How to Bypass the Sucuri CloudProxy WebSite Firewall - The Logical Kid

Hello once again!

Today, I am going to show how to bypass the 'Sucuri CloudProxy WebSite Firewall' which is same as the CloudFlare protection.

Here, the concept is same.. but anyways this is gonna help people who are looking out for specifically bypassing the 'Sucuri CloudProxy Website Firewall'.

Anyways, the people who already know the power of dns-based hosts enumeration can deal with any kind of such services when they have a good idea about the concept of DNS and subnets and internal networks.

Uhm, that being said.. lets begin with the process.

The first step is pinging the website to get the IP address from where we get reply.

As we can see the IP address 72.x.x.x, lets see what happens when we directly enter the IP in the browser.

Oh! See what we get, an erro stating Invalid URL.
We need not worry though, as this is just the beginning. *evil grin*

Lets start our work of troubling dns for hosts enumeration.
Here, I am using our favorite and easy to use tool 'fierce'

This comes by default with all the major Pentest distros, viz. BackTrack,Kali,Auditor, et al.

Those who don't have it can anyhow download it from ha.ckers.org/fierce/

After downloading, its much simpler to use too!
You just need to provide one parameter in this case.

Its as simple as below:

Just hit the above syntax and wait for the program to work, probably to work wonders!

After the completion of execution, you can see a report as below!

Our work is now to open the IPs in our browser.
I found the last IP interesting which shows that it maps to www1.bhaskar.com
Lets open the IP in the browser and see what happens!

Bingo! We did bypass the Sucuri or whatever CloudProxy to find the real IP of the host.

What next?
Start up with your port-scanning techniques, and all that stuff!
Yea..fire in the hole! :D

What are the languages to be learnt for hacking into a computer system?

   This post is all about answering the question which every wannabe hacker keeps asking!
   Well, here are some of the best answers which I personally feel that fit as an apt answer.


Firstly, It doesn't matter what you learn because you have no control over what you might need in the specific circumstances. If the proof-of-concept is written in python, then you need to be able to read python, if the exploit is written in C, then you need to read C. If you are exploiting java applets then you need to handle java

What you do is learn one language really really REALLY well and then go from that.

A very common misconception is that hackers work with source code. They very rarely do. Instead they work with compiled code running in memory. So you need to be able to handle assembly and when you code it's more often to see the resulting assembly and rarely to achieve functionality.

You will find out that learning a programming language or even learning more than one programming language will not get you anywhere near being able to hack
 
itsmerif@maak:/$ ls -l
-rwxr--r--
 
Secondly, Hacking (or rather CRACK-ing) isn't about programming. So language is irrelevant as an answer to this question. Though you'd be much "better" (or should that be "worse") at it if you know nearly all the languages in general use.

What cracking is mostly about is dissembling programs to find loop-holes in their construction. These loopholes you use to gain access to them other than as designed. So if any language can be stated as a prerequisite, then the "assembly" of the program is probably it - whatever that assembly is (x86 based, ARM, etc.). In stuff like web sites the "assembly" might be JavaScript, but then just as easily on the server side it might be JVM / DotNet bytecode, or Python scripts, or whatever else is used.

Ask yourself: "Why do I want to 'hack'?" To learn programming? Then you're wasting your time. To be able to break into systems? Then programming is not what you want to do.
Source: Quora

Finding the real IP address of a CloudFlare protected website

Lately, I have been watching many website administrators opting in for CloudFlare security as this seems to protect their website from many attacks, the Denial of Service to say the least.


So how, as a Penetration tester.. or just out of anxiety, curiosity, whatever are you going to get to the real machine?
You need the IP address right?


 Today, I am going to teach you how to bypass the CloudFlare security to get the real IP address of the target site.

Lets begin with pinging the site so that we get to see what IP address responds back.

Here we go:

 Oh! So the IP seems to be 104.x.x.x
Lets try opening the same in the browser.

Omg! See what we got! CloudFlare has denied Direct IP access.

Next what? Should we lose hope and let CloudFlare decide the end of our penetration testing?
Nah!! We are going to bypass this and identify the real IP address on which this website is hosted.




Uhm, okay! Here we are going to enumerate the hosts via DNS. For this, we are going to use a cool script in perl, called "fierce" which is perfect for the required work.

Download the tool from: http://ha.ckers.org/fierce/

Now get the tool into some action, as follows:

P.s: You do not need to prefix every syntax shown here with 'proxychains'.
That is not really required. Just used it to work out with proxy.

..and wait for the tool to get its work done, while you have your tea! Coffee is not a bad option though, but I prefer tea.. special tea! ;)

After the work is done, you get this sort of output:

Hey! Don't be surprised by this. They do simply show us the targets inside and outside this corporate network in which we are interested.
All is well until now!

Now, we need to find the specific IP of the target, and for this I did see all the retrieved host IPs and then checked out for random IPs from the list, and found this particular host interesting, as it caught my eyes.

Yea! This looks interesting, right?
So, I just did paste-in the IP in the address bar, and Eureka! :) :)

We did it! Yayyy!!! ;) :)
Phew! We finally did get the real IP of the target.

Now, we need to continue with the port scanning, vulnerability identification, and those traditional methods of trade leading to the exploitation and payload generation, et al.

Done! :)
Follow the generic pentesting methods from here! :)
All the best!


Gr33tz t0: F-r0Z,GSM50,Guy244,i-maD,KANK,sajjutxt
~The CliQue~