I tried using the tool ``CloakQuest3r'' that checks in one shot whether the IP address hidden by Cloudflare is visible.
Even if you use Cloudflare to hide your server's IP address, your IP address may be visible through your DNS history or subdomains. 'CloakQuest3r' is a tool that can check whether such a leak has occurred in one shot, so I actually tried using it.
spyboy-productions/CloakQuest3r: Uncover the true IP address of websites safeguarded by Cloudflare & Others
Cloudflare is a company that provides content delivery networks (CDN) and security services, with operations around the world including Japan. By accessing the server via Cloudflare, there are benefits such as caching content and reducing the load on the server, and Cloudflare reducing the load in the event of a DDoS attack.
However, if the server's IP address is leaked somewhere and a DDoS attack is launched directly against the original server, Cloudflare's defense system will be completely ineffective. This time, we will use CloakQuest3r on Debian 11 to check for such 'leaks'.
First, install all the necessary tools using the command below.
[code]sudo apt update
sudo apt-get install git-all python3 python3-pip -y[/code]
Next, clone the CloakQuest3r repository.
[code]git clone https://github.com/spyboy-productions/CloakQuest3r.git
cd CloakQuest3r[/code]
Install the dependent libraries using the command below.
[code]pip3 install -r requirements.txt[/code]
You are now ready. Just run 'cloakquest3r.py' as shown below and specify the domain you want to investigate with the argument.
[code]python3 cloakquest3r.py gigazine.net[/code]
In addition to the IP address currently associated with the domain, the history of the IP address by Viewdns was displayed. The nearby IP address belongs to Cloudflare.
The IP address history was recorded from 2014. If you continue to use the IP address you were using when you installed Cloudflare, these records will reveal the server's IP address.
CloakQuest3r also checks subdomains. If the server's IP address is not displayed in the IP address history or subdomain IP address, there is no problem.
The results on gigazine.net are too long to display in their entirety, but the image of the entire output attached to the CloakQuest3r page is as follows.
Related Posts: