fbpx

UFONet – DDoS Botnet via Web Abuse

UFONet – is a free software tool designed to test DDoS attacks against a target using ‘Open Redirect’ vectors on third party web applications like botnet.

It abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

  UFONet runs on many platforms.  It requires Python (2.x.y) and the following libraries:

       python-pycurl – Python bindings to libcurl
       python-geoip  – Python bindings for the GeoIP IP-to-country resolver library

  On Debian-based systems (ex: Ubuntu), run:

       sudo apt-get install python-pycurl python-geoip

Attacking a target:

  Enter a target to attack with a number of rounds:

       ./ufonet -a http://target.com -r 10

On this example UFONet will attacks the target a number of 10 times for each ‘zombie’. That means that if you have a list of 1.000 ‘zombies’ it will launch 1.000 ‘zombies’ x 10 rounds = 10.000 requests to the target.


Special attacks:

UFONet uses different ways to exploit ‘Open Redirect’ vulnerabilities. For example: You can use UFONet to stress database on target by requesting random valid strings like search queries:

     ./ufonet -a http://target.com –db “search.php?q=”

Download and read more at ..

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...