Removed
If it ends in 215, that ain't it. Send me a PM with the IP if you find it.
Removed
Code: Select all
ping systechforum.net -4
Pinging systechforum.net [104.28.23.23] with 32 bytes of data:
The real IP, sometimes referred to as a RIP, is not needed to compromise a server. There are only two things that must be true for a technical breach (i.e. not social engineering):John connor wrote:Yeah, it was PHPlist. https://blog.sucuri.net/2013/09/securit ... b-com.html
Could have sworn there was an early hack involving some leaked passwords. Maybe that was just a website/server issue or something. It was like last year when the site was down for like three weeks.
Edit-
Yeah, 2014 https://theadminzone.com/threads/phpbb- ... 392/page-2
Here's the announcement. viewtopic.php?f=14&t=2283426
Was a server attack. It's why I mask my IP with CloudFlare and delete the MX record and use Gmail as the E-mail service. The MX record gives away the real IP. I have yet to find my real IP with a CloudFlare resolver. It does show the old IP though. That's because I wasn't using CF and those CF resolver websites grabbed it in the plain.
You don't have a website? I'm pretty sure you do, so you have at least a webserver running, which means you at least have HTTP exposed.John connor wrote:CloudFlare doesn't have any of those ports open....
Okay, let's take a step back. Let's establish a few things:John connor wrote:HTTP port 80 goes through CloudFlare.
I did an Nmap on my domain and CloudFlare shows their open ports, but this IP address that CloudFlare (the reverse proxy) uses several websites that fall under 104.28.23.23 which is the IP I have. I'm not understanding how just a port would allow a hack when you also need the real IP address. A port is just a port and means nothing without an IP associated to it. In my case the IP for my website goes to 104.28.23.23 which is CloudFlare. Any open port there would be CloudFlare's and only CloudFlare's. Which means hacking say, SSH or FTP on 104.28.23.23 would be for CloudFlare and not my website's true IP address.
HTTP, yes.John connor wrote:Okay, yes, they would have to deal with CloudFlare that has safeguards like a WAF. But it won't be through SSH, FTP, etc. Since the real IP is not known and any port open on my IP that CloudFlare issues would be theirs and only theirs.
So to summarize. An attack would have to be at the application layer and not through SSH, HTTP, FTP, etc.
SQL injection, traversal attacks, etc.
It was just that you said that all you needed was a port and I was saying my real IP is hiding behind CloudFlare. I mentioned above I have yet to find my real IP using everything and anything thought of and read about. I did mention that if my IP shows up ending in 215 that was not it as that as that was old.
K?John connor wrote:Funny that offensive-security.com uses the reverse proxy Securi. Looks like they use OVH though.
You asked if there are real jobs for pen testers, but then state that you used a pen tester program to test your own website. I think you know the answer.John connor wrote:Question: Are there real jobs for Pen testers? Do they pay well? I have a Pen tester program that I have used to test my own website.
Techie-Micheal wrote:The real IP, sometimes referred to as a RIP, is not needed to compromise a server. There are only two things that must be true for a technical breach (i.e. not social engineering):
- Accessibility of a service (HTTP, SMTP, FTP, SSH, ...)
- A vulnerability in that given service
Hiding behind a proxy does not prevent an attack. What a proxy like CloudFlare does give you is the ability to implement additional controls. However, if you are running out of date software or misconfigured software, and CloudFlare does not block through a WAF or other firewall, your real server will get owned. That does not require knowledge of the RIP.
Having compromised many a server, I usually don't find the RIP until I get in to the server behind the load balancers and proxies.
Let's go through this one more again. CloudFlare is a proxy. It sends traffic to your server. That traffic is application traffic as well as HTTP, because your webserver, which understands HTTP to process the request, has to provide a response. So, back to what I said:John connor wrote:HTTP port 80 goes through CloudFlare.
If you have genuine questions, ask. Rude behavior, however, is not welcome.Techie-Micheal wrote:However, if you are running out of date software or misconfigured software, and CloudFlare does not block through a WAF or other firewall, your real server will get owned.
Techie-Micheal wrote: However, if you are running out of date software or misconfigured software, and CloudFlare does not block through a WAF or other firewall, your real server will get owned.
Yes, I know that CloudFlare has a WAF. But that doesn't mean everything will get caught by the WAF. And bypasses do exist.John connor wrote:Techie-Micheal wrote: However, if you are running out of date software or misconfigured software, and CloudFlare does not block through a WAF or other firewall, your real server will get owned.
https://www.cloudflare.com/waf/