Hello and welcome to my Forth tutorial on Cloudflare.
In this tutorial we will try to Bypass Cloudflare and get the real IP Address by attacking the Email Server.
You are suggested to read basic on Information Gathering and DNS before you start reading it out, if you are already comfirtable with all these terms and basics of DNS and Mail Servers then you can continue.
This time we will try and find out if there is any functionality on the target website using which it can send us and email like many websites send a confirmation when contacting then with countact-us form, you can try sending any query, if there is any register functionality on the website using which you will get a confirmation mail etc. What we want is just an email from the website because with the email we will also get the real IP address of the website.
Let me show you an example of finding out the IP address using email. When you receive an email on gmail click on "Show Original" then search for the last "Received: from" in the text, and you ll get the real IP address.
Now we will discuss the second way using which we can find out the real IP of a website is just to send a mail to email@example.com you may get an error from the real IP address, check the error mail click "Show Original" then search for " Google tried to deliver your message, but it was rejected by the server for the recipient domain targetdomain.com by targetdomain.com. . " in the text. That Ip Address will be the real IP Address of the the website. I tried and got the error mail after 1 day. If you are lucky you may get it faster. But still i guess if the Admin change his nameservers for any settings anytime. You will get your error email that same time.
Thats all for cloudflare bypass, thanxz for reading, do not forget to check out other fantastic tutorials on Hacking and pentesting.
Keep sharing and keep learning.
Author : Zenodermus Javanicus
Date : 2014-03-01