Test candidate origin servers on two ports HTTP & HTTPS

christophetd / CloudFlair

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/

2.58k stars 358 forks source link

Test candidate origin servers on two ports HTTP & HTTPS #32

Closed ELHARAKA closed 2 years ago

ELHARAKA commented 4 years ago

I have been using this tool for awhile and i noticed 50% of the results are false positive. for i,e after cloudflair dump a list of ip addresses for the site origin server it can't detect which one is working so i after i take those ip addresses i test them manually on the both ports 443 & 80 some they work on 443 port and some they only work at 80 port.

Thank you so much for this amazing tool

christophetd commented 4 years ago

Thanks for the actionable feedback! I believe it's definitely something worth implementing. Can you share (you can PM me on Twitter if you'd like to keep it private) a sample website where you had this behavior?

christophetd commented 2 years ago

closing for inactivity, but happy to work on it if I have a domain on which I can reproduce the issue!