We often come across sites or servers protected with CloudFlare, but to carry out a good penetration test it is almost mandatory to know the actual IP of the site.
CloudFail is a tool that is helps to unmask CloudFlare by providing the actual IP of the server. Basically, it uses the following three methods to obtain the information:
With these three methods, in 99% of cases it gets the actual IP of the server.
1. We install pip3 for python 3
<strong>sudo apt-get install</strong> python3-pip
2. We download the script from the repository and unzip it into a folder
3. We install the requirements:
pip3 install -r requirements.txt
python3 cloudfail.py --target website.com
It can be anonymized using tor by executing the following:
service tor start
python3 cloudfail.py --target seo.com --tor
July 08 / 2020
April 23 / 2020
As we gradually get used to our new COVID-19 reality, daily life from just a few weeks ago now feels like a lifetime away. For businesses this has created,...Read post