{"id":4241,"date":"2016-08-16T01:07:32","date_gmt":"2016-08-15T17:07:32","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=4241"},"modified":"2016-08-22T11:43:34","modified_gmt":"2016-08-22T03:43:34","slug":"ufonet-open-redirect-ddos-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2016\/08\/ufonet-open-redirect-ddos-tool\/","title":{"rendered":"UFONet – Open Redirect DDoS Tool"},"content":{"rendered":"
UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes.<\/p>\n
<\/p>\n
The tool abuses OSI Layer 7-HTTP to create\/manage ‘zombies’ and to conduct different attacks using; GET\/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.<\/p>\n
Definition of an “Open Redirect”:<\/p>\n
An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance. <\/p><\/blockquote>\n