How to Find Real IP behind CloudFlare with CloudSnare Python Script?
As in the above section, we have configured Censys.io. Now, we can follow the below steps to Find Real IP behind CloudFlare with CloudSnare Python Script.
Step 1: Download CloudSnare Script
Download the CloudSnare script, which is a Python-based script, from its GitHub repository to your local desktop computer. Open the downloaded Python script file in a code editor of your choice.
Python3
#!/usr/bin/env python3 import censys.certificates import censys.ipv4 from sys import argv UID = "**CHANGE**" SECRET = "**CHANGE**" def is_cloudflare(dn): if "cloudflaressl.com" in dn or "cloudflare.com" in dn: return True return False def find_certificates(target): print ( "Certificates:" ) certificates = censys.certificates.CensysCertificates(UID, SECRET) fingerprints = [] fields = [ "parsed.names" , "parsed.extensions.subject_alt_name.dns_names" , "parsed.fingerprint_sha256" , "parsed.subject_dn" ] for cert in certificates.search( "%s and tags: trusted" % target, fields = fields): if not is_cloudflare(cert[ "parsed.subject_dn" ]) and target in cert[ "parsed.names" ]: fingerprints.append(cert[ "parsed.fingerprint_sha256" ]) print ( "\tHost: %s\n\tFingerprint: %s" % ( ' ' .join(cert[ "parsed.names" ]), cert[ "parsed.fingerprint_sha256" ])) return fingerprints def find_hosts(target): print ( "Hosts: %s" % target) hosts = censys.ipv4.CensysIPv4(UID, SECRET) fields = [ "ip" ] for host in hosts.search(target): print ( "\tFound host: %s" % (host[ "ip" ])) def main(): if len (argv) ! = 2 : print ( "Usage: %s <host>" % argv[ 0 ]) else : target = argv[ 1 ] fingerprints = find_certificates(target) for fp in fingerprints: find_hosts(fp) if __name__ = = "__main__" : main() |
Update the script by replacing the default API ID and secret key values with your actual Censys API ID and secret token that you copied in the previous step. Save your changes after inserting your credentials into the script file so they remain populated for when you run the script.
Step 2: Install the Censys Python Module
Install the Censys Python module on your Linux system to allow the CloudSnare script to interact with the Censys API by entering the following command in your terminal:
pip install censys
Step 3: Run the CloudSnare Script
Run the CloudSnare.py script file that you downloaded and updated with your credentials. Navigate to the directory path location you have saved the CloudSnare.py file on your desktop using the command line. Execute the script by running the following command:
python CloudSnare.py w3wiki.org
In the results, we can see that, we have got the IP Address which is behind the Cloudflare.
Find Real IP behind CloudFlare with CloudSnare
Cloudflare is a company that provides content delivery network (CDN) services and cybersecurity protection for websites and applications. Cloudflare is one of the most popular CDN providers that offers a complete package of WAF i.e. Web Application Firewall and DDOS Protection (Distributed Denial of Service) for websites. In this article, we will see detailed steps to Find Real IP behind CloudFlare with CloudSnare.
Features of CloudFlare:
- Content Delivery Network (CDN): Cloudflare operates a global network of servers that caches and delivers website content from the nearest location to the end-user, reducing latency and speeding up page load times.
- Distributed Denial of Service (DDoS) Protection: Cloudflare provides robust DDoS protection, mitigating malicious traffic and ensuring that websites remain accessible during cyberattacks.
- Web Application Firewall (WAF): Cloudflare’s WAF protects websites from common web application vulnerabilities and exploits by filtering and monitoring HTTP traffic between a web application and the internet.
- SSL/TLS Encryption: Cloudflare offers free SSL/TLS certificates to secure the communication between users and websites, encrypting data in transit and providing a secure browsing experience.
- Always Online: In case your origin server goes down, Cloudflare’s Always Online feature serves a cached version of the website, ensuring that users can still access content even if the origin is temporarily unavailable.