Shulou(Shulou.com)06/01 Report--

This article focuses on "how to bypass the Bot protection mechanism of CloudFlare". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to bypass CloudFlare's Bot protection mechanism.

Words written in the front

A few months ago, I submitted what appeared to be a vulnerability to CloudFlare's vulnerability reward program. But according to them, what I submitted was not a security issue and said I was "ignored"!

CloudFlare provides a JavaScript Worker system that helps developers execute code on the CloudFlare server side. This feature is very common for static sites and maintenance pages, and is a big "treasure" for penetration testers (serverless ClearC, simple phishing agents, etc.). In this article, we will explore how to bypass CloudFlare's Bot protection mechanism.

Go straight to the point.

If you've ever tried to use Tor to visit a site like shodan.io, you know how annoying CAPTCHA can be!

First, we need to register a domain name, such as a free .tk domain name, and then use it to create a CloudFlare account. After CloudFlare verifies the validity of the domain name, we also need to add at least one valid DNS record and enable proxy mode.

Next, we need to create a JavaScript Worker to act as the direction agent (the complete code is available on GitHub: https://github.com/jychp/cloudflare-bypass). Create a new Worker, and then copy the contents of the copy/paste worker.js into it. You can customize the values of TOKEN_HEADER, TOKEN_VALUE, HOST_HEADER and IP_HEADER.

Then add the path to your Worker:proxy.domain.com/*.

Now, if you try to access proxy.domain.com, you will receive "Welcome to NGINX." The JavaScript code here is easy to understand. It will look for a specific Header and forward your request to a given domain name.

The use of the proxy is also very simple. I have provided you with a Python wrapper on my [https://github.com/jychp/cloudflare-bypass], and we can use it like this:

> from cfproxy import CFProxy > proxy = CFProxy ('proxy.domain.com',' A random User-Agent', '1.2.3.4') > req = proxy.get (' https://icanhazip.com')>>> print (req.status_code) 20000 > print (req.text) 108.162.229.50

You can try to execute a WHOIS query on the results, and you will find that it is a CloudFlare IP, probably the server running Worker.

At this point, if you try to send a request to your agent through Tor, you will be blocked. Therefore, we need to add a rule to our CloudFlare firewall:

Now you can use Tor and send requests to your agent without any CAPTCHA.

At this point, you can send a request to any website that uses CloudFlare. You can also try to request a website that displays your Header, and you will see the following message:

ACCEPT: * / * ACCEPT-ENCODING: gzipCDN-LOOP: cloudflare Subreqs=1CF-CONNECTING-IP: 2a06:98c0:3600::103 (could be any Cloudflare IP) CF-EW-VIA: 15CF-RAY: [REDACTED] CF-REQUEST-ID: [REDACTED] CF-VISITOR: {"scheme": "https"} CF-WORKER: yourdomain.com (OPSEC Warning!) CONNECTION: Keep-AliveHOST: www.whatismybrowser.comUSER-AGENT: My Random User-AgentX-FORWARDED-FOR: 1.2.3.4 (yes, we can override this header with whatever we want!) X-FORWARDED-PROTO: https

As you can see, X-FORWARDED-FOR can be used to send any value, so you can bypass the server-side IP address request limit when doing web resource crawling or IP verification. The source IP is not forwarded to the destination site, so the only way to block your server from sending requests is to filter out the CF-WORKER Header in the request.

But according to CloudFlare, this is not a security breach:

So you will be able to use your free CloudFlare account to send countless requests a day to crawl the resources you need, so enjoy it!

At this point, I believe you have a deeper understanding of "how to bypass the Bot protection mechanism of CloudFlare". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.