How to Find Real IP behind CloudFlare with CloudSnare Python Script?

As in the above section, we have configured Censys.io. Now, we can follow the below steps to Find Real IP behind CloudFlare with CloudSnare Python Script.

Step 1: Download CloudSnare Script

Download the CloudSnare script, which is a Python-based script, from its GitHub repository to your local desktop computer. Open the downloaded Python script file in a code editor of your choice.

Python3

#!/usr/bin/env python3
 
import censys.certificates
import censys.ipv4
from sys import argv
 
UID = "**CHANGE**"
SECRET = "**CHANGE**"
 
def is_cloudflare(dn):
    if "cloudflaressl.com" in dn or "cloudflare.com" in dn:
        return True
    return False
 
def find_certificates(target):
    print("Certificates:")
    certificates = censys.certificates.CensysCertificates(UID, SECRET)
    fingerprints = []
    fields = ["parsed.names", "parsed.extensions.subject_alt_name.dns_names",
              "parsed.fingerprint_sha256", "parsed.subject_dn"]
 
    for cert in certificates.search("%s and tags: trusted" % target, fields=fields):
        if not is_cloudflare(cert["parsed.subject_dn"]) and target in cert["parsed.names"]:
            fingerprints.append(cert["parsed.fingerprint_sha256"])
            print("\tHost: %s\n\tFingerprint: %s" % (' '.join(cert["parsed.names"]), cert["parsed.fingerprint_sha256"]))
    return fingerprints
 
def find_hosts(target):
    print("Hosts: %s" % target)
    hosts = censys.ipv4.CensysIPv4(UID, SECRET)
 
    fields = ["ip"]
 
    for host in hosts.search(target):
        print("\tFound host: %s" % (host["ip"]))
 
def main():
    if len(argv) != 2:
        print("Usage: %s <host>" % argv[0])
    else:
        target = argv[1]
 
    fingerprints = find_certificates(target)
    for fp in fingerprints:
        find_hosts(fp)
 
if __name__=="__main__":
    main()

Update the script by replacing the default API ID and secret key values with your actual Censys API ID and secret token that you copied in the previous step. Save your changes after inserting your credentials into the script file so they remain populated for when you run the script.

Pasting API and Secret Key from Censys.io

Step 2: Install the Censys Python Module

Install the Censys Python module on your Linux system to allow the CloudSnare script to interact with the Censys API by entering the following command in your terminal:

pip install censys

Installing the Censys Python Module

Step 3: Run the CloudSnare Script

Run the CloudSnare.py script file that you downloaded and updated with your credentials. Navigate to the directory path location you have saved the CloudSnare.py file on your desktop using the command line. Execute the script by running the following command:

python CloudSnare.py w3wiki.org

In the results, we can see that, we have got the IP Address which is behind the Cloudflare.

Result of the CloudSnare.py Script

Find Real IP behind CloudFlare with CloudSnare

Cloudflare is a company that provides content delivery network (CDN) services and cybersecurity protection for websites and applications. Cloudflare is one of the most popular CDN providers that offers a complete package of WAF i.e. Web Application Firewall and DDOS Protection (Distributed Denial of Service) for websites. In this article, we will see detailed steps to Find Real IP behind CloudFlare with CloudSnare.

Features of CloudFlare:

Content Delivery Network (CDN): Cloudflare operates a global network of servers that caches and delivers website content from the nearest location to the end-user, reducing latency and speeding up page load times.
Distributed Denial of Service (DDoS) Protection: Cloudflare provides robust DDoS protection, mitigating malicious traffic and ensuring that websites remain accessible during cyberattacks.
Web Application Firewall (WAF): Cloudflare’s WAF protects websites from common web application vulnerabilities and exploits by filtering and monitoring HTTP traffic between a web application and the internet.
SSL/TLS Encryption: Cloudflare offers free SSL/TLS certificates to secure the communication between users and websites, encrypting data in transit and providing a secure browsing experience.
Always Online: In case your origin server goes down, Cloudflare’s Always Online feature serves a cached version of the website, ensuring that users can still access content even if the origin is temporarily unavailable.

Tags:

#Geeks Premier League 2023 #Kali-Linux #Geeks Premier League #Linux-Unix

How to Configure Censys.io?

Conclusion