search

RyanJarv / cdn-proxy

Bypass CDN and WAF restrictions using CDN re-fronting.
https://blog.apnic.net/2022/05/19/bypassing-cdn-wafs-with-alternate-domain-routing/
237 stars 26 forks source link

Issue with cdn-scanner when using a CIDR block #9

Open luchua-bc opened 9 months ago

luchua-bc commented 9 months ago

I'm running cdn-scanner to scan an AWS CIDR block:

cdn-scanner -domain {my_instance}.cloudfront.net cloudfront 3.160.0.0/14

And I got the following:

Ulimit # of files open is currently set to 65326
https://3.160.0.0/14 -- Via Proxy: closed (502), Origin: error (000 -- Get "https://3.160.0.0%2F14/": dial tcp: lookup 3.160.0.0/14: no such host)
http://3.160.0.0/14 -- Via Proxy: closed (502), Origin: error (000 -- Get "http://3.160.0.0%2F14/": dial tcp: lookup 3.160.0.0/14: no such host)

It seems that 3.160.0.0/14 is treated as a single IP instead of a CIDR block. What's the correct command?

Thanks, Luc

RyanJarv commented 7 months ago

@luchua-bc Sorry for the delay here, I don't think the target selection supports CIDRs right now. If you want to expand the IPs out in to a file though it should accept that though.

https://github.com/RyanJarv/cdn-proxy/blob/main/main.go#L232

luchua-bc commented 7 months ago

Thanks @RyanJarv for confirming the workaround.