- What is a DDoS?
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service
unavailable by overwhelming it with traffic from multiple sources.
- What is a Botnet?
A Botnet is a collection of computers often referred to as "zombies" that allows an attacker
to control them.
- What is UFONet used for?
UFONet is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS & DoS attacks
using 'Open Redirect' vectors on third part web applications (a botnet).
- Is UFONet a "strong" botnet?
Well. It depends on how you understand a botnet as "strong". If you understand it as;
* 'privacy'; UFONet is the best -ninja- DDoS tool...
* 'traffic volume'; it depends on; 'zombies', bandwidth, target's conf, etc...
With UFONet it's not about having a lot of 'zombies', it's more about those you have
If they are nice, you can 'defeat' a 'small' webserver just with a 'couple of dozens'...
Or for example, if your target is using a VPS service with some limited bandwidth rate
(ex: 1GB/month), for you is just a matter of time until UFONet/zombies traffic (noise)
reach that top... etc.
Also people understand a botnet as an individual tool. Imagine more than one UFONet
running together against a target, sharing 'zombies', etc...
- Why UFONet is more special than other botnets?
Because UFONet tries not living traces (IPs, etc...) from the origin of the attack.
- How does it work technically?
This schema shows you how the architecture of the requests are made.
- What's the difference between: 'zombies', 'aliens', 'droids', 'ucavs'...?
* Zombie: HTTP GET 'Open Redirect' bot
* Droid: HTTP GET 'Open Redirect' bot with params
* Alien: HTTP POST 'Open Redirect' bot
* Drone: HTTP 'Web Abuse' bot
* X-RPC: XML-RPC Vulnerability
- Is it possible to stress target's database using UFONet?
Yes, it is. For example, you can order to your 'zombies' to submit random valid requests
on a target's search input form. This floods database with queries.
ex(wordpress): ./ufonet -a 'http://TARGET.com' --db '?s='
- Is there a LOIC connected to UFONet?
Yes, hehe... It has implemented an advanced version of that software that supports proxies.
ex: ./ufonet -a 'http://TARGET.com' --loic 500
- And a LORIS?
Yes, of course. You can connect one to make requests leave open threads on the target too,
making the web server work slower:
ex: ./ufonet -a 'http://TARGET.com' --slow 100
- How can I start with UFONet; for example using GNU/Linux (ex: Kali)?
You can try to install it automatically by using script: 'setup.py' (file provided):
linux% python setup.py install
- Which libs should I install?
python-pycurl - Python bindings to libcurl
python-geoip - Python bindings for the GeoIP IP-to-country resolver library
python-whois - Python module for retrieving WHOIS information - Python 2
python-crypto - Cryptographic algorithms and protocols for Python
python-requests - elegant and simple HTTP library for Python2, built for human beings
* Python: https://www.python.org/downloads/
* PyCurl: http://pycurl.sourceforge.net/
* PyGeoIP: https://pypi.python.org/pypi/GeoIP/
* PyWhois: https://pypi.python.org/pypi/whois
* PyCrypto: https://pypi.python.org/pypi/pycrypto
* PyRequests: https://pypi.python.org/pypi/requests
- Exists any HELP command?
ufonet --help (-h)
- How can I start a Graphical User Interface (GUI)?
- What is a 'wormhole'?
It is an IRC gateway to Freenode where UFONet 'masters' can meet.
- Is it possible to update the tool automatically?
Yes. But only if you have cloned UFONet from Github repository.
* git clone https://github.com/epsylon/ufonet
* ufonet --update
- What is a 'blackhole'?
It is a P2P daemon to share 'zombies' with other UFONet 'masters'.
- Where can I download more 'zombies'?
You should search for accessible 'blackholes'. Some of them are on the darknet...
By the way, there is a Community list of 'zombies' that you can download using:
- Can I spread 'zombies' with a web-server?
Yes. You just need to create a 'blackhole' and share your IP with other UFONet 'masters'...
ufonet --blackhole (daemonize it with: ufonet --blackhole &)
- How can I know if my 'zombies' are working properly?
ufonet -t 'botnet/zombies.txt'
- Where can I report a bug?
You can report errors on: Github issues.
Also you can stay in touch reporting on my "mothership" (using BOARD provided by default).
If nobody gets back to you, then drop me an e-mail.
- Error: can't start new thread
This "bug" is related to the way your OS is managing python threads. UFONet tries to reduce
as much as possible this issue establishing a 'timeout reaction' for each thread created
(trying to close it in case of failure).
If you have this issue, probably you need to update your 'zombies' list.
When a 'zombie' fails on a request, UFONet manages that on one way that depending
on your config can results on a threading overflow.
Traceback (most recent call last):
File "/home/user/ufonet/ufonet/core/main.py", line 272, in run
test = self.testing(zombies)
File "/home/user/ufonet/ufonet/core/main.py", line 1917, in testing
File "/home/user/ufonet/ufonet/core/main.py", line 420, in connect_zombies
File "/usr/lib/python2.7/threading.py", line 736, in start
error: can't start new thread
Also you can use --delay and --retries options to manage time connections,
--threads to reduce/increase threading, etc..
To fix it, try reducing the amount of your 'zombies'.
- Error: importing pygeoip lib
It happens when you can't view global map correctly. You will see this message:
Error importing: pygeoip lib.
On Debian based systems:
$ sudo apt-get install python-geoip
This "bug" is related on how your OS is managing python-geoip path to lib.
You can fix it installing pygeoip from pip: pip install geoip
- Can I pay you for DDoS a target?
No. But you can keep sending me ridiculous 'job' offers.... ;-)
- Do you sell botnets?
No. Actually, I am providing you one for free/gratis... hehe.