemented an advanced version of that software that supports proxies (ex: TOR).
ex: ./ufonet -a 'http://TARGET.com' --loic 500
- How can I start with UFONet; for example using GNU/Linux (ex: Kali)?
You can try to install it automatically by using 'setup.py' (file provided):
linux% cd ufonet
linux% cd ufonet
linux% python setup.py install
Or you can try it manually:
linux% wget http://ufonet.03c8.net/ufonet/ufonet-v0.9.tar.gz
linux% tar zxfv ufonet-v0.9.tar.gz
linux% cd ufonet
linux% cd ufonet
botne core docs MANIFEST.in server setup.py ufonet
linux% sudo apt-get install python-pycurl python-geoip python-whois python-crypto python-requests
linux% pip install geoip requests pycrypto
- Which libs may I install?
python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library
python-whois - Python module for retrieving WHOIS information - Python 2
python-crypto - Cryptographic algorithms and protocols for Python
python-requests - elegant and simple HTTP library for Python2, built for human beings
* Python: https://www.python.org/downloads/
* PyCurl: http://pycurl.sourceforge.net/
* PyGeoIP: https://pypi.python.org/pypi/GeoIP/
* PyWhois: https://pypi.python.org/pypi/whois
* PyCrypto: https://pypi.python.org/pypi/pycrypto
* PyRequests: https://pypi.python.org/pypi/requests
- Is it there any command for HELP?
ufonet --help (-h)
- How can I start a Graphical User Interface (GUI)?
- What is a 'wormhole'?
It is an IRC gateway to Freenode where UFONet 'masters' can meet.
- Is it possible to update tool automatically?
Yes. But only if you have cloned UFONet from Github repository.
* git clone https://github.com/epsylon/ufonet
* ufonet --update
- What is a 'blackhole'?
It is a P2P daemon to share 'zombies' with other UFONet 'masters'.
- Where can I download more 'zombies'?
You should search for accessible 'blackholes'. Some of them are on darknet...
By the way, there is a Community list of 'zombies' that you can download by using:
- Can I spread 'zombies' with a web-server?
Yes. You only need to create a 'blackhole' and share your IP with other UFONet 'masters'...
ufonet --blackhole (daemonize it with: ufonet --blackhole &)
- How can I test if my 'zombies' are working properly?
ufonet -t 'botnet/zombies.txt'
- Where can I report a bug?
You can report bugs on: UFONet Github issues.
Also you can stay in touch by reporting on my "mothership" (Board provided by default) [ +Zoom ].
If nobody gets back to you, then drop me an e-mail.
- Error: can't start new thread
This "bug" is related on how your OS is managing python threads. UFONet tries to reduce as max that issue
by establishing a 'reaction timeout' for each thread created (to try to close it if fails).
If you have this problem, probably you need to update your 'zombies' list.
When a 'zombie' fails on a request, UFONet manages that on one way that depending on your config
can results on a threading overflow.
Traceback (most recent call last):
File "/home/user/ufonet/ufonet/core/main.py", line 272, in run
test = self.testing(zombies)
File "/home/user/ufonet/ufonet/core/main.py", line 1917, in testing
File "/home/user/ufonet/ufonet/core/main.py", line 420, in connect_zombies
File "/usr/lib/python2.7/threading.py", line 736, in start
error: can't start new thread
Also you can use --delay and --retries options to manage time connections,
--threads to reduce/increase threading, etc..
But the best solution is; to reduce your 'zombies' list to those that really works.
- Error: importing pygeoip lib
It happens when you cannot view global map correctly. You will see this message on the shell:
Error importing: pygeoip lib.
On Debian based systems:
$ sudo apt-get install python-geoip
This "bug" is related on how your OS is managing python-geoip path to lib.
You can fix it by installing pygeoip from pip: pip install geoip
- Can I pay you for DDoS a target?
No. But you can keep sending me ridiculous 'job' offers....
- Do you sell botnets?
No. Actually, I am providing you one for free/gratis... hehe.
- Is it there any music songs mentioning UFONet?
No. And should be nice to have some... Are you a musician? ;-)