This Tool Helps Me To Find The Origin IP Address😍
Hi, Ajak Amico! Welcome back to another blog. Today I will show you how to find the origin IP address using An automated tool. Before starting, if you haven’t subscribed to our channel, do subscribe, guys. Contents related to cyber security, Bug Bounty, and Digital Forensics Investigation.👇
Follow our Youtube Channel: @ajakcybersecurity (361Videos)
Follow on Instagram: @ajakcybersecurity
Why to Find the orgin IP address?
As a penetration tester/Bug Bounty hunter, we may come across this flaw stating ‘Origin IP leads to XSS and RCE,’ but why is it essential to find the origin IP? Here is the answer: if you find the origin IP, we don’t need to bypass any Cloudflare WAF; we can directly inject our query into the origin server, as mentioned in the picture below.
How to check whether the Website uses Cloudflare WAF?
So simple we can use the Wappalyzer extension, so simply go inside a website and check whether the site uses CDN or Cloudflare as mentioned below in the diagram.
How to find The Origin IP?
Here is the tool called ‘CLOUDFAIL’ Download the Tool: CloudFail
Let’s learn practically!!
How to install it?
First, we need to install pip3 for python3 dependencies:
$ sudo apt-get install python3-pip
Then we can run through dependency checks:
$ pip3 install -r requirements.txt
If this fails because of missing setup tools, do this:
sudo apt-get install python3-setuptools
git clone https://github.com/m0rtem/CloudFail.git
To run a scan against a target:
python3 cloudfail.py --target seo.com
Testing on live Bug bounty sites:
Let me show you an example of how to find this tool on real sites. After installing the tool, simply give the following command. Instead of ‘bitbns,’ you can give your target there
python3 cloudfail.py — target “bitbns.com”
The tool will start to run now after running it will find some IP’s for you as mentioned in the below diagram.
As you can see, the tool fetched an IP address ‘52.172.42.229.’ Now, what you can do is copy the IP address and cross-check the IP in the ‘whoisIP’ tool, whether the IP belongs to the specific organization. If so, you can paste the IP in the browser and start to inject queries such as XSS, SQL, directory brute-forcing, etc. So now, there won’t be any WAF that will block your request or IP. Avoid relying solely on tools because they may give false positive results; therefore, learn the manual method as a beginner.
The good thing about this tool is it fetches the origin IP and subdomain as well, as you can see in the above-mentioned picture.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — —
“கற்றவை பற்றவை🔥”
Learn Everyday, Happy Hacking 😁🙌
https://www.buymeacoffee.com/Ajak
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Follow our Youtube Channel: @ajakcybersecurity
Follow on Instagram: @ajakcybersecurity.
