Hello and welcome to my Third tutorial on Cloudflare.
In this tutorial we will try to Bypass Cloudflare and get the real IP Address by attacking the DNS Server.
You are suggested to read basic on Information Gathering and DNS before you start reading it out, if you are already comfirtable with all these terms and basics of DNS then you can continue.
So how can we actually target the DNS to get the real IP hidden behind Cloudflare, actually we will check all the DNS entries and then the subdomains. What heppens is that many times admin forget to transfer all the subdomains correctly to the cloudflare server and many times some MX enteries or other enteries may be left. Which will cause it to reveal the IP address
Before you continue first understand the basic usage of dig from Collecting DNS info with DIG
Now i will check out the DNS records avaiable for tv.com.pk
Here you can note that a suspecius MS entry "dc-329b0f0f-mail.tv.com.pk", now try to ping it and you will again get the real IP address of the website. In this manner you can check all the DNS enteries and see if any of them is still directly resolving to the real IP Address
You can also try some common subdomain to check for the real IP.
Foca or Fierce can also be used to enumerate subdomains and then find the real IP address using them, i do not need to tell you how to use Foca and Fierce as they are already discussed in our Information Gathering tutorials.
Thats all for cloudflare bypass by targetting DNS in this part, we ll use some other approaches in the other parts of Bypassing Cloudflare see you in the next tutorial of Cloudflare Bypass.
Author : Zenodermus Javanicus
Date : 2014-03-01