How To Bypass Cloud Flare Protection ?

Hey Hacker !!

Today we are going to discuss about how you can bypass cloudflare protection, to find the real IP address of the target.

CloudFlare is a cloud-based protection, developed to protect websites against Denial of Service attacks. It works by acting as reverse proxy the name servers and the real IP address are hidden under the CloudFlare IP address.

Therefore, the attacker would not be able to cause any DOS attacks, since all traffic would be routed through the Cloudflare servers.

Method 1: Resolvers

The most common approach to bypass a cloudflare protection is to use online Cloudflare resolvers that use different methods to bypass the protection.

For this demonstration, our target would be running behind cloudflare servers.

To find whether the site is running over cloudflare servers, you can make use of NSLook up or you can make use of online lookup tool

Cloudflare resolvers contains a list of around 381,314 domains that have recently shifted to cloudflare , and they are actively testing it .

Method 2 :Subdomain Trick

Most people don’t configure Cloudflare properly .Their main domain would have a cloudflare IP address , but the subdomains will point to real IP address.

For example:

mrscriptkiddie.com is pointing to IP address 173.245.61.9 contact.mrscriptkiddie.com pointing to real IP address 199.47.222.125 mail.mrscriptkiddie.com pointing to real IP address 199.47.222.125

You can perform this Subdomain trick by just pinging.

ping NAME_OF_SITE

In the same way , we can use other subdomains to find real IP address of a website.

Note: There are also automated scripts utilizing the same attack vector .One such tool i found was written in PHP .

Method 3 :Mail Servers

The third and final trick to find the real IP address of a target website would mostly work on forums and websites allowing registrations.

To perform such attack you need to register on a particular site ,and it will send a confirmation E-mail to the address we provided while registering .

After the confirmation e-mail is received ,view the e-mail header .

Next we would use any email tracer to check from where the E-mail originated. We will use the following website to do so .

www.ip2location.com/free/email-tracer

As you can see we are successfully able to extract IP address from the MX server.

Keep Coming for more !!!

Thank you.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
FreakyDodo

FreakyDodo

115 Followers

Hey Hackers !! I am Harshit Dodia aka Freaky Dodo , I am a student of Information Technology and Ethical hacking.