Modify somethings

[ScrimForever]

Hi guy, Did wanna modify somethings to make this botnet more intersting ? We can rebuilt it , using compromissed sites, like uploading a script that waiting connections and attack source specified. Think about it, wanna do it ?

[epsylon]

You should explain much more for what you think is interesting your proposal. Technically, please.

Is it related with "open redirect" vectors (which is the main exploitation of UFONet)?. Or you wanna use compromissed sites by other methods to complement it?. If is the second one, I don't see the point to rebuilt it.

Maybe can be possible to create a system to manage modules and include this kind of proposals on it.

Btw, this is the roadmap draft for "Manage Botnet" section for the next release of UFOnet:

Manage Botnet: -t TEST Test list of web 'zombie' servers (ex: -t zombies.txt) -s SEARCH Search for 'zombies' (ex: -s 'proxy.php?url=') --sd=DORKS Search from a list of 'dorks' (ex: --sd dorks.txt) --se=ENGINE Search engine to use for dorking (default: google) --sn=NUM_RESULTS Set max number of result to search (default 10) --sa Search for 'zombies' massively (all dorking engines) --geo Generate geolocation of your 'zombies' on a map --attack-me Call 'zombies' to attack you and show statistics

Re-think your proposal and thanks for share it.

[ScrimForever]

Psy,

So sorry, my english is really bad. So, let´s try to explain. In my mind, i think of course you can search every site with this redirect factory, so... my propouse is add compromissed sites , that can upload file or execute file remotely by url or shell, and another script, with receive commands that we want. Example: Site A have vulnerability upload file <- "attacker" upload this site... (php, python, perl, java.... any language) - made 1 script per language, execute it on site ---- Site will every x time send to "git" your status... and this site will add on zombies.txt ... when you use attack ddos... local machine attacker connect to all sites, and set IP to the target, so this scripts uploads will stay listen every time connection...

On Thu, Sep 10, 2015 at 10:00 AM, psy notifications@github.com wrote:

You should explain much more for what you think is interesting your proposal. Technically, please.

Is it related with "open redirect" vectors (which is the main exploitation of UFONet)?. Or you wanna use compromissed sites by other methods to complement it?. If is the second one, I don't see the point to rebuilt it.

Maybe can be possible to create some modules and include this kind of proposals.

Btw, this is how "Manage Botnet" can be on base to the new roadmap:

Manage Botnet: -t TEST Test list of web 'zombie' servers (ex: -t zombies.txt) -s SEARCH Search for 'zombies' (ex: -s 'proxy.php?url=') --sd=DORKS Search from a list of 'dorks' (ex: --sd dorks.txt) --se=ENGINE Search engine to use for dorking (default: google) --sn=NUM_RESULTS Set max number of result to search (default 10) --sa Search for 'zombies' massively (all dorking engines) --geo Generate geolocation of your 'zombies' on a map --attack-me Call 'zombies' to attack you and show statistics

Re-think your proposal and thanks for share it.

— Reply to this email directly or view it on GitHub https://github.com/epsylon/ufonet/issues/3#issuecomment-139228272.

[epsylon]

Ok I see it. You want to have "permanent" zombies.

But you should understand than one of the most interesting things of UFOnet is that not needs to compromise a site to have enought power to deploy a DDoS attack correctly. Is just using legitim services as a WebAbuse strategy, which means, not traces.. Ninja mode!

I think your proposal is mixing technical fields that are not directly related with the roadmap of the tool. UFOnet is exploiting "Open Redirect" vectors. That's it.

With your proposal, if you really compromissed a site, I think that you can do whatever you want. So I don't see the reason to implement nothing on that way.

If you want, we can think about how to create modules to complement this new attack technical method or if is possible to code some external scripts (dropped on pastebin, for example) or whatever, that PoCs your idea.

But I insist, for me your proposal is not enought interesting to think on rebuild code.

[ScrimForever]

Yes. Now i understand your propouse, so sorry. You are right !

On Thu, Sep 10, 2015 at 10:41 AM, psy notifications@github.com wrote:

Ok I see it. You want to have "permanent" zombies.

But you should understand than one of the most interesting things of UFOnet is that not needs to compromise a site to have enought power to deploy a DDoS attack correctly. Is just using legitim services as a WebAbuse strategy, which means, not traces.. Ninja mode!

I think your proposal is mixing technical fields that are not directly related with the roadmap of the tool. UFOnet is exploiting "Open Redirect" vectors. That's it.

With your proposal, if you really compromissed a site, I think that you can do whatever you want. Si I don't see the reason to implement nothing on that way.

If you want, we can think about how to create modules to complement this new attack technical method or if is possible to code some external scripts (dropped on pastebin, fo example) or whatever, that PoCs your idea.

But I insist, for me your proposal is not enought interesting to think on rebuild code.

— Reply to this email directly or view it on GitHub https://github.com/epsylon/ufonet/issues/3#issuecomment-139237409.

[epsylon]

Btw, don't worry. I am thinking on how to have a better control of the botnet, just with "Open Redirect" vectors. For example:

--geo Generate geolocation of your 'zombies' on a map

This is nice to deploy a botnet more strategically based on timezones.

--attack-me Call 'zombies' to attack you and show statistics

And this other will helps to users to know more in deep how much powerfull is their botnet. Main idea is to open a socket and listen... So, with this feature will be possible to realize benchmarking processes and have more knowledge about how the botnet is working really.

Thanks for your suggestion. I close ticket.