| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHEi47A19cZbmbSNZZxRutkw=BZhJ-SHeAMjhddkRFQ1ERw8XA@mail.gmail.com> Date: Wed, 13 Nov 2019 10:56:26 +0000 From: Hacxx Under 2 <hacxx20@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Getting the server ip from a hosted XenForo CMS The reason why use this trick is to determine the ip for the server of a XenForo CMS and bypass cloudflare or any DDOS protection. The user uses a ip logger in combination with the Preview Thread feature of XenForo to log the ip. This ip is the direct ip to the server without protection. Keep in mind that this feature can be used to determine the location for a server even if the admin has strict rules to hide it's true location (May work with TOR/Onion addresses, but i don't have any at hand to test). IP logger service https://iplogger.org Example of a Preview Thread feature of XenForo https://images2.imgbox.com/0d/ab/Hrp4q0oi_o.jpg Server logged ip[/b] https://images2.imgbox.com/74/6b/u6gQlzJ5_o.jpg https://spyhackerz.org/forum/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists