Finding the real IP address of a website behind Cloud Flare: Gathering Information
This tutorial is 100% for Education Purpose only. Any time the word “Hacking” that is used on this site shall be regarded as Ethical Hacking. Do not attempt to violate the law with anything contained here. If you planned to use the content for illegal purposes, then please leave this site immediately! We will not be responsible for any illegal actions.
In this tutorial, we will use a simple website built specifically for testing purposes.
Pentest.ID - Penetration Testing - Security
Segala sesuatu yang ada di dalam website ini diperuntukkan untuk tujuan pendidikan dan berbagi ilmu. Selamat Siang gan…
and we will try to find as many information as possible from this website.
What is Cloud Flare?
Cloudflare and other reverse proxy services can make websites faster and safer. One of the benefits of these services is that they add a layer of anonymity to mask a website’s hosting provider and other details.
By using a reverse proxy service, it can be very difficult or even impossible for someone on the outside to figure out who the hosting provider is that’s originating the website. This makes it possible for content owners to remain anonymous and hide the origin IP address of their webserver to protect the originating server from attacks.
Time to start finding!
There are several tools to find information behind the Cloud Flare, such as:
Shodan is a search engine that lets the user find specific types of computers connected to the internet using a variety of filters.
Shodan has servers located around the world that crawl the Internet 24/7 to provide the latest Internet intelligence…
Visit the website and type the pentest.id in the search bar then hit the search button.
Here’s the result
From here we can see that we already got some sensitive information of pentest.id
This is the REAL IP of pentest.id: 18.104.22.168
For more detailed information, we can click the view detail button or click the title as shown in the picture.
This is the Real IP Address detail
This is the list of ports open in the server.
The technologies that are being used in this website
You can also see some Vulnerabilities
And here I created the video tutorial to help you use the tools better