How To Find Original IP behind Cloudflare and Bypassed the WAF by Cloudflare

3 years ago 176

BOOK THIS SPACE FOR AD

ARTICLE AD

source : qwords.com

Hello everyone, I hope you are good. Based on the title, in this article I will share “How To Find Original IP behind Cloudflare” and bypassed the WAF. Maybe some people already know this, but I will keep share. So, let’s start reading.

Cloudflare, Inc. is an American web infrastructure and website security company that provides content delivery network services, DDoS mitigation, Internet security, and distributed domain name server services.[2] Cloudflare’s services sit between a website’s visitor and the Cloudflare user’s hosting provider, acting as a reverse proxy for websites.[3][4] Cloudflare’s headquarters are in San Francisco.[2] (source : wikipedia.org)

One of Cloudflare’s current uses that are most widely used by companies and individuals is to hide the IP address of a server. This can be done simply by activating the proxy feature provided by Cloudflare. When this feature is activated, every request will automatically go through Cloudflare first, then only on the user’s server. But for some cases, we can actually find out the Original IP behind Cloudflare, using DNS Historical Records.

To find out the Original IP, we can use the “DNS History Check” tools or you can use the tools available on this github. (Because the target is private, maybe there is a picture that i blur)

viewdns.info

In above is example Original IP from the target. Using the DNS History Check, we can knowing the dns history record. What is in the red box is the original IP of the target, when I visited the IP i got redirected to target.com.

Because already know the original IP of the target, the next step is edit the Hosts file, so that every time you access the website, it is no longer through Cloudflare.