UFONet – Open Redirect DDoS Tool

By Cyb3rw0rM -

UFONet-Open-Redirect-DDoS-Tool-640x360

UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes.

The tool abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Definition of an “Open Redirect”:

An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.

From: CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)

Usage:

Options:
   version             show program ‘s version number and exit
  -h, –help            show this help message and exit
  -v, –verbose         active verbose on requests
  –update              check for latest stable version
  –check-tor           check to see if Tor is used properly
  –force-yes           set ‘ YES ‘ to all questions
  –disableisup         disable external check of target’ s status
   gui                 run GUI ( UFONet Web Interface )
Configure Request(s):
     proxy = PROXY       Use proxy server ( tor : ‘http://127.0.0.1:8118’ )
     user agent = AGENT   Use another HTTP User Agent header ( default SPOOFED )
     referer = REFERER   Use another HTTP Referer header ( default SPOOFED )
     host = HOST         Use another HTTP Host header ( default NONE )
     xforw             Set your HTTP X Forwarded For with random IP values
     xclient           Set your HTTP X Client IP with random IP values
     timeout = TIMEOUT   Select your timeout ( default 10 )
     retries = RETRIES   Retries when the connection timeouts ( default 1 )
     threads = THREADS   Maximum number of concurrent HTTP requests ( default 5 )
     delay = DELAY       Delay in seconds between each HTTP request ( default )
Search for ‘Zombies:
     s SEARCH           Search from a ‘dork’ ( ex : s ‘proxy.php?url=’ )
     sd = DORKS           Search from a list of ‘dorks’ ( ex : sd ‘dorks.txt’ )
     sn = NUM_RESULTS     Set max number of results for engine ( default 10 )
     se = ENGINE         Search engine to use for ‘dorking’ ( default : duck )
     sa                 Search massively using all search engines
Test Botnet:
     t TEST             Update ‘zombies’ status ( ex : t ‘zombies.txt’ )
     attack me         Order ‘zombies’ to attack you ( NAT required ! )
Community:
     download zombies   Download ‘zombies’ from Community server : Turina
     upload zombies     Upload your ‘zombies’ to Community server : Turina
     blackhole         Create a ‘blackhole’ to share your ‘zombies’
     up to = UPIP         Upload your ‘zombies’ to a ‘blackhole’
     down from = DIP     Download your ‘zombies’ from a ‘blackhole’
Research Target:
     i INSPECT           Search for biggest file ( ex : i ‘http://target.com’ )
Configure Attack(s):
     disable aliens     Disable ‘aliens’ web abuse of test services
     disable isup       Disable check status ‘is target up?’
     r ROUNDS           Set number of rounds ( default : 1 )
     b PLACE             Set place to attack ( ex : b ‘/path/big.jpg’ )
     a TARGET           Start Web DDoS attack ( ex : a ‘http(s)://target.com’ )

Searching for ‘Zombies’

UFONet can dig on different search engines results to find possible ‘Open Redirect’ vulnerable sites. A common query string should be like this:

         ‘proxy.php?url=’
         ‘check.cgi?url=’
         ‘checklink?uri=’
         ‘validator?uri=’

For example you can begin a search with:

 ./ufonet -s ‘proxy.php?url=’
Or providing a list of “dorks” from a file:
 ./ufonet –sd ‘dorks.txt’
By default UFONet will uses a search engine called ‘duck’. But you can choose a different one:
. / ufonet s ‘proxy.php?url=’ se ‘bing’
This is the list of available search engines with last time that were working:
         duck [ 07 / 10 / 2015 : OK ! ]
         google [ 07 / 10 / 2015 : OK ! ]
         bing [ 07 / 10 / 2015 : OK ! ]
         yahoo [ 07 / 10 / 2015 : OK ! ]
         yandex [ 07 / 10 / 2015 : OK ! ]

You can also search massively using all search engines supported:

./ufonet -s ‘proxy.php?url=’ –sa

To control how many ‘zombies’ recieve from search engines you can use:

./ufonet –sd ‘dorks.txt’ –sa –sn 20

DOWNLOAD LINK FOR UFONet – Open Redirect DDoS Tool

https://github.com/epsylon/ufonet