From eb64db5763ccb8c2dc6eaabccd5b762e89f69761 Mon Sep 17 00:00:00 2001
From: sp00fing <123342934+sp00fing@users.noreply.github.com>
Date: Fri, 27 Jan 2023 01:04:41 +0300
Subject: [PATCH] Add files via upload

---
 .../CloudUnflare/cloudunflare.bash            | 130 ++++++++++++++++
 domain resolver/CloudUnflare/faq.txt          |  13 ++
 domain resolver/CloudUnflare/subdomains.txt   |  67 +++++++++
 domain resolver/WAF-BYPASS/bypass-waf.php     | 140 ++++++++++++++++++
 domain resolver/WAF-BYPASS/faq.txt            |  11 ++
 5 files changed, 361 insertions(+)
 create mode 100644 domain resolver/CloudUnflare/cloudunflare.bash
 create mode 100644 domain resolver/CloudUnflare/faq.txt
 create mode 100644 domain resolver/CloudUnflare/subdomains.txt
 create mode 100644 domain resolver/WAF-BYPASS/bypass-waf.php
 create mode 100644 domain resolver/WAF-BYPASS/faq.txt

diff --git a/domain resolver/CloudUnflare/cloudunflare.bash b/domain resolver/CloudUnflare/cloudunflare.bash
new file mode 100644
index 0000000..aba40bc
--- /dev/null
+++ b/domain resolver/CloudUnflare/cloudunflare.bash	
@@ -0,0 +1,130 @@
+#!/bin/bash
+# CloudUnflare
+
+CompleteDNS_Login='email@mail.com|password'
+
+if [[ -z $(command -v dig) ]]; then
+	echo " ERROR: \"dig\" command not found"
+	exit
+elif [[ -z $(command -v curl) ]]; then
+	echo " ERROR: \"curl\" command not found"
+	exit
+elif [[ -z $(command -v whois) ]]; then
+	echo " ERROR: \"whois\" command not found"
+	exit
+fi
+
+echo '       __                          '
+echo '    __(  )_       CLOUDFLARE       '
+echo ' __(       )_   RECONNAISSANCE     '
+echo '(____________)__ _  V 0.2          '
+echo ' _   _ _ __  / _| | __ _ _ __ ___  '
+echo '| | | | `_ \| |_| |/ _` | `__/ _ \ '
+echo '| |_| | | | |  _| | (_| | | |  __/ '
+echo ' \__,_|_| |_|_| |_|\__,_|_|  \___| '
+echo ''
+
+if [[ -f cuf-domain.tmp ]]; then
+	rm cuf-domain.tmp
+elif [[ -f cuf-ipaddr.tmp ]]; then
+	rm cuf-ipaddr.tmp
+fi
+
+echo " Input domain name"
+echo " Example: google.com"
+echo -ne " >> "
+read DOMAIN
+echo ''
+
+if [[ -z $(dig +short ${DOMAIN}) ]]; then
+	if [[ -z $(whois ${DOMAIN} | grep -i 'Domain Name:') ]]; then
+		echo " ERROR: Domain not found"
+		exit
+	fi
+fi
+
+function Dig() {
+	D=$1
+	echo " INFO: Checking ${D}"
+	for DMN in $(dig +short ${D} | grep '[.]'$ | sed 's/[.]$//g' | sort -V | uniq)
+	do
+		echo "   + CNAME: ${DMN}"
+	done
+	for IP in $(dig +short ${D} | grep [0-9]$ | sort -V | uniq)
+	do
+		VENDOR=$(curl -s "https://rdap.arin.net/registry/ip/${IP}" -H 'User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed | sed 's/",/\n/g' | grep '"name"' | sed 's/://g' | sed 's/"//g' | awk '{print $2}')
+		echo "   + ${IP} [${VENDOR}]"
+	done
+}
+
+Dig ${DOMAIN}
+
+i=0
+c=0
+max=$(cat `dirname $(realpath $0)`/subdomains.txt | wc -l)
+for SUBD in $(cat `dirname $(realpath $0)`/subdomains.txt)
+do
+	((i++))
+	SUBDOMAIN=${SUBD}.${DOMAIN}
+	if [[ ! -z $(dig +short ${SUBDOMAIN}) ]]; then
+		Dig ${SUBDOMAIN}
+	else
+		((c++))
+		if [[ $(expr $c % 20) -eq 0 ]]; then
+			echo " INFO: Subdomain enumeration progress [${i}/${max}]"
+		fi
+	fi
+done
+
+function CompleteDNS() {
+	DMN=${1}
+	CRE=${2}
+	EMAIL=$(echo ${CRE} | awk -F '|' '{print $1}')
+	PASS=$(echo ${CRE} | awk -F '|' '{print $2}')
+	TOKEN=$(curl -s --cookie-jar cookie.txt https://completedns.com/login | grep '_csrf_token' | sed 's/value="/\nToken /g' | grep ^Token | sed 's/"//g' | awk '{print $2}')
+	if [[ ! -z $(curl -skL --cookie cookie.txt --cookie-jar cookie.txt 'https://completedns.com/login_check' --data "_csrf_token=${TOKEN}&_username=${EMAIL}&_password=${PASS}&submitButton=" | grep 'Invalid credentials.') ]]; then
+		echo " ERROR: CompleteDNS cannot login"
+		return 1
+	fi
+	if [[ -f completedns.tmp ]]; then
+		rm completedns.tmp
+	fi
+	curl -s --cookie cookie.txt https://completedns.com/dns-history/ajax/?domain=${DMN} &>> completedns.tmp
+	echo " INFO: NS History by CompleteDNS.com"
+	i=0
+	IFS=$'\n'
+	for NSROW in $(cat completedns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/clearfix/\n/g' | sed 's/col-md-2/\nASULAH/g' | grep ASULAH | sed 's/  //g' | sed 's/>/ /g' | sed 's/</ /g');
+	do
+		((i++))
+		echo "${NSROW}" | awk '{print "   + "$11"/"$10"/"$5}'
+		echo "${NSROW}" | sed 's/br \//\nNSLine /g' | grep -v '"' | grep -v '/' | awk '{print "       * "$2}'
+	done
+	if [[ ${i} -lt 1 ]]; then
+		echo "   * Empty"
+	fi
+	if [[ -f completedns.tmp ]]; then
+		rm completedns.tmp
+	elif [[ -f cookie.txt ]]; then
+		rm cookie.txt
+	fi
+}
+
+CompleteDNS "${DOMAIN}" "${CompleteDNS_Login}"
+
+function ViewDNS() {
+	DMN="${1}"
+	if [[ -f viewdns.tmp ]]; then
+		rm viewdns.tmp
+	fi
+	curl -s "https://viewdns.info/iphistory/?domain=${DMN}" -H 'user-agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed &>> viewdns.tmp
+	COUNT=$(cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print "   + "$4" | "$1" | "$3"("$2")"}' | sort -V | wc -l);
+	if [[ ${COUNT} -lt 1 ]]; then
+		echo " ERROR: No IP History data in ViewDNS.info"
+	else
+		echo " INFO: IP History by ViewDNS.info"
+		cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print "   + "$4" | "$1" | "$3"("$2")"}' | sort -V
+	fi
+	rm viewdns.tmp
+}
+
+ViewDNS ${DOMAIN}
diff --git a/domain resolver/CloudUnflare/faq.txt b/domain resolver/CloudUnflare/faq.txt
new file mode 100644
index 0000000..baca5fc
--- /dev/null
+++ b/domain resolver/CloudUnflare/faq.txt	
@@ -0,0 +1,13 @@
+1. CompleteDNS API
+Create an account at completedns.com and verify first.
+Input your email and password on CompleteDNS_Login variable in cloudunflare.bash.
+
+2. Installation
+
+apt-get install curl dnsutils whois -y
+
+3. Command
+
+cd CloudUnflare
+
+bash cloudunflare.bash
\ No newline at end of file
diff --git a/domain resolver/CloudUnflare/subdomains.txt b/domain resolver/CloudUnflare/subdomains.txt
new file mode 100644
index 0000000..cd9cf52
--- /dev/null
+++ b/domain resolver/CloudUnflare/subdomains.txt	
@@ -0,0 +1,67 @@
+1
+1rer
+2
+2tty
+admin
+api
+app
+bbs
+blog
+cdn
+cloud
+demo
+dev
+devel
+development
+doc
+docs
+documentation
+email
+exchange
+file
+files
+forum
+ftp
+gate
+gateway
+gov
+govyty
+gw
+hgfgdf
+host
+image
+images
+img
+lkjkui
+m
+mail
+mail1
+mail2
+mx
+mx1
+news
+ns
+ns1
+ns2
+owa
+pop
+pop3
+portal
+remote
+secure
+server
+shop
+smtp
+staging
+store
+support
+test
+ticket
+ticketing
+vpn
+vps
+web
+webmail
+ww1
+ww42
+www2
diff --git a/domain resolver/WAF-BYPASS/bypass-waf.php b/domain resolver/WAF-BYPASS/bypass-waf.php
new file mode 100644
index 0000000..0b449fe
--- /dev/null
+++ b/domain resolver/WAF-BYPASS/bypass-waf.php	
@@ -0,0 +1,140 @@
+<?php
+// my code bypass-waf is here!
+
+@ini_set('display_errors', 0); error_reporting(0); @ini_set('output_buffering', 'Off'); @ini_set('implicit_flush', 1); @ini_set('zlib.output_compression', 0); ob_implicit_flush(1); $cf = basename($_SERVER['SCRIPT_FILENAME']);
+
+if(!empty($_GET['url'])){
+     $url = urldecode($_GET['url']); 
+    }
+    elseif(!empty($argv[1])){ 
+        $url = $argv[1]; 
+    }else{
+    system("clear");
+         die("
+\033[0;36m          
+\033[0;36m Bypass-Waf            \033[1;97m\033[4;37mCloudFlare Bypass Hostname\e[0;0m \033[4;31mVersion1.0\e[0;0m
+\033[0;36m                 \e[0;0mAuthor : Yousuf Shafi'i Muhammad Junior Programmer.
+\033[0;36m(           \e[0;0m[!] legal disclaimer: Usage of bypass-waf for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program... I hope for you good future and i am willing that you will come high effort.
+                sites  : muhammadabdirahman.wixsite.com/yousuf9963blog.
+                Github : https://github.com/Yousuf9963/bypass-waf.
+                          I hope You Like This Tool.            
+                                  Thank you.
+\033[45m-------------------------------\e[0;0m[\e[0m\e[1;91m NOTES \e[0;0m]\033[45m---------------------------------------\e[0;0m
+This tools can help you to see the real \033[1;97m\033[4;37mIP\e[0;0m behind \033[1;97m\033[4;37mCloudFlare\e[0;0m protected websites
+    \033[1;91m❝\033[1;36m Not all websites with cloudflare WAF can be bypassed with this tool \033[1;91m❞
+\033[1;92m    - \033[1;97mHow do I run it?\e[0;0m
+\033[1;92m    - \033[1;97mCommand: \033[1;37m./$cf\e[0;0m \033[1;97mexemple.com\e[0;0m
+         \n"); 
+        }
+        
+$alert = "
+\033[0;36m          
+\033[0;36m              \033[1;97m\033[4;37mCloudFlare Bypass Waf\e[0;0m \033[4;31mv2.2\e[0;0m
+\033[0;36m                \e[0;0mAuthor : Yousuf Shafi'i Muhammad Junior Programmer.
+\033[0;36m(         \e[0;0mContact: https://github.com/Yousuf9963
+                Sites  : muhammadabdirahman.wixsite.com/yousuf9963blog.
+\033[45m-------------------------------\e[0;0m[\e[0m\e[1;91m ALERT \e[0;0m]\033[45m---------------------------------------\e[0;0m
+    \033[1;91m❝\033[1;36m Not all websites with cloudflare WAF can be bypassed with this tool \033[1;91m❞
+";
+
+system("clear");
+
+echo "\033[1;92mScanning: \033[1;97m\033[4;37m".htmlspecialchars(addslashes($url))."\e[0;0m\n";
+
+function showProgressBar($percentage, int $numDecimalPlaces)
+{
+    $percentageStringLength = 4;
+    if ($numDecimalPlaces > 0)
+    {
+        $percentageStringLength += ($numDecimalPlaces + 1);
+    }
+
+    $percentageString = number_format($percentage, $numDecimalPlaces) . '%';
+    $percentageString = str_pad($percentageString, $percentageStringLength, " ", STR_PAD_LEFT);
+
+    $percentageStringLength += 3;
+
+    $terminalWidth = `tput cols`;
+    $barWidth = $terminalWidth - ($percentageStringLength) - 2;
+    $numBars = round(($percentage) / 100 * ($barWidth));
+    $numEmptyBars = $barWidth - $numBars;
+
+    $barsString = '[' . str_repeat("\033[0;92m#\e[0;0m", ($numBars)) . str_repeat(" ", ($numEmptyBars)) . ']';
+
+    echo "($percentageString) " . $barsString . "\r";
+}
+
+//$level = ob_get_level();
+$total = '1000';
+for ($i=0; $i<$total; $i++) 
+{
+    $percentage = $i / $total * 100;
+    showProgressBar($percentage, 2); ob_end_flush();
+} 
+
+ob_start();
+
+// Replace URL
+$url = str_replace("www.", "", $url);
+$url = str_replace("http://", "", $url);
+$url = str_replace("https://", "", $url);
+$url = str_replace("/", "", $url);
+
+// sudo apt install php-curl
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL,"https://crimeflare.herokuapp.com/?url=".htmlspecialchars(addslashes($url)).""); // CrimeFlare API v2.1
+curl_setopt($ch, CURLOPT_POST, 1); 
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
+$exec = curl_exec($ch);
+curl_close ($ch);
+
+ob_end_flush(); sleep(2); system("clear");
+
+$logo = "\033[0;92m  ______                                       
+____                               __        __     __
+| __ ) _   _ _ __   __ _ ___ ___    \ \      / /_ _ / _|
+|  _ \| | | | '_ \ / _` / __/ __|____\ \ /\ / / _` | |_
+| |_) | |_| | |_) | (_| \__ \__ \_____\ V  V / (_| |  _|
+|____/ \__, | .__/ \__,_|___/___/      \_/\_/ \__,_|_|
+       |___/|_|
+\e[0;0m \033[4;31mv2.2\e[0;0m
+";
+
+if(!empty($exec)) {
+    $cloudflare = gethostbyname(htmlspecialchars(addslashes($url)));
+    preg_match('/(\d*\.\d*\.\d*\.\d*)/s', $exec, $ip); // Regex Real IP CloudFlare
+    if(empty($ip[1])){
+        exit("$alert
+\033[1;92m    -\e[0;0m Unable to detect \033[1;97mIP\e[0;0m address from (\033[1;97m\033[4;37m".htmlspecialchars(addslashes($url))."\e[0;0m)
+        \n"); 
+    }
+
+    $data = json_decode(file_get_contents("http://ip-api.com/json/".$ip[1]."?fields=status,message,country,countryCode,region,regionName,city,district,zip,lat,lon,timezone,offset,currency,isp,org,as,asname,reverse,query")); $token = "51a986ffa5ddb1"; $get = json_decode(file_get_contents("http://ipinfo.io/$ip[1]/json?token=$token")); $host = file_get_contents("https://get.geojs.io/v1/dns/ptr/$ip[1]"); $host = str_replace("\n", "", $host); $host = str_replace("Failed to get PTR record", "\e[0;0m\033[4;31mNot detected\e[0;0m", $host); $dns = dns_get_record( $url, DNS_NS); $ns1 = $dns[0]['target']; $ns2 = $dns[1]['target'];
+    $geo = json_decode(file_get_contents("https://get.geojs.io/v1/ip/country/".$ip[1].".json"));
+
+
+    print_r ("$logo
+        Website Target  : $url
+        CloudFlare IP   : $cloudflare
+        CloudFlare NS1  : $ns1
+        CloudFlare NS2  : $ns2
+        \033[1;92m--------------------------------------------------------------------------------\e[0;0m
+        Real IP Address : $get->ip
+        Hostname        : $host
+        Company         : $data->org
+        Country         : $geo->name
+        Address         : $get->country, $get->city, $get->region
+        Location        : $get->loc
+        Time Zone       : $get->timezone
+        \n");
+    } else {
+        echo "$alert
+\033[1;92m    -\e[0;0m \e[0;0m\033[4;31mit seems to be a problem with your network!\e[0;0m\n
+        \n";
+    }
+
+ob_flush(); flush();
+
+
+
+?>
diff --git a/domain resolver/WAF-BYPASS/faq.txt b/domain resolver/WAF-BYPASS/faq.txt
new file mode 100644
index 0000000..f2aacf1
--- /dev/null
+++ b/domain resolver/WAF-BYPASS/faq.txt	
@@ -0,0 +1,11 @@
+Installation:
+
+pkg update && pkg upgrade -y
+
+pkg install git
+
+pkg install php
+
+cd WAF-BYPASS
+
+php bypass-waf.php exa123mple.com
\ No newline at end of file