[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] New release: UFONet v1.0 "TachY0n!"

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] New release: UFONet v1.0 "TachY0n!"
From: psy <epsylon@xxxxxxxxxx>
Date: Wed, 21 Mar 2018 12:58:00 +0000

Hi FD,

I am glad to present a new release of this tool:

  - https://ufonet.03c8.net

"UFONet - is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS &
DoS attacks."

See these links for more info:

  - CWE-601:Open Redirect [1]
  - OWASP:URL Redirector Abuse [2]

---------

Main options are:

  * DDoS + DoS
  * Auto-update
  * Clean code
  * Documentation with examples
  * Web/GUI Interface
  * Proxy to connect to 'zombies' (ex: tor)
  * Change HTTP Headers (User-Agent, Referer, Host...)
  * Configure requests (Timeout, Retries, Delay, Threads...)
  * Search for 'zombies' on different search engines
  * Test vulnerabilities on 'zombies'
  * Download/Upload 'zombies' from/to others
  * Inspect a target (HTML objects sizes)
  * Set a place to 'bit' on a target (ex: big file)
  * Control number of rounds to attack
  * Apply cache evasion techniques
  * Advanced queries (ex: Verb tunneling exploitation)
  * Supports GET/POST
  * Multithreading
  * Order 'zombies' to attack you for benchmarking
  * Geomapping / Visual data
  * [...]

This release (v1.0) called "TachY0n!" has added this new features:

  * Zombie list updated!
  * Added advanced dorking system (AI mode)
  * Slow HTTP requests (DoS)
  * Fast check to discard offline bots
  * Update ALL botnet status
  * Added: 110 dorks
  * Fixed bugs (search engines, update...)
  * Web/GUI updated (added 'wargames'...)
  * [...]

---------

FAQ:

  - https://ufonet.03c8.net/FAQ.html

---------

Packages:

  * [source]:

  - https://github.com/epsylon/ufonet

  * [.zip]:

  - https://ufonet.03c8.net/ufonet/ufonet-v1.0.zip

  * [.tar.gz]:

  - https://ufonet.03c8.net/ufonet/ufonet-v1.0.tar.gz

  * [all/.deb]:

  - https://ufonet.03c8.net/ufonet/ufonet_1.0-1_all.deb

-------------------------

Media/Contribution:

  * POC: v1.0 - "TachY0n!" DDoS + DoS attack:

  - https://ufonet.03c8.net/ufonet/ufonet-tachyon-poc-attack.ogv

-------------------------

[1] - http://cwe.mitre.org/data/definitions/601.html
[2] -
https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability
Next by Date: [FD] LDAP Account Manager (6.2) CVE-2018-8763, CVE-2018-8764
Previous by thread: [FD] DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability
Next by thread: [FD] LDAP Account Manager (6.2) CVE-2018-8763, CVE-2018-8764
Index(es):
- Date
- Thread