christophetd / CloudFlair

🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/
2.63k stars 361 forks source link

Censys credentials invalid #83

Open v1ru6 opened 8 months ago

v1ru6 commented 8 months ago

When running the tool I get an error saying that Censys credentials are invalid although I know for sure they work.

┌──(venv)─(kali㉿kali)-[~/CloudFlair] └─$ python cloudflair.py example.com --censys-api-id XXXXX-XXX-XXXX-XXX-XXXXXX --censys-api-secret XXXXXXXXXXXX [] Retrieving Cloudflare IP ranges from https://www.cloudflare.com/ips-v4 [] The target appears to be behind CloudFlare. [*] Looking for certificates matching "example.com" using Censys [-] Your Censys credentials look invalid.

Running on

$ lsb_release -a No LSB modules are available. Distributor ID: Kali Description: Kali GNU/Linux Rolling Release: 2024.1 Codename: kali-rolling

Linux kali 6.6.9-amd64 #1 SMP PREEMPT_DYNAMIC Kali 6.6.9-1kali1 (2024-01-08) x86_64 GNU/Linux

I have also tried adding the CENSYS_API_SECRET and CENSYS_API_ID to my environment variables but I have the same issue.

The issue does not seem to occur when running the docker version of CloudFlair. Any idea?

christophetd commented 8 months ago

Censys has removed their free tier. You can still create new accounts, but the API credentials remain valid only for 60 days. See https://github.com/christophetd/censys-subdomain-finder/issues/21#issuecomment-1985033364

saiyash006 commented 5 months ago

yeah, i have just created the censys account but still it is showing me that they are invalid