search

epsylon / ufonet

UFONet - Denial of Service Toolkit
https://ufonet.03c8.net
2.2k stars 612 forks source link

Blackhole not saving data #134

Closed Nekai closed 5 years ago

Nekai commented 5 years ago

Okay, I just got my blackhole sorta working except it doesn't seem to save anything I upload to it.

Below is the upload from my laptop using my phone as a hotspot, using the external ip, over wan:

OK: 853 Fail: 64
==================

-------------------------

========================
Working 'zombies': 853
========================

Want to update your army? (Y/n)y
-------------------------
[Info] - New 'zombies' found: 970
[Info] - New 'aliens' found : 2
[Info] - New 'droids' found : 41
[Info] - New 'drones' found : 3
[Info] - New 'X-RPCs' found : 252
------------

[Info] - Starting to upload new 'zombies'...

------------

[Info] - Transfer: DONE!. Thanks for your contribution ;-)

Then trying to download them on my desktop from my server, this time from LAN:

Downloading list of 'zombies' from server 10.*.*.* ...

======================

Trying 'blackhole': 10.*.*.*

Vortex: IS READY!
------------

[Info] - Zombies: 0
[Info] - Droids : 0
[Info] - Aliens : 0
[Info] - UCAVs  : 0
[Info] - X-RPCs : 0

[Info] - Congratulations!. Total downloaded: 0
------------

Want to merge ONLY new 'troops' in your army? (Y/n)

As well as using the external IP from my desktop:

Downloading list of 'zombies' from server 73.*.*.* ...

======================

Trying 'blackhole': 73.*.*.*

Vortex: IS READY!
------------

[Info] - Zombies: 0
[Info] - Droids : 0
[Info] - Aliens : 0
[Info] - UCAVs  : 0
[Info] - X-RPCs : 0

[Info] - Congratulations!. Total downloaded: 0
------------

Want to merge ONLY new 'troops' in your army? (Y/n)

and finally the output from the blackhole itself:

...
[BlackRay] Got connection from ('172.*.*.*', 6447)
[BlackRay] Meat ready :  community_rpcs.txt.gz
[Absorber] Got connection from ('172.*.*.*', 6461)
[Eater] Yum... got meat

Any help would be greatly appreciated.

Nekai commented 5 years ago 
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #time ./ufonet -v --download-zombies

                     **                      0===============================================0
                '' '----' ''                 ||                                             ||
             .'_.- ( 00 ) -._'.              ||  * Botnet -> DDoS:                          ||
           .'.'    |'..'|    '.'.            ||                                             ||
    .-.  .' /'--.__|____|__.--'\ '.  .-.     ||      -Zombies : HTTP GET bots               ||
   (O).)-| |  \  x |    |x   /  | |-(.(O)    ||      -Droids  : HTTP GET (+params) bots     ||
    `-'  '-'-._'-./ ---- \.-'_.-'-'  `-'     ||      -Aliens  : HTTP POST bots              ||
       _ | |   '-.___||___.-'   | | _        ||      -UCAVs   : Web Abusing bots            ||
    .' _ | |     |   __   |     | | _ '.     ||      -X-RPCs  : XML-RPC bots                ||
   / .' ''.|     | /____\ |     |.'' '. \    ||                                             ||
   | |(0)| '.    ||__**_ ||    .' |(0)| |    ||  * Close Combat -> DoS:                     ||
   \ '._.'   '.  | \____/ |  .'   '._.' /    ||                                             ||
    '.__ ______'.|__'--'__|.'______ __.'     ||      -LOIC    : Fast HTTP requests          ||
   .'_.-|                          |-._'.    ||      -LORIS   : Slow HTTP requests          ||
                                             ||      -UFOSYN  : TCP SYN flooder             ||
                                             ||                                             ||
    * Class: UFONet - ViPR404 (model C)-     ||  * Featured: Crawler, +CVE, +WAF detection  ||
    * Type: /Scout/Transporter/Warfare/      ||                                             ||
                                             0|=============================================|0

=========================================================================== 

888     888 8888888888 .d88888b.  888b    888          888    
888     888 888        d88P Y888b 8888b   888          888    
888     888 888       888     888 88888b  888          888    
888     888 8888888   888     888 888Y88b 888  .d88b.  888888 
888     888 888       888     888 888 Y88b888 d8P  Y8b 888    
888     888 888       888     888 888  Y88888 88888888 888    
Y88b. .d88P 888       Y88b. .d88P 888   Y8888 Y8b.     Y88b.  
 'Y88888P'  888        'Y88888P'  888    Y888  'Y8888   'Y8888

UFONet - Denial of Service Toolkit - by psy 

===========================================================================

Downloading list of 'zombies' from server ...

======================

Trying 'blackhole': 176.28.23.46

Vortex: FAILED!
------------

[Error] - Unable to download list of 'zombies' from this 'blackhole'. ;(

real    2m11.998s
user    0m0.880s
sys 0m0.196s
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #

and with --down-from

┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #time ./ufonet -v --down-from=176.28.23.46

                     **                      0===============================================0
                '' '----' ''                 ||                                             ||
             .'_.- ( 00 ) -._'.              ||  * Botnet -> DDoS:                          ||
           .'.'    |'..'|    '.'.            ||                                             ||
    .-.  .' /'--.__|____|__.--'\ '.  .-.     ||      -Zombies : HTTP GET bots               ||
   (O).)-| |  \  x |    |x   /  | |-(.(O)    ||      -Droids  : HTTP GET (+params) bots     ||
    `-'  '-'-._'-./ ---- \.-'_.-'-'  `-'     ||      -Aliens  : HTTP POST bots              ||
       _ | |   '-.___||___.-'   | | _        ||      -UCAVs   : Web Abusing bots            ||
    .' _ | |     |   __   |     | | _ '.     ||      -X-RPCs  : XML-RPC bots                ||
   / .' ''.|     | /____\ |     |.'' '. \    ||                                             ||
   | |(0)| '.    ||__**_ ||    .' |(0)| |    ||  * Close Combat -> DoS:                     ||
   \ '._.'   '.  | \____/ |  .'   '._.' /    ||                                             ||
    '.__ ______'.|__'--'__|.'______ __.'     ||      -LOIC    : Fast HTTP requests          ||
   .'_.-|                          |-._'.    ||      -LORIS   : Slow HTTP requests          ||
                                             ||      -UFOSYN  : TCP SYN flooder             ||
                                             ||                                             ||
    * Class: UFONet - ViPR404 (model C)-     ||  * Featured: Crawler, +CVE, +WAF detection  ||
    * Type: /Scout/Transporter/Warfare/      ||                                             ||
                                             0|=============================================|0

=========================================================================== 

888     888 8888888888 .d88888b.  888b    888          888    
888     888 888        d88P Y888b 8888b   888          888    
888     888 888       888     888 88888b  888          888    
888     888 8888888   888     888 888Y88b 888  .d88b.  888888 
888     888 888       888     888 888 Y88b888 d8P  Y8b 888    
888     888 888       888     888 888  Y88888 88888888 888    
Y88b. .d88P 888       Y88b. .d88P 888   Y8888 Y8b.     Y88b.  
 'Y88888P'  888        'Y88888P'  888    Y888  'Y8888   'Y8888

UFONet - Denial of Service Toolkit - by psy 

===========================================================================

Downloading list of 'zombies' from server 176.28.23.46 ...

======================

Trying 'blackhole': 176.28.23.46

Vortex: IS READY!
------------

[Error] - Something wrong downloading!

real    0m6.071s
user    0m0.748s
sys 0m0.141s
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #
Nekai commented 5 years ago

There was a problem in my code:

└──╼ #time ./ufonet -v --down-from=176.28.23.46

                     **                      0===============================================0
                '' '----' ''                 ||                                             ||
             .'_.- ( 00 ) -._'.              ||  * Botnet -> DDoS:                          ||
           .'.'    |'..'|    '.'.            ||                                             ||
    .-.  .' /'--.__|____|__.--'\ '.  .-.     ||      -Zombies : HTTP GET bots               ||
   (O).)-| |  \  x |    |x   /  | |-(.(O)    ||      -Droids  : HTTP GET (+params) bots     ||
    `-'  '-'-._'-./ ---- \.-'_.-'-'  `-'     ||      -Aliens  : HTTP POST bots              ||
       _ | |   '-.___||___.-'   | | _        ||      -UCAVs   : Web Abusing bots            ||
    .' _ | |     |   __   |     | | _ '.     ||      -X-RPCs  : XML-RPC bots                ||
   / .' ''.|     | /____\ |     |.'' '. \    ||                                             ||
   | |(0)| '.    ||__**_ ||    .' |(0)| |    ||  * Close Combat -> DoS:                     ||
   \ '._.'   '.  | \____/ |  .'   '._.' /    ||                                             ||
    '.__ ______'.|__'--'__|.'______ __.'     ||      -LOIC    : Fast HTTP requests          ||
   .'_.-|                          |-._'.    ||      -LORIS   : Slow HTTP requests          ||
                                             ||      -UFOSYN  : TCP SYN flooder             ||
                                             ||                                             ||
    * Class: UFONet - ViPR404 (model C)-     ||  * Featured: Crawler, +CVE, +WAF detection  ||
    * Type: /Scout/Transporter/Warfare/      ||                                             ||
                                             0|=============================================|0

=========================================================================== 

888     888 8888888888 .d88888b.  888b    888          888    
888     888 888        d88P Y888b 8888b   888          888    
888     888 888       888     888 88888b  888          888    
888     888 8888888   888     888 888Y88b 888  .d88b.  888888 
888     888 888       888     888 888 Y88b888 d8P  Y8b 888    
888     888 888       888     888 888  Y88888 88888888 888    
Y88b. .d88P 888       Y88b. .d88P 888   Y8888 Y8b.     Y88b.  
 'Y88888P'  888        'Y88888P'  888    Y888  'Y8888   'Y8888

UFONet - Denial of Service Toolkit - by psy 

===========================================================================

Downloading list of 'zombies' from server 176.28.23.46 ...

======================

Trying 'blackhole': 176.28.23.46

Vortex: IS READY!
------------

[Info] - Zombies: 742
[Info] - Droids : 40
[Info] - Aliens : 1
[Info] - UCAVs  : 2
[Info] - X-RPCs : 159

[Info] - Congratulations!. Total downloaded: 944
------------

Want to merge ONLY new 'troops' in your army? (Y/n)n
-------------------------

[Info] - List downloaded has been removed. Bye!

real    0m11.380s
user    0m0.736s
sys 0m0.173s
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #
Nekai commented 5 years ago

@trollmad3 I will post results of uploading and downloading from my blackhole after they complete now that I got it connecting

Nekai commented 5 years ago

uploading:

========================
Working 'zombies': 527
========================

Want to update your army? (Y/n)y
-------------------------
[Info] - New 'zombies' found: 742
[Info] - New 'aliens' found : 2
[Info] - New 'droids' found : 41
[Info] - New 'drones' found : 3
[Info] - New 'X-RPCs' found : 160
------------

[Info] - Starting to upload new 'zombies'...

------------

[Info] - Transfer: DONE!. Thanks for your contribution ;-)

real    20m24.383s
user    0m56.907s
sys 0m8.769s
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #

server-side:

[BlackRay] Got connection from ('10.0.*.*', 59262)
[BlackRay] Meat ready : community_zombies.txt.gz
[Absorber] Got connection from ('10.0.*.*', 58978)
[Eater] Yum... got meat
[BlackRay] Got connection from ('10.0.*.*', 59268)
[BlackRay] Meat ready : community_aliens.txt.gz
[Absorber] Got connection from ('10.0.*.*', 58984)
[Eater] Yum... got meat
[BlackRay] Got connection from ('10.0.*.*', 59274)
[BlackRay] Meat ready : community_robots.txt.gz
[Absorber] Got connection from ('10.0.*.*', 58990)
[Eater] Yum... got meat
[BlackRay] Got connection from ('10.0.*.*', 59278)
[BlackRay] Meat ready : community_ucavs.txt.gz
[Absorber] Got connection from ('10.0.*.*', 58994)
[Eater] Yum... got meat
[BlackRay] Got connection from ('10.0.*.*', 59284)
[BlackRay] Meat ready : community_rpcs.txt.gz
[Absorber] Got connection from ('10.0.*.*', 59000)
[Eater] Yum... got meat

downloading:

Downloading list of 'zombies' from server 10.0.*.* ...

======================

Trying 'blackhole': 10.0.*.*

Vortex: IS READY!
------------

[Info] - Zombies: 0
[Info] - Droids : 0
[Info] - Aliens : 0
[Info] - UCAVs  : 0
[Info] - X-RPCs : 0

[Info] - Congratulations!. Total downloaded: 0
------------

Want to merge ONLY new 'troops' in your army? (Y/n)y
-------------------------

[Info] - Botnet updated! ;-)

real    0m11.125s
user    0m0.759s
sys 0m0.156s
┌─[root@parrot]─[/home/nyseth/ufonet]
└──╼ #
Aholicknight commented 5 years ago

@Nekai It seems like you got it to work, but now it's not downloading. Can you do ./ufonet -v --download-zombies then post the results?

Nekai commented 5 years ago

It works just fine downloading from the community blackhole. The issue lies in the upload to my blackhole. it doesn't seem to upload correctly or it isn't writing the files correctly as directly after I upload it shows:

Downloading list of 'zombies' from server 10.0.*.* ...

======================

Trying 'blackhole': 10.0.*.*

Vortex: IS READY!
------------

[Info] - Zombies: 0
[Info] - Droids : 0
[Info] - Aliens : 0
[Info] - UCAVs  : 0
[Info] - X-RPCs : 0

[Info] - Congratulations!. Total downloaded: 0
------------

Want to merge ONLY new 'troops' in your army? (Y/n)y
-------------------------

[Info] - Botnet updated! ;-)
Nekai commented 5 years ago

Still no update on my own black hole

Aholicknight commented 5 years ago

Does that folder have read and write permissions?

Nekai commented 5 years ago

Yes. I've already answered that. I have double and triple checked

Aholicknight commented 5 years ago

@Nekai I'm probably stupid for asking this question, but what OS are you using this on?

Nekai commented 5 years ago

Parrot-4.18

Aholicknight commented 5 years ago

This could help. Run sudo chown -R $USER: /path/to/folder/ then chmod -R u+wr /path/to/folder/

Nekai commented 5 years ago

My user nyseth already owns the folder and all files

Aholicknight commented 5 years ago

Strange. Do you have any other OS's that have UFOnet installed? If you do, go onto the OS and try downloading the zombies on there and post the results here.

Nekai commented 5 years ago

I do not

Aholicknight commented 5 years ago

Damn.....

epsylon commented 5 years ago

@Nekai I think this is solved on the new (unstable) code. Let's stand by with it until next release. Ok?

LulzRose commented 5 years ago

@Nekai I am a member of the parrotOS community team, verify that firejail is not sandboxing your connections, firejail has had a myriad of issues with external software including exploit/malware developement, non preinstalled github repository data, and software downloaded from the internet. This may not resolve your issue but try to disable firejail if it is enabled and see if that helps at all.

Nekai commented 5 years ago

@LulzRose Would you mind explaining how to disable firejail?

LulzRose commented 5 years ago

@Nekai Can you please do "firecfg --clean" and then run "firecfg --list" to verify that firejails profiles have been cleared. This is the easiest way without fully purginging the fiejail sandboxing environment from the system

Nekai commented 5 years ago

@LulzRose I tried doing it on both my server and laptop and still nothing stays downloaded

epsylon commented 5 years ago

If this happens again on the new code (UFONet v1.2) that will be release soon, I will re-open this issue. BTM, I am closing it. Stay tuned...

Nekai commented 5 years ago

Me again :) 

└──╼ $./ufonet --version

Code: v1.2 - Armageddon!

┌─[nyseth@parrot]─[~/ufonet]
└──╼ $
UFONet - Denial of Service Toolkit - by psy (https://03c8.net) 

===========================================================================

[AI] Uploading list of [Zombies] to server 73.***.***.*** ...

======================

[AI] Checking integrity of [Blackhole]...

------------

[Error] [AI] Unable to upload list of [Zombies] to this [Blackhole] -> [Exiting!]

┌─[nyseth@parrot]─[~/ufonet]
└──╼ $
Nekai commented 5 years ago

On my server: 

└──╼ $sudo python2 blackhole.py

Initiating void generation sequence...

======================

[Blackhole] Having sweet dreams...
[Absorber] Ready to feed on port 9990
 [BlackRay] Emitting on port 9991[Computer] Power On

[BlackHole] all up and running
epsylon commented 5 years ago

Hi, @Nekai Blackhole is currently working on the "Community" server, executing current code, so, 1) try to understand that this error can be not only because of code and 2) that you need to configure some stuff related with your NAT (router), etc, and we need also to check for debugging on that way. You are confusing me a bit with your tests, because you are mixing internal IPs with public IPs, so please, let's try one of them first, because they have different ways to be achieved. If you want to try to connect to a public IP, let's check first on "blackhole" replies, "got meat", to see if packages are correctly recieved. Also, we need to check if there are some new files saved at 'var/www/ufonet' folder, and in the folder in which you are executing your server-side script (home/user/ufonet/server/). Go this way and report here your results. Thanks! ;-)

Nekai commented 5 years ago

I am port forwarding both 9990-9991 as well as ssh to access my server from school

On Jan 17, 2019 2:23 PM, "psy" notifications@github.com wrote:

Hi, @Nekai https://github.com/Nekai Blackhole is currently working on the "Community" server, executing current code, so, 1) try to understand that this error can be not only because of code and 2) that you need to configure some stuff related with your NAT (router), etc, and we need also to check for debugging on that way. You are confusing me a bit with your tests, because you are mixing internal IPs with public IPs, so please, let's try one of them first, because they have different ways to be achieved. If you want to try to connect to a public IP, let's check first on "blackhole" replies, "got meat", to see if packages are correctly recieved. Also, we need to check if there are some new files saved at 'var/www/ufonet' folder, and in the folder in which you are executing your server-side script (home/user/ufonet/server/). Go this way and report here your results. Thanks! ;-)

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/epsylon/ufonet/issues/134#issuecomment-455298765, or mute the thread https://github.com/notifications/unsubscribe-auth/ATw8k31PFUfOZLIlTb3puHGRl5pw8zDhks5vEM2wgaJpZM4YNk7b .

epsylon commented 5 years ago

@Nekai -> " my server from school" You should try this feature on a different environment before, because probably your school network has some special NAT rules and you haven't enough privileges to port-forwarding all the internal requested points...

oleometal commented 5 years ago

@Nekai -> " my server from school" You should try this feature on a different environment before, because probably your school network has some special NAT rules and you haven't enough privileges to port-forwarding all the internal requested points...

@Nekai @epsylon tienes razón es el NAT pone tu host en una zona desmilitarizada

gateway vortex

epsylon commented 5 years ago

@oleometal yeah!! ;-)

epsylon commented 5 years ago

@olemetal btw, @Nekai needs to make it on reverse way (creating a "blackhole" as a server), but the concept (DMZ) that create required conditions, is the same.