A few months ago, I submitted what looked like a bug to CloudFlare’s bug bounty program. But according to them, my submission was not considered a security issue and they said they were “ignoring” me!
If you’ve ever tried using Tor to access a site like shodan.io, you know how annoying captchas can be!
First, we need to register a domain name, say free. tk domain name is enough, then use it to create a CloudFlare account. After CloudFlare has verified the validity of the domain name, we also need to add at least one valid DNS record and enable proxy mode.
Then add the path to your Worker: proxy.domain.com/*.
The use of the proxy is also very simple. I have provided a Python wrapper for you on my[https://github.com/jychp/cloudflare-bypass]we can use it like this:
You can try doing a WHOIS lookup on the result and you’ll see that it’s a CloudFlare IP, most likely the server running the worker.
At this point, if you try to send a request to your proxy through Tor, you will be blocked. So we need to add a rule to our CloudFlare firewall:
Now, you can use Tor and send requests to your proxy without requiring any captcha.
At this point, you can send requests to any website that uses CloudFlare. You can also try to request a website that shows your header, you will see something like this:
As you can see, X-FORWARDED-FOR can be used to send any value, so you can bypass server-side IP address request restrictions when doing web crawling or IP verification. The source IP is not forwarded to the target site, so the only way to block your server from sending requests is to filter out the CF-WORKER Header in the request.
However, according to CloudFlare, this is not a security breach:
So, you will be able to use your free CloudFlare account to send countless requests per day to scrape the resources you need, enjoy!