Find Real IP address of Backend Server behind CloudFlare





Project CrimeFlare is a large database collecting sensitive data with client using CloudFlare as a reverse proxy. One of the most important info is Real-IP of backend server behind CloudFlare.

Many clients (System Administrators) think they are hided, protected by behind CloudFlare and hackers cannot know their backend servers to attack, so they ignore many of the best pratices for protecting their backend server.

More info about this CrimeFlare here http://www.crimeflare.com

Get the Real-IP of backend server here http://www.crimeflare.com/cfs.html

I tried to verify with many websites and CrimeFlare work like a charm, for example with haveibeenpwned.com (https://www.cloudflare.com/case-studies/troy-hunt/)

You can do some basic checks to make sure (maybe) they're using CF




Verify this IP


This is exactly IP of haveibeenpwned.com

Nhận xét

Bài đăng phổ biến từ blog này

CVE-2019-12839: Lỗ hổng thực thi mã lệnh tùy ý trên OrangeHRM CMS

[Steganography] Kỹ thuật che dấu thông tin - Phần 2

PHP Race Condition Vulnerability Example