Chameleon - Website IP Address Seeker (CDN Unhidden)
What is CDN?
A content delivery network or content distribution network (CDN) is a large distributed system of servers deployed in multiple data centers across the Internet. The goal of a CDN is to serve content to end-users with high availability and high performance. CDNs serve a large fraction of the Internet content today, including web objects (text, graphics and scripts), downloadable objects (media files, software, documents), applications (e-commerce, portals), live streaming media, on-demand streaming media, and social networks.
Content providers such as media companies and e-commerce vendors pay CDN operators to deliver their content to their audience of end-users. In turn, a CDN pays ISPs, carriers, and network operators for hosting its servers in their data centers. Besides better performance and availability, CDNs also offload the traffic served directly from the content provider's origin infrastructure, resulting in possible cost savings for the content provider. In addition, CDNs provide the content provider a degree of protection from DoS attacks by using their large distributed server infrastructure to absorb the attack traffic. While most early CDNs served content using dedicated servers owned and operated by the CDN, there is a recent trend to use a hybrid model that uses P2P technology. In the hybrid model, content is served using both dedicated servers and other peer-user-owned computers as applicable.
*** Quote from Wikipedia
When the websites are using CDN, such as Cloudflare, their IP addresses may be hidden. However, those IP addresses can be retrieved by the following methods :
(We take Cloudflare as an example)
(1) CloudFlare-Watch
(2) Netcracft.net
(3) Fierce Domain Scan
(4) NoCloudAllowed by Allison Nixon
(5) Chameleon (this article)
Introduction
Chameleon is an Open Source project by Samiux under GPLv3. Chameleon is developing based on NoCloudAllowed.
As same as NoCloudAllowed (Perl script), Chameleon (Python script) assumes that the target website is within an IP address range(s). The IP address range(s) of a certain country can be obtained via IP2Location. Once you get a CIDR list of the country, you need to extract it to the IP addresses list.
For the comparsion, you need an *unique* string from the target site. Once the string is found, the findings will be recorded in a file for further processing.
For extracting the IP addresses from CIDR list that obtained from IP2Location, I use prips
. prips
is not installed in Kali Linux by default.
Chameleon is well tested on Kali Linux 1.1.0 and Ubuntu 14.04 LTS.
Limitation
If the IP address and/or the domain is not pointed to the web root directory, Chameleon cannot find the site as expected. Do NOT set the "--thread" too large as it will consume all your RAM.
Downloadwget http://www.infosec-ninjas.com/files/chameleon-0.0.3.tar.gz
tar -xvzf chameleon-0.0.3.tar.gz
sha1sum : dab2486c72d2745075d06698be0f693254dae0da chameleon-0.0.3.tar.gz
Please note that version 0.0.4 is released!
Changelog
FEB 22, 2015 - Version 0.0.1 (sha1sum : c2a7af574e0132ab19a8597ded97c13b5f94dece chameleon-0.0.1.tar.gz)
[+] First release
FEB 25, 2015 - Version 0.0.2 (sha1sum : 8714d5a8ef8566ff6d36adbbbbfaee65bff8a728 chameleon-0.0.2.tar.gz)
[+] Add input file for the ip address comparison
[+] Add timeout option
[-] Drop the single ip address for comparison
FEB 26, 2015 - Version 0.0.3 (sha1sum : dab2486c72d2745075d06698be0f693254dae0da chameleon-0.0.3.tar.gz)
[+] Add exceptional error handling
[+] Add threading option
[+] Add output file option
[+] Add batch of IP address per thread option
Usage
Usage: chameleon.py [options]
Options:
-h, --help show this help message and exit
-s SEARCHSTRING, --string=SEARCHSTRING
specify the unique string to search
-f INFILE, --file=INFILE
input file contains ip addresses for comparison
-p PROTO, --proto=PROTO
protocol to use, http or https
-o TIMEOUT, --timeout=TIMEOUT
timeout, default 2 seconds
-t NUMTHREAD, --thread=NUMTHREAD
number of threading, default is 1
-w OUTFILE, --write=OUTFILE
output file for findings, default is find.txt
-b BATCH, --batch=BATCH
batch of IP address per thread, default is 1
Example : python chameleon.py -s github -f ip-addresses.txt -p https -b 10 -t 1000 -w github.txt -o 3
Original link
That's all! See you.