dodox/cloudOnFire
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Getting ready to make repo public

Browse Source
This commit is contained in:
Dominik Moritz Roth 2022-05-13 17:28:35 +02:00
parent d7965df422
commit 219ce89cc5
2 changed files with 64 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -1,5 +1,11 @@
# CloudOnFire # CloudOnFire
## Notice
This is just a POC. Cloudflare sends your original IP inside the headers of every requests. Don't use this to do any bullshit.
## How it works
This script accepts PROXY-Calls on 9097 and tunnels them into the Edge of the Cloudflare Infrastructure. This script accepts PROXY-Calls on 9097 and tunnels them into the Edge of the Cloudflare Infrastructure.
This way you can access the Internet using a huge range of IPs, that change on every request and are considered clean. This way you can access the Internet using a huge range of IPs, that change on every request and are considered clean.
In order for this to work, we MITM all SSL-Trafic using our own certs. This means all websites with HSTS won't work. In order for this to work, we MITM all SSL-Trafic using our own certs. This means all websites with HSTS won't work.

58
worker.js Normal file
View File

@ -0,0 +1,58 @@
// This script has to be deployed as a worker on cloudflare
addEventListener('fetch', event => {
event.respondWith(forwardReq(event.request))
})
const TOKEN_HEADER = 'H-Token'
const TOKEN_VALUE = 'agfjkewjkfvasfhgkzuc'
const HOST_HEADER = 'H-Host'
const IP_HEADER = 'H-IP'
async function forwardReq(request) {
if (request.headers.get(TOKEN_HEADER) != TOKEN_VALUE) {
return new Response("Error 418 - I'm a Teapot")
}
let newHdrs = new Headers()
for (const [key, value] of request.headers) {
if (key.toLowerCase() == TOKEN_HEADER.toLowerCase()) {
continue;
}
if (key.toLowerCase() == HOST_HEADER.toLowerCase()) {
continue;
}
if (key.toLowerCase() == IP_HEADER.toLowerCase()) {
continue;
}
if (key.toLowerCase().startsWith('cf-')) {
continue;
}
if (key.toLowerCase() == 'x-forwarded-for') {
continue;
}
if (key.toLowerCase() == 'x-real-ip') {
continue;
}
newHdrs.set(key, value)
}
newHdrs.set('Host', request.headers.get(HOST_HEADER))
newHdrs.set('X-Forwarded-For', request.headers.get(IP_HEADER))
let address = ''
const url = new URL(request.url)
address = request.url.replace(url.hostname, request.headers.get(HOST_HEADER))
const init = {
body: request.body,
headers: newHdrs,
method: request.method
}
let response = await fetch (address, init);
return new Response(response.body, {
status: response.status,
statusText: response.statusText
})
}