mandatoryprogrammer · anshumanbh · Aug 4, 2017 · Aug 4, 2017 · Aug 4, 2017 · Jul 18, 2018
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+env/
+.vscode/
+*.csv
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,13 @@
+FROM python:2.7
+
+MAINTAINER anshuman.bhartiya@gmail.com
+
+RUN mkdir /opt/cloudflare-enum
+WORKDIR /opt/cloudflare-enum
+
+RUN pip install requests
+RUN pip install bs4
+
+ADD cloudflare_enum.py /opt/cloudflare-enum/
+
+ENTRYPOINT ["./cloudflare_enum.py"]
diff --git a/README.md b/README.md
@@ -2,38 +2,23 @@
 
 A simple tool to allow easy querying of Cloudflare's DNS data written in Python.
 
-```sh
-mandatory@mandatorys-box /t/cloudflare_enum> ./cloudflare_enum.py thehackerblog@yopmail.com Testing1 disney.com
-[ STATUS ] Logging in to Cloudflare...
-[ SUCCESS ] Login was successful!
-[ STATUS ] Adding domain to Cloudflare...
-[ SUCCESS ] Querying Cloudflare DNS archives...
-A: disney.com -> 199.181.132.249
-A: api.disney.com -> 96.45.49.200
-A: app.disney.com -> 208.218.3.17
-A: apps.disney.com -> 199.181.132.250
-A: archive.disney.com -> 198.105.199.57
-A: archives.disney.com -> 199.181.132.250
-A: data.disney.com -> 10.190.71.248
-A: feeds.disney.com -> 198.105.197.192
-A: home.disney.com -> 199.181.132.250
-A: huey11.disney.com -> 192.195.66.12
-A: huey.disney.com -> 204.128.192.10
-A: localhost.disney.com -> 127.0.0.1
-A: louie.disney.com -> 204.128.192.30
-A: mail2.disney.com -> 204.128.192.16
-A: mail.disney.com -> 204.128.192.15
-A: m.disney.com -> 199.181.132.250
-A: mx1.disney.com -> 192.195.66.26
-A: mx1.disney.com -> 204.128.192.17
-A: mx2.disney.com -> 192.195.66.28
-A: mx2.disney.com -> 204.128.192.36
-A: services.disney.com -> 204.202.143.170
-A: services.disney.com -> 204.202.143.171
-A: webcache.disney.com -> 204.128.192.55
-A: webcast.disney.com -> 207.177.177.41
-A: www1.disney.com -> 199.181.132.250
-A: www2.disney.com -> 199.181.132.250
-CNAME: code.disney.com -> matterhorn.disney.com
-...etc...
 ```
+./cloudflare_enum.py -e test@gmail.com -p testing -d test.com -o /tmp/cf.csv
+```
+
+If you want to run using Docker,
+
+```
+docker run -it abhartiya/tools_cfenum -e test@gmail.com -p testing -d test.com -o /tmp/cf.csv
+docker ps -a
+docker cp <cont-id>:/tmp/cf.csv .
+```
+
+## Requirements if running without Docker
+
+* pip install requests
+* pip install bs4
+
+## Notes
+
+Make sure you don't have a `&` in the password of your Cloudflare account.
diff --git a/cloudflare_enum.py b/cloudflare_enum.py
@@ -3,6 +3,7 @@
 # Created using Metafidv2 by Matthew Bryant (mandatory)
 # Unauthorized use is stricly prohibited, please contact mandatory@gmail.com with questions/comments.
 import requests
+import argparse
 import json
 import time
 import csv
@@ -16,7 +17,6 @@ def __init__( self ):
         self.global_headers = {
         }
         self.verbose = True
-
         self.s = requests.Session()
         self.s.headers.update( self.global_headers )
         self.atok = ''
@@ -45,6 +45,7 @@ def log_in( self, username, password ):
         self.s.headers.update( dict( new_headers.items() + self.global_headers.items() ) )
         r = self.s.post('https://www.cloudflare.com/a/login', data=post_data)
         self.atok = self.find_between_r( r.text, 'window.bootstrap = {"atok":"', '","locale":"' ) # http://xkcd.com/292/
+        self.cookie = r.cookies['vses2']
 
     def get_domain_dns( self, domain ):
         parse_dict = {}
@@ -71,7 +72,8 @@ def get_domain_dns( self, domain ):
             'X-ATOK': self.atok,
         }
         self.s.headers.update( dict( new_headers.items() + self.global_headers.items() ) )
-        r = self.s.post('https://www.cloudflare.com/api/v4/zones', data=json.dumps( post_data ))
+        c = {'vses2': self.cookie}
+        r = self.s.post('https://www.cloudflare.com/api/v4/zones', data=json.dumps( post_data ), cookies=c)
         data = json.loads( r.text )
         success = data['success']
         if not success:
@@ -119,44 +121,52 @@ def get_domain_dns( self, domain ):
 
         return return_data['result']
 
-    def get_spreadsheet( self, domain ):
+    def get_spreadsheet( self, domain, output ):
         dns_data = self.get_domain_dns( domain )
         if dns_data:
-            filename = domain.replace( ".", "_" ) + ".csv"
+            # filename = domain.replace( ".", "_" ) + ".csv"
 
-            with open( filename, 'wb' ) as csvfile:
+            with open( output, 'wb' ) as csvfile:
                 dns_writer = csv.writer(csvfile, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
-                dns_writer.writerow( [ "name", "type", "content" ] )
+                # dns_writer.writerow( [ "name", "type", "content" ] )
                 for record in dns_data:
                     dns_writer.writerow( [ record["name"], record["type"], record["content"] ] )
-
-            self.statusmsg( "Spreadsheet created at " + os.getcwd() + "/" + filename )
+
+            self.statusmsg( "Spreadsheet created at " + output )
+        else:
+            with open( output, 'wb' ) as csvfile:
+                dns_writer = csv.writer(csvfile, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
+                # dns_writer.writerow( [ "name", "type", "content" ] )
+                dns_writer.writerow( [ domain, "NA", "NA" ] )
+
+            self.statusmsg( "Spreadsheet created at " + output )
+
 
     def print_banner( self ):
         if self.verbose:
             print """
-            
-                                                     `..--------..`                               
-                                                 .-:///::------::///:.`                           
-                                              `-//:-.`````````````.-://:.`    `   `               
-                                            .://-.```````````````````.-://-`  :  `-   .           
-                                          `-//:.........................-://. /. -: `:`  ``       
-                                         `://--------:::://////:::--------://-::.::`:- .:.        
-                              ``.---..` `///::::::///////////////////:::::::///::::::--:.`.-.     
-                            .://::::///::///::///////////////////////////:::///:-----::--:-`  `    
-                          `:/:-...--:://////////////////////////////////////////----------.--.`    
-                         `:/:..-:://////////////////////////////////////////////-----------.````    
-                         .//-::////////////////////////////////////:::::////////-...--------...`    
-                         -/////////////////////////////////////////////::::----:. `.-::::::-..``    
-                    ``.--:////////////////////////////////////////////////::-..```-///::::///:-`    
-                 `.:///::::://////////////////////////////////////:::::::::::::::-----......-:/:.    
-               `-//:-----::::://///////////////////////////////:///////////////////:-::::---..-//:`    
-              `:/:---://+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++//+++//::--//:    
-             `//:-/+oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo+++oooo+//://.    
-             :///ossssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssosssssso+//:    
-            `//+sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss+/-    
-            `//+ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo+++++/.    
-             ``````````````````````````````````````````````````````````````````````````````````````     
+
+                                                     `..--------..`
+                                                 .-:///::------::///:.`
+                                              `-//:-.`````````````.-://:.`    `   `
+                                            .://-.```````````````````.-://-`  :  `-   .
+                                          `-//:.........................-://. /. -: `:`  ``
+                                         `://--------:::://////:::--------://-::.::`:- .:.
+                              ``.---..` `///::::::///////////////////:::::::///::::::--:.`.-.
+                            .://::::///::///::///////////////////////////:::///:-----::--:-`  `
+                          `:/:-...--:://////////////////////////////////////////----------.--.`
+                         `:/:..-:://////////////////////////////////////////////-----------.````
+                         .//-::////////////////////////////////////:::::////////-...--------...`
+                         -/////////////////////////////////////////////::::----:. `.-::::::-..``
+                    ``.--:////////////////////////////////////////////////::-..```-///::::///:-`
+                 `.:///::::://////////////////////////////////////:::::::::::::::-----......-:/:.
+               `-//:-----::::://///////////////////////////////:///////////////////:-::::---..-//:`
+              `:/:---://+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++//+++//::--//:
+             `//:-/+oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo+++oooo+//://.
+             :///ossssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssosssssso+//:
+            `//+sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss+/-
+            `//+ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo+++++/.
+             ``````````````````````````````````````````````````````````````````````````````````````
                                                              Cloudflare DNS Enumeration Tool v1.2
                                                                                     By mandatory
         """
@@ -201,15 +211,19 @@ def get_cookie_from_file( self, cookie_file ):
             for i, item in enumerate(data):
                 if "	" in data[i]:
                     pew = data[i].split( "	" )
-                    return_dict[ pew[5] ] = pew[6] 
+                    return_dict[ pew[5] ] = pew[6]
 
         return return_dict
 
 if __name__ == "__main__":
-    if len( sys.argv ) < 3:
-        print "Usage: " + sys.argv[0] + " username@email.com password domain.com"
-    else:
+        parser = argparse.ArgumentParser(description='Process Cloudflare Enum arguments.')
+        parser.add_argument("-e", "--email", help="Cloudflare account email", required=True)
+        parser.add_argument("-p", "--password", help="Cloudflare account password", required=True)
+        parser.add_argument("-d", "--domain", help="Target domain", required=True)
+        parser.add_argument("-o", "--output", help="Output filename", required=True)
+        args = parser.parse_args()
+
         cloud = cloudflare_enum()
         cloud.print_banner()
-        cloud.log_in( sys.argv[1], sys.argv[2] )
-        cloud.get_spreadsheet( sys.argv[3] )
+        cloud.log_in( args.email, args.password )
+        cloud.get_spreadsheet( args.domain, args.output )