➠ Cloudflare Public Bug Bounty: Using special IPv4-mapped IPv6 addresses to bypass local IP ban
➠ Komplette Nachricht lesen
By using IPv4-mapped IPv6 addresses there was a way to bypass Cloudflare server's network protections and start connections to ports on the loopback (127.0.0.1) or internal IP addresses (such as 10.0.0.1). The bug was caused by the way a Go library interprets mapped IP addresses and how our code was checking for banned IPs. The code was fixed and now checks both IPv4 and IPv6 properly. Cloudflare has checks in place to block requests destined for banned IP addresses like local and reserved IP ranges. It was possible to bypass these restrictions using proxied AAAA records containing IPv4-mapped IPv6 addresses (e.g. ::ffff:127.0.0.1 and ::ffff:10.0.0.1). This made it possible to access HTTP services listening on the loopback interface of the edge server handling the request, as well as the internal IP addresses of other hosts on the local......
➤ Ähnliche Beiträge für 'Cloudflare Public Bug Bounty: Using special IPv4-mapped IPv6 addresses to bypass local IP ban'
IPv6 mit der Fritzbox: Alles, was Sie wissen müssen vom 1790.87 Punkte
Wenn Sie hin und wieder einen Blick ins Menü Ihres Internetrouters werfen, stoßen Sie garantiert auf den Begriff „IPv6“. Auch bei den LAN- oder WLAN-Geräten, die sich im Netzwerk des Routers befinden, zum Beispiel in Ihrem Windows-PC, taucht
Windows 10 SDK Preview Build 18298 available now! vom 1070.63 Punkte
Today, we released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 18298 or greater). The Preview SDK Build 18298 contains bug fixes and under development changes to the API surface area.
Windows 10 SDK Preview Build 18950 available now! vom 718.6 Punkte
Today, we released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 18950 or greater). The Preview SDK Build 18950 contains bug fixes and under development changes to the API surface area. The Preview SD
Windows 10 SDK Preview Build 18290 available now! vom 700.79 Punkte
Today, we released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 18290 or greater). The Preview SDK Build 18290 contains bug fixes and under development changes to the API surface area.
Rebuild All currently doesn't work properly vom 696.07 Punkte
For the modern .NET projects, you’ll notice that if you alter a file that is to be included in the resources and rebuild the entire solution using the Rebuild All button, you’ll notice that you can’t run the application properly, because you’ll se
IPV6 Migration Guide for Developers using AWS EC2 -- A Primer vom 550.73 Punkte
Originally on tonym.us With the news that AWS will be now charging about $4 / instance-month for public IPv4 addresses, many developers who procrastinated ipv6 migration are finally updating both ends of their development setup. It's a great time
Create event-driven applications with Cloudflare queues and Dapr vom 522.81 Punkte
In this post, you’ll learn how to build a cloud to edge event-driven application with Dapr and Cloudflare. You’ll learn how to create: A Cloudflare queue. A consumer Cloudflare worker (in TypeScript) that reads messages from the queue. A producer D
Windows 10 SDK Preview Build 18282 available now! vom 497.17 Punkte
Today, we released a new Windows 10 Preview Build of the SDK to be used in conjunction with Windows 10 Insider Preview (Build 18282 or greater). The Preview SDK Build 18282 contains bug fixes and under development changes to the API surface area.
What is Cloudflare VPN? vom 474.11 Punkte
Leveraging its content delivery network and DDoS protection infrastructure, Cloudflare has expanded its services to include Secure Access Service Edge (SASE). Companies can adopt a subset of Cloudflare’s SASE offering to create a Zero Trust alternative to their legacy VPN systems
SCMKit - Source Code Management Attack Toolkit vom 407.32 Punkte
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the
StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit vom 405.95 Punkte
StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution to perform resource based constrained delegation. However, StandIn quickly ballooned to include a number of comfort features.
Firewall bug as wget and curl work - but no web vom 397.09 Punkte
Hi So i got some issues with firewall setting and i strugle big time to see how a fix. From a linux minimal with xfce and openvpn install : Web do work fine, but when i lunch a normal openVpn client, it do connect , init sequence complete. I can ping , d