var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

Script that Filters out Cloudflare IPs from a list of IPv4s and IPv6s
#1
I was doing some web app hacking and I always try to find non cloudflare protected ip addresses from the subdomains I identify during recon stage. Its a bit annoying as I usually check each ip address 1 by 1. So I wrote a python script that takes a list of ipv4/ipv6 addresses as input via -i <input-list-file> and outputs the non-cloudflare ip addresses to -o <output-list-file>.

Disclaimer: I quickly slapped together this script and I'm tired, so I will probably thoroughly test it in the next few days and add more logic to catch and handle errors later on.

How it works is it checks if the ip addresses in the input list are within any of the publically provided cloudflare ip ranges and if its not in any of the ranges, then it writes the ip address to the output file.


[You must reply to view this hidden content]
Report
#2
Thank your for sharing Bro !!!
Reply Quote // Report
#3
thank you for the script
Reply Quote // Report
#4
it is as ip scanner? angry ip scanner only for cloudflare?
Reply Quote // Report
#5
TeSLAndromeda Wrote: it is as ip scanner? angry ip scanner only for cloudflare?

No, not that. Commonly while hacking web apps when you encounter a target that has all of their known domains behind cloudflare, which hides their real web servers backend IP, you will want to try to find a way to identify what the real backend IP of a given target's web application is, as if you try running gobuster against a site that is behind cloudflare for example, all of your proxies will quickly get banned, if you find the backend IP address, you can manually specify that in your /etc/hosts file, and bypass the cloudflare protection.

What this script is for, after you do the necessary recon to acquire a list of subdomains of the targets root domain, you can get the ip address from the DNS A record of those subdomains, and pass that list of ip addresses as the input file to the script that I wrote, and it will filter out any that are cloudflare ips, leaving you with only the ip addresses of the actual infrastructure that the target has.
Reply Quote // Report
#6
you are kind. thanks
Reply Quote // Report
#7
Awesome work man! I will check it out.
“I'll just regress, because I feel I've made myself perfectly redundant.”
Reply Quote // Report
#8
Looks interesting. Will like to check
Reply Quote // Report
#9
Looks interesting!
Reply Quote // Report
#10
Thank you, i will try this tool out
Reply Quote // Report


Quick Reply
Message
Type your reply to this message here.



Possibly Related Threads…
Thread Author Replies Views Last Post
Beginner Learning Checkpoint List Levron 1 373 04-18-2023, 10:28 PM
Last Post: 0KORABIKA0



Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }