Subscribe to our Newsletter

Receive our news and insights

Blog / Technology  

A quick guide to the CloudFail tool

A Picture of Danilo Vezzoni
By:
August 16, 2018 | Topic: Technology  
A quick guide to the CloudFail tool

We often come across sites or servers protected with CloudFlare, but to carry out a good penetration test it is almost mandatory to know the actual IP of the site.

CloudFail is a tool that is helps to unmask CloudFlare by providing the actual IP of the server. Basically, it uses the following three methods to obtain the information:

  • Check in DNSDumpster.com
  • Check in Crimeflare.com
  • Perform a brute force with more than 2500 subdomains in its database

With these three methods, in 99% of cases it gets the actual IP of the server.

How to quickly install it

1. We install pip3 for python 3

<strong>sudo apt-get install</strong> python3-pip

2. We download the script from the repository and unzip it into a folder

https://github.com/m0rtem/CloudFail

3. We install the requirements:

pip3 install -r requirements.txt

Use

python3 cloudfail.py --target website.com

It can be anonymized using tor by executing the following:

service tor start
python3 cloudfail.py --target seo.com --tor

Dependencies

  • argparse
  • colorama
  • socket
  • binascii
  • datetime
  • requests
  • win_inet_pton

Repository: https://github.com/m0rtem/CloudFail

 

A quick guide to the CloudFail tool

The chatbot revolution

Related Services

EXECUTIVE INSIGHTS

Business  

The leaders we need to navigate the COVID-19 storm

By

April 23 / 2020

1 Stars2 Stars3 Stars4 Stars5 Stars
Loading...

As we gradually get used to our new COVID-19 reality, daily life from just a few weeks ago now feels like a lifetime away. For businesses this has created,...

Read post

HOT
TOPIC