HOW TO FIND REAL I.P. PROTECTED BY CLOUD FLARE?

All these methods are based on bad admin configurations, but still are quite common

If you want to find real I.P. address of website, which is hidden by CLOUDFLARE. It has came to my attention that many booters, hosts, malicious websites, and more use CloudFlare for DDoS Protection & Anti-Abuse Report Protection. With CloudFlare protection, it is difficult to get the hosts IP; therefore, it is difficult to send an abuse report or launch a (D)DoS attack. This simple guide will help you obtain any website protected by CloudFlare's real IP, which can be used for whatever you desire!

METHOD 1:-

If you simply ping the domain , it will give i.p. which is not website`s real i.p. address. you should try following option to get real I.P. address of domain.

ping direct-connect.domain.com

             OR

ping direct.domain.com

             OR

ping ftp.domain.com

             OR

ping cpanel.domain.com

             OR

ping mail.domain.com

METHOD 2 :-

For a Long Aged Domain you can use netcraft toolbar to check real ip

For Example

Code:

http://toolbar.netcraft.com/site_report?url=DOMAIN.COM

Clearly We can see change in IP to a cloudflare one.

METHOD 3 :-

You can try bruteforcing DNS , some subdomain will have real IP of website.

For this purpose you need NMAP tools.

Open your terminal with root privellege & type following code

# nmap -sV -sS -F <target>

it will scan host & give results , it`s not give real i.p. of website.(but from this you can know weather website is protected by CLOUDFLARE or not)

Now type following code in terminal

# nmap --script dns-brute -sn <target>

it will give you real I.P. of website.


I made simple bash script which do all things for you.For more details click here.

IF all of above methods does not work ;then there is no admin misconfiguration. So you cannot find real I.P.

Read More

Redirect Site to Another Site

A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will display another web page, for example:- when you type Google.com you will be redirected to yahoo.com

Instructions to do:

1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with word pad.
5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)
6) now save it
7) restart the browser if its already running
8) Now try it, It works perfect

IP*: to find IP address of that website Goto start ->Run > type cmd > enter. Now you have a new window on desktop. On that type this without cotes "ping www. yahoo.com"
replace yahoo.com with your preferred site and then enter it

Read More

How to Find i.p Address of Remote computer?

This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim computer.

Before proceeding lets know something about IP address.

0x01-What is IP address?

IP address means Internet Protocol address - An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer etc.) participating in a computer network that uses the Internet Protocol for communication.

IP address serves for two basic purposes:

1. Host or network interface identification

2. Location Addressing

Now lets move to our moto..........

0x02-How to get IP address of remote computer or victim computer?

There are four techniques to get the IP address of remote computer or victim computer. These are as follows:

1. Using PHP notification script.
2. Sniffing during chat sessions.
3. Using Blogs and Websites.
4. Using read notify service.

Now lets go in detail one by one ....................

1. Using PHP notification script.

Using this Notification script you can get the IP address in just seconds.

Steps of using this PHP script:

Download ip finder script(IP_Finder.ZIP)

1. Open a new account inX10Hosting(or any other free host that supports PHP).
2. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.
3. You can rename the ip.php to any name of your choice.
4. Set the permission to777on ip_log.txt.

You have to send the of ip.php to you friend via email or while chatting and ask him to visit that link.Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

2. Sniffing during chat sessions.

With the help of Sniffers like wireshark etc. you can sniff the Gmail, and yahoo or any other chat sessions while we are chatting to any of your friend and extract the IP address from there.

3. Using Blogs and Websites.

This method is for those who have their blogs or websites. Normal users can also do this as blog is free to make. Make a new blog and use any stats service like histats or any other stats widget. Just add a new widget and put histats code there and save template. And send the link of your blog to your friend and get his IP.

4. Using read notify service.

Using read notify service is an email based service.

Steps to use Read Notify service is as follows:

a)First open the Read Notify website :RCPT

b)Now register on this website and then it will send you confirmation mail. Verify your account.

c)Once your account is activated. Do the following steps to use this service:

1. Compose your email just like you usually would in your own email or web email program.
2. Type: .readnotify.com on the end of your recipients email address (don’t worry, that gets removed before your recipients receive the email). Like this: hackersfind@gmail.com.readnotify.com .
3. Send your email.

Some things to remember:

• don’t send to and from the same computer.
• if your email program ‘auto-completes’ email addresses from your address book, you’ll need to keeptyping over the top of the auto-completed one to add the.readnotify.com.
• if you are cc-ing your email to other readers, you must add tracking to all of them.

Read More

Using nmap to change a source address

Using nmap to change a source address. The commands used are:

nmap -iflist

...to get a list of available interfaces. When an interface is chosen (in this tutorial, eth0 is chosen) use the name of the interface in the next command:

nmap -e eth0 -S 192.168.1.100 192.168.1.109

...which will use the eth0 interface and spoof a source IP of 192.168.1.100, while scanning 192.168.1.109. Because the source address is spoofed, the return traffic from the target host will not be routed back to us. Thus, all ports will appear to be closed.

Read More

How To change your I.P address?

Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.


1. Getting your IP range - Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it's 24.193.110.13 you can definitely use the IP's found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x".

2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this:

Windows IP Configuration:

Host Name . . . . . . . . . . . . . . : My Computer Name Here
Primary Dns Suffix . . . . . . . . . :
Node Type . . . . . . . . . . . . . . .: Unknown
IP Routing Enabled. . . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . . . . . . .: xxxx.xx.x
Description . . . . . . . . . . . . . . . . . . . . : NETGEAR FA310TX Fast Ethernet Adapter (NGRPCI)
Physical Address. . . . . . . . . . . . . . . . . : XX-XX-XX-XX-XX-XX
Dhcp Enabled. . . . . . . . . . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . . . . . . : Yes
IP Address. . . . . . . . . . . . . . . . . . . . . : 24.xxx.xxx.xx
Subnet Mask . . . . . . . . . . . . . . . . . . . .: 255.255.240.0
Default Gateway . . . . . . . . . . . . . . . . . : 24.xxx.xxx.x
DHCP Server . . . . . . . . . . . . . . . . . . . .: 24.xx.xxx.xx
DNS Servers . . . . . . . . . . . . . . . . . . . . : 24.xx.xxx.xxx
24.xx.xxx.xx
24.xx.xxx.xxx
Lease Obtained. . . . . . . . . . . . . . . . . . .:Monday, January 20, 2003 4:44:08 PM
Lease Expires . . . . . . . . . . . . . . . . . . . .:Tuesday, January 21, 2003 3:43:16 AM


This is all the information you will need for now, I suggest you either keep your dos/command prompt window open or copy & paste the information somewhere, to copy right click the window and select text and click once.

III. Changing your IP Address

To change your IP address first pick any IP you like out of your IP range and remember it or write it down. It is usualy a good idea to make sure the IP is dead (except for what we are going to do later on) so just ping it via "ping x.x.x.x" and if it times out then you can use it. Now go to My Computer, then Control Panel. In Control Panel select Network Connections and pick your active connection, probably Local Area Connection or your ISP name. Open that connection by double clicking on the icon in Network Connections, then select Properties under the General Tab. In the new window that pops up select Internet Protocol (TCP/IP) and click properties, it's under the general tab. In this new window select the General tab and choose "Use the following IP address" and for the IP address enter the IP you would like to use (the one you picked from your subnet earlier) and for the Subnet Mask enter the subnet mask you got when your ran ipconfig /all, same goes for the Default Gateway. Now select "Use the following DNS server addresses" and enter the information you got earlier. Now just click OK. Test that it worked, try to refresh a website and if it works you know everything is okay and you are connected. To make sure the change worked type ipconfig again and the IP address should have changed to your new one.

IV. DDoS & DoS Protection

If your firewall shows that you are being DDoSed, this is usually when you are constantly getting attempted UDP connections several times a second from either the same IP address or multiple IP addresses (DDoS), you can protect your self by changing your IP address via the method I described above.

V. Web servers & Other Services

If you know someone on your IP range is running a web server and he or she has pissed you off or you just like messing around you can "steal" their IP address so any DNS going to that IP will show your site instead because you would be running a web server yourself.

To "steal" an IP is to basically use the changing IP address method above and picking an IP that someone that is running a web server has in use. Often you will be able to keep that IP at least for some time, other times you wont be able to use it so just keep trying until it works. You your self will need to have a web server on the same port with your message. You can do this with other services too. You can also DoS or DDoS the IP address you are trying to steal to kick him off the net, but I don't recommend as its pretty illegal, an your ISP will get pissed ;)

Read More