05-11-2023, 11:51 AM
I was doing some web app hacking and I always try to find non cloudflare protected ip addresses from the subdomains I identify during recon stage. Its a bit annoying as I usually check each ip address 1 by 1. So I wrote a python script that takes a list of ipv4/ipv6 addresses as input via -i <input-list-file> and outputs the non-cloudflare ip addresses to -o <output-list-file>.
Disclaimer: I quickly slapped together this script and I'm tired, so I will probably thoroughly test it in the next few days and add more logic to catch and handle errors later on.
How it works is it checks if the ip addresses in the input list are within any of the publically provided cloudflare ip ranges and if its not in any of the ranges, then it writes the ip address to the output file.
Disclaimer: I quickly slapped together this script and I'm tired, so I will probably thoroughly test it in the next few days and add more logic to catch and handle errors later on.
How it works is it checks if the ip addresses in the input list are within any of the publically provided cloudflare ip ranges and if its not in any of the ranges, then it writes the ip address to the output file.
[You must reply to view this hidden content]