Closed AnonBinarySecurity closed 7 years ago
Anorov
commented
7 years ago Which cookie are you referring to? cf_clearance or __cfduid? And have you replicated the behavior for multiple websites, when those same websites work on a different operating system?
AnonBinarySecurity
commented
7 years ago cf clearance seems to be the problem. And yes, tested on multiple websites. The same websites work on a different operating system I.E Ubuntu.
Anorov
commented
7 years ago Sorry, I don't have a Kali environment to test on. Could you make sure it's running the latest version of node.js and Python 2.7? And is it possible Cloudflare is detecting and blocking some fingerprint left by Kali? I could see Cloudflare attempting to block operating systems and browsers associated with penetration testing when IUAM is enabled.
Anorov
commented
7 years ago Closing this issue at this time. Please re-open if you have more updates.
It will not collect a cookie from a IUAM Browser page but will collect a cookie if the mode is lower than such.