Getting the server ip from a hosted XenForo CMS
by kermer - November 03, 2019 at 11:59 AM
#1
The reason why use this trick is to determine the ip for the server of a XenForo CMS and bypass cloudflare or any DDOS protection. The user uses a ip logger in combination with the Preview Thread feature of XenForo to log the ip. This ip is the direct ip to the server without protection.

Keep in mind that this feature can be used to determine the location for a server even if the admin has strict rules to hide it's true location (May work with TOR/Onion addresses, but i don't have any at hand to test).

IP logger service
https://*BannedWebsite*

Example of a Preview Thread feature of XenForo
[Image: Hrp4q0oi_o.jpg]

Server logged ip
[Image: u6gQlzJ5_o.jpg]
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Continued using monetized links after being warned / Multi accounting (hacxx)
Reply
#2
Yes, if i'm not wrong Xenforo uses curl to get the page. Every time a user hits the preview button it generate a hit in the target machine, if you point to a logger you can track the location.
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Continued using monetized links after being warned / Multi accounting (hacxx)
Reply
#3
nice post OP looks cool
Reply
#4
Wow I didn't know this was possible.
Reply
#5
Thanks for sharing this with us
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
How to avoid getting scammed on RF thu 67 24,691 November 29, 2021 at 02:56 AM
Last Post: barcodename
How to avoid getting scammed Lycanroc 2 112 November 25, 2021 at 03:45 PM
Last Post: Lycanroc
Car Hacking Ebook and More: Getting Started With Vehicle Hacking Nose 36 3,838 November 07, 2021 at 08:08 AM
Last Post: human69

 Users browsing this thread: 1 Guest(s)