Subscribe to our Newsletter

Receive our news and insights

Blog / Technology  

A quick guide to the CloudFail tool

A Picture of Danilo Vezzoni
By:
August 16, 2018 | Topic: Technology  
A quick guide to the CloudFail tool

We often come across sites or servers protected with CloudFlare, but to carry out a good penetration test it is almost mandatory to know the actual IP of the site.

CloudFail is a tool that is helps to unmask CloudFlare by providing the actual IP of the server. Basically, it uses the following three methods to obtain the information:

  • Check in DNSDumpster.com
  • Check in Crimeflare.com
  • Perform a brute force with more than 2500 subdomains in its database

With these three methods, in 99% of cases it gets the actual IP of the server.

How to quickly install it

1. We install pip3 for python 3

<strong>sudo apt-get install</strong> python3-pip

2. We download the script from the repository and unzip it into a folder

https://github.com/m0rtem/CloudFail

3. We install the requirements:

pip3 install -r requirements.txt

Use

python3 cloudfail.py --target website.com

It can be anonymized using tor by executing the following:

service tor start
python3 cloudfail.py --target seo.com --tor

Dependencies

  • argparse
  • colorama
  • socket
  • binascii
  • datetime
  • requests
  • win_inet_pton

Repository: https://github.com/m0rtem/CloudFail

 

A quick guide to the CloudFail tool

Service Design: Providing meaningful end-to-end experiences

Related Services

TRENDING TOPIC

Software Product Development  

How to easily integrate AngularJS with Visual Studio 2015

By

November 19 / 2014

1 Stars2 Stars3 Stars4 Stars5 Stars
Loading...

In light of some of the major changes occurring at the moment within Microsoft, the forthcoming release of Visual Studio 2015, along with .NET 2015, promises to be particularly...

Read post

HOT
TOPIC