We often come across sites or servers protected with CloudFlare, but to carry out a good penetration test it is almost mandatory to know the actual IP of the site.
CloudFail is a tool that is helps to unmask CloudFlare by providing the actual IP of the server. Basically, it uses the following three methods to obtain the information:
With these three methods, in 99% of cases it gets the actual IP of the server.
1. We install pip3 for python 3
<strong>sudo apt-get install</strong> python3-pip
2. We download the script from the repository and unzip it into a folder
3. We install the requirements:
pip3 install -r requirements.txt
python3 cloudfail.py --target website.com
It can be anonymized using tor by executing the following:
service tor start
python3 cloudfail.py --target seo.com --tor
October 10 / 2019
October 03 / 2019
November 19 / 2014
In light of some of the major changes occurring at the moment within Microsoft, the forthcoming release of Visual Studio 2015, along with .NET 2015, promises to be particularly...Read post