Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Getting passed cloudflare?

hotpockets
hotpockets
in Network Security

Featured Replies

Posted

Hey, I was wondering if anyone here knew how to get passed cloudflare? I'm aware you can just get the original main IP, but that thing is hidden away. Even when trying to bypass it using subdomains.

Depending on what software the server is running, there could be exploits, e.g. if they got some forum software where you can set your avatar by url, the server will connect to it and it could reveal the actual server ip. If they got a https image proxy, post an image, the server will crawl it as well.

I saw a lot people who fail to setup cf properly, so you can still get the IP with a mail / other subdomain dns entry, but i guess this wont be the case here, like you said :P

  • Author

Some people make it sound so easy. They brag about being able to bypass the cloudflare and accessing the main server with ease.

4 hours ago, evo85 said:

Some people make it sound so easy. They brag about being able to bypass the cloudflare and accessing the main server with ease.

I wasn't bragging, I just told you the methods you COULD do to obtain the real server ip. If you would provide us the site URL i could tell you what you could do there, as it really depends on the target, what software it is running, how it is configured etc.

  • Author

Ah, I was not refering to you at all. I was talking about other members/social media when I would google this topic.

  • 2 weeks later...

A few main ways I do it:

  • direct.site.com - this used to by default go to the original IP, many people forgot to remove it, cloudflare eventually caught onto this and change it, but if it's a site that's been using CF for a while they might still have this problem. 
  • Try looking for the mail server, dig site.com mx
  • Check for non-plain-HTTP services like game servers, websocket servers, video or audio streams, etc, and see if any of those IPs work 
  • Look for external grabbers, things that will download images from your own server for example
  • Figure out what provider they use, if they mention it somewhere, then blast their whole provider's subnet scanning until you find their webpage showing up when you send their host header - this won't work if the admins actually configure to only allow CF IPs but many don't bother
  • Check if the site is on CloudFlare Watch and check for historical IPs on domaintools, etc
  • if all else fails, there are several tools available which can be used to bruteforce DNS to find hidden subdomains, which might often reveal an original IP
    • Like 2
    • 1 year later...

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.