Professional Documents
Culture Documents
to bypass Cloudflare and obtain website real IP
Methods to bypass Cloudflare
and obtain website real IP
By Xor.1010
1 Xor.1010
Methods to bypass Cloudflare and obtain website real IP
1. What is CloudFlare?
Cloudflare is a Content Delivery Network (CDN) with additional features of
security and performance enhancement to your website.
2. CloudFlare services:
- Content delivery network;
- DDoS protection;
- Reverse proxy;
- Public DNS resolver;
- Authoritative DNS;
- Web application firewall (common vulnerabilities like SQL injection attacks,
cross‐site scripting, and cross‐site forgery requests);
3. Methods to bypass Cloudflare and obtain website real IP:
First of all check if a website is protected by CloudFlare using one of the following
online tools:
Selesti: https://checkforcloudflare.selesti.com/
2 Xor.1010
Methods to bypass Cloudflare and obtain website real IP
Wappalyzer: https://www.wappalyzer.com/
Another way to detect if a site is protected by CloudFlare is by obtaining the
current ip of the website and try to connect directly.
Knowing that the site is using Cloudflare we can try using one of the following
methods to obtain the real ip:
a. CloudFlare Watch http://www.crimeflare.info:82/cfs.html
3 Xor.1010
Methods to bypass Cloudflare and obtain website real IP
b. Censys https://censys.io/ipv4 ‐ version 1
Type the site address in the search box and you will receive a list of ip’s
associated with the target that you can test to see if they are the original ip.
c. Censys https://censys.io/ipv4 ‐ version 2
For finding valid certificates we can use on Censys the following query:
parsed.names: xxxxx.xxx and tags.raw: trusted
4 Xor.1010
Methods to bypass Cloudflare and obtain website real IP
Afterwards, you can click a certificate and check for the corresponding ip
addresses
d. Using DIG
For windows the following link contains download file and a tutorial how to
install DIG: https://nil.uniza.sk/how‐install‐dig‐dns‐tool‐windows‐10/
To make a dns lookup using DIG use the following command:
dig xxxxxx.xxx ‐t any
After this command you can check all the records that are not associated with
CloudFlare.
5 Xor.1010
Methods to bypass Cloudflare and obtain website real IP
4. Direct connect to the site
After obtaining an ip address using the previous methods you can
add a new entry in /etc/hosts file (linux). For windows you can
find host file in “c:\windows\system32\drivers\etc\ hosts”.
Check if you are using the new ip by pinging the address.
If everthing was ok next time when you will visit the website
Cloudflare will be bypassed and a direct connection will be
established.
GOOD LUCK!!!!
6 Xor.1010