+8 votes
in Tutorials and Guides by (1.5m points)

How to find out the real IP behind CloudFlare with CloudFail

1 Answer

+9 votes
by (725k points)
Best answer

Currently, many websites have chosen to use the services of ClouFlare , as it offers a free plan with CDN functionalities and protection against DDoS attacks. One of the immediate consequences after configuring CloudFlare in our domain, is that the real server IP will be hidden . In this article we will show you how to obtain the real IP of sites protected by CloudFlare with the CloudFail tool .


A developer has launched a tool to try to find out the real IP of the server behind CloudFlare protection, it is CloudFail and it is completely free and open source.

Obtaining the real IP from the server is almost essential when it comes to security and pentest tests. If we do not get this IP, the spectrum of attacks to exploit vulnerabilities is reduced, hence it is always good to make these checks.

Remember that although we are not a hacker destined to do evil, sysadmin can also use these tools to find out if we are really doing things right. What better than to protect ourselves from hackers using their own tools.

CloudFail, tool to find out the IP behind CloudFlare.

The operation of CloudFail is very simple and takes place in three stages or phases. In a first phase, the program uses the DNSdumpster.com website to find unsafe or failed DNS configurations that expose the real IP of the server .

In a second phase CloudFail makes use of the Crimeflare.com website that offers a global database with all domains protected by CloudFlare. The script itself will download the database if it does not exist.

The last test relies on brute force to scan more than 2,500 possible subdomains. In many cases the subdomains are not protected by CloudFlare and would allow us to obtain the real IP of the server. To discover subdomains we have other specific and more advanced tools such as AQUATONE , SubBrute or portSpider that can also help us.

Other features and how to use CloudFail.

Another feature of CloudFail is that you can use the Tor network to preserve our anonymity during testing.

The tool is available on GitHub for free, it is open source and cross platform. This program with Python 3, so we will have to have this interpreter installed in our operating system to make it work.

The basic use of CloudFail is as simple as executing the following command:

python cloudfail.py --target vozidea.com

Most popular questions within the last 20 days