CDN Cracker is a script designed to check a list of IP addresses for their association with a specific domain by analyzing the HTML title of their corresponding websites. It utilizes concurrent execution to efficiently process multiple IP addresses simultaneously.
- Checks a list of IP addresses for their association with a specific domain.
- Bypasses CDNs such as Cloudflare, Cloudflarenet, Akamai, and others by directly sending requests to the IP addresses.
- Analyzes the HTML title element of the website response to determine association.
- After association it scans for the element.
- If the element is found within the response, the CDN can be bypassed by sending requests directly, with the host header set to the target/victim.
Please note that CDN Cracker is currently in the early alpha state, and it may contain bugs or unexpected behavior. Use it at your own risk.
For educational purposes only!
- Python 3.x
- Masscan
- Bash
- Clone the repository:
git clone https://github.com/ChuckNorr1s/cdn-cracker.git- Navigate to the project directory:
cd cdn-cracker- Install the required dependencies:
chmod +x setup.sh && ./setup.shpython3 cdn-cracker.py [target_title] [file_path] [domain]Arguments:
target_title: The target HTML title to search forfile_path: The file path to save the resultsdomain: The domain name to modify the Host header
python3 get-ips.py [network_range]Replace [network_range] with the desired IP range to scan. For example:
python3 get-ips.py 192.168.0.0/24The script will use masscan to scan the specified IP range for open ports (80 and 443) and generate the results in a ips.txt file.
1.Set up the required environment variables:
SHODAN_API_KEY: Your Shodan API key.CENSYS_API_ID: Your Censys API ID.CENSYS_API_SECRET: Your Censys API secret.
-
Run the script using the following command:
python3 lite-scout.py "your-query"Replace
"your-query"with the specific query you want to use for IP address extraction.Example:
python3 lite-scout.py "hostname:example.com" -
The script will retrieve results from the Shodan and Censys APIs, extract the IP addresses, and save them to a file named
ips.txtin the project directory.Results saved to ips.txt
- Disable SSL warnings: The script disables SSL warnings to allow connections to websites with invalid or self-signed certificates. Use caution and ensure the target websites are trusted.
- IP Address File: The script reads IP addresses from a file named
ips.txt. Make sure to provide the file with the desired IP addresses to check. - Maximum Threads: The maximum number of concurrent threads for execution is set to 100 by default. Adjust this value (
num_threads) based on your system's capabilities and network conditions.
To check if the HTML title of each IP address's corresponding website contains the target title "Example Domain" and save the results to a file named results.txt:
python3 cdn-cracker.py "Example Domain" results.txt example.comThe script provides progress updates during execution, indicating the percentage of completed IP addresses and the elapsed and remaining time. The timing format is displayed in hours, minutes, and seconds.
CDN Cracker is in the early alpha stage, and it may contain bugs or issues. If you encounter any problems or have suggestions for improvement, please open an issue on the GitHub repository.
CDN Cracker is an open-source project, and contributions are welcome. If you have any suggestions, bug fixes, or improvements, please feel free to submit a pull request.
This project is licensed under the MIT License.