Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 3808

CLOUDFLARE BYPASS METHODS

by Yellou - 06 October, 2019 - 09:55 PM
This post is by a banned member (Yellou) - Unhide
Yellou  
Registered
282
Posts
52
Threads
5 Years of service
#1
I know probably a lot of people know this, but this is for those who don't. No harm in sharing right? So lets get on..

What is Cloudflare: Cloudflare is a big pain to us hackers. Apparently to Cloudflare they have about 155 data centers around the world that works by caching their customers' websites and static resources. When you visit the website it will use your IP location and use it to connect you to the same server in your country to make the website faster because you will have less bandwidth and reduces latency. This is good for people who own websites and it add more security by DDoS mitigation, Internet security and distributed domain name server services, SQLI, XSS, CSRD and even alerting when it detects an attack for paid subscription. This means you will never get the original servers IP and always Cloudflare IP.

Cloudflare is Bad: I also hate Cloudflare and I have a good reason. They protect anyone's websites. Back when there was OpISIS and OpKKK half of the websites we was attacking was protected by Cloudflare. Meaning it was making it harder for us to do anything. With a Cloudflare IP there are no ports open and you will not find any vulnerabilities. The only way to do recon scans is to get the Original IP

Getting The Original IP By SSL & Subdomains: There are a few ways to getting the Original IP but it does not always work and some sites you will not find the Original IP. Using tools like Burp, Virtual host discovery and Find virtual hosts. you can use them to try and find an Subdomains witch may lead to the original server IP. If your target site has SSL you can use sites like Censys, ZoomEye and Shodan to look up the SSL Certificate and find the servers IP address using the certificate.

WordPress: WordPress is notoriously know to be very good sites to hack and lucky for us the XML-RPC Pingback can expose the servers IP. To check if your target is using XML you can go to "www.target.ru//xmlrpc.php" and if you see "accepts POST requests only" this means the WP has XML enabled. Using Burp and the burp collaborator payloads you might be able to get the servers IP.

Email Headers: Another good way is to try and get your target website to send you an email. using fake email sign up to the site or if they have a newsletter sign up to it. either way, try and get them to email you. When you get the email view the headers and source.Normal if you look up "Return-Path" you will see an email. using the host of the email and curl you might be able to get the servers IP.

Tools: There is lots of tools on GitHub and here is a few.

https://github.com/christophetd/CloudFlair
https://github.com/HatBashBR/HatCloud
https://github.com/vincentcox/bypass-fi ... NS-history
http://www.crimeflare.org:82/cfs.html
https://github.com/m0rtem/CloudFail

DNS Tools:
dns-trails: https://securitytrails.com/dns-trails
Netcraft: https://toolbar.netcraft.com/site_report?url=
DNSdumpster: https://dnsdumpster.com/
DNSQueries: https://www.dnsqueries.com/en/domain_check.php



If i have Missed anything or you would like to add feel free to.
This post is by a banned member (Lil_busterofnuts) - Unhide
205
Posts
31
Threads
5 Years of service
#2
thanks man god damn this is insane.
This post is by a banned member (jwalker20070) - Unhide
63
Posts
29
Threads
5 Years of service
#3
f..k cloudFlare! CloudFlare is impossible to bypass.....

thanks for sharing Yellou, good post
This post is by a banned member (Eclipsis) - Unhide
Eclipsis  
Supreme
57
Posts
2
Threads
4 Years of service
#4
Few methods I didn't know from this list, thanks.
This post is by a banned member (yusapore55) - Unhide
7
Posts
0
Threads
4 Years of service
#5
great work

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 3 Guest(s)