mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-12-11 12:23:31 +01:00
d28d2e8199
As per discussion with @alexbooker in #51
160 lines
6.0 KiB
HTML
160 lines
6.0 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>WebRTC IP Leak VPN / Tor Test | Privacy Tools</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<link rel="shortcut icon" href="favicon.ico" type="image/ico">
|
|
<link href="css/bootstrap.min.css" rel="stylesheet">
|
|
</head>
|
|
<body>
|
|
|
|
<div style="margin:30px 0 0 30px;width:600px;">
|
|
<h1><a href="https://www.privacytools.io/"><img src="img/layout/logo.png" class="img-responsive" alt="privacytools.io"></a></h1>
|
|
|
|
<h2>WebRTC IP Leak VPN / Tor IP Test</h2>
|
|
|
|
<p>
|
|
WebRTC is a communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN. While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe. This page will test if your internet browser is affected by the <strong>WebRTC Leak.</strong>
|
|
</p>
|
|
|
|
<p>
|
|
This demo secretly makes requests to STUN servers that can log your
|
|
request. These requests do not show up in developer consoles and
|
|
cannot be blocked by browser plugins like AdBlock, Ghostery, etc.
|
|
</p>
|
|
|
|
<p> </p>
|
|
<strong>Your local IP addresses:</strong>
|
|
<ul></ul>
|
|
<strong>Your public IP addresses:</strong>
|
|
<ul></ul>
|
|
|
|
<p> </p>
|
|
|
|
<p>Your browser is not safe and will show your real IP even though you are using a VPN service if you can see your real IP addresses here.</p>
|
|
|
|
<p><strong><a href="https://www.privacytools.io/#webrtc">How to fix the WebRTC Leak?</a></strong></p>
|
|
|
|
<p> </p>
|
|
|
|
<p>Source Code: <a href="https://github.com/diafygi/webrtc-ips" target="_blank">GitHub</a>
|
|
<br>Script Version: Jul 20, 2015</a></p>
|
|
|
|
<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
|
|
<script>
|
|
//get the IP addresses associated with an account
|
|
function getIPs(callback){
|
|
var ip_dups = {};
|
|
|
|
//compatibility for firefox and chrome
|
|
var RTCPeerConnection = window.RTCPeerConnection
|
|
|| window.mozRTCPeerConnection
|
|
|| window.webkitRTCPeerConnection;
|
|
var useWebKit = !!window.webkitRTCPeerConnection;
|
|
|
|
//bypass naive webrtc blocking using an iframe
|
|
if(!RTCPeerConnection){
|
|
//NOTE: you need to have an iframe in the page right above the script tag
|
|
//
|
|
//<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
|
|
//<script>...getIPs called in here...
|
|
//
|
|
var win = iframe.contentWindow;
|
|
RTCPeerConnection = win.RTCPeerConnection
|
|
|| win.mozRTCPeerConnection
|
|
|| win.webkitRTCPeerConnection;
|
|
useWebKit = !!win.webkitRTCPeerConnection;
|
|
}
|
|
|
|
//minimal requirements for data connection
|
|
var mediaConstraints = {
|
|
optional: [{RtpDataChannels: true}]
|
|
};
|
|
|
|
var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
|
|
|
|
//construct a new RTCPeerConnection
|
|
var pc = new RTCPeerConnection(servers, mediaConstraints);
|
|
|
|
function handleCandidate(candidate){
|
|
//match just the IP address
|
|
var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
|
|
var ip_addr = ip_regex.exec(candidate)[1];
|
|
|
|
//remove duplicates
|
|
if(ip_dups[ip_addr] === undefined)
|
|
callback(ip_addr);
|
|
|
|
ip_dups[ip_addr] = true;
|
|
}
|
|
|
|
//listen for candidate events
|
|
pc.onicecandidate = function(ice){
|
|
|
|
//skip non-candidate events
|
|
if(ice.candidate)
|
|
handleCandidate(ice.candidate.candidate);
|
|
};
|
|
|
|
//create a bogus data channel
|
|
pc.createDataChannel("");
|
|
|
|
//create an offer sdp
|
|
pc.createOffer(function(result){
|
|
|
|
//trigger the stun server request
|
|
pc.setLocalDescription(result, function(){}, function(){});
|
|
|
|
}, function(){});
|
|
|
|
//wait for a while to let everything done
|
|
setTimeout(function(){
|
|
//read candidate info from local description
|
|
var lines = pc.localDescription.sdp.split('\n');
|
|
|
|
lines.forEach(function(line){
|
|
if(line.indexOf('a=candidate:') === 0)
|
|
handleCandidate(line);
|
|
});
|
|
}, 1000);
|
|
}
|
|
|
|
//insert IP addresses into the page
|
|
getIPs(function(ip){
|
|
var li = document.createElement("li");
|
|
li.textContent = ip;
|
|
|
|
//local IPs
|
|
if (ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/))
|
|
document.getElementsByTagName("ul")[0].appendChild(li);
|
|
|
|
//IPv6 addresses
|
|
else if (ip.match(/^[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}$/))
|
|
document.getElementsByTagName("ul")[2].appendChild(li);
|
|
|
|
//assume the rest are public IPs
|
|
else
|
|
document.getElementsByTagName("ul")[1].appendChild(li);
|
|
});
|
|
</script>
|
|
|
|
</div>
|
|
|
|
<!-- Start Piwik -->
|
|
<script type="text/javascript">
|
|
var _paq = _paq || [];
|
|
_paq.push(['trackPageView']);
|
|
_paq.push(['enableLinkTracking']);
|
|
(function() {
|
|
var u="//www.privacytools.io/stats/";
|
|
_paq.push(['setTrackerUrl', u+'piwik.php']);
|
|
_paq.push(['setSiteId', 1]);
|
|
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
|
|
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
|
|
})();
|
|
</script>
|
|
<noscript><p><img src="//www.privacytools.io/stats/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript>
|
|
<!-- End Piwik Code -->
|
|
|
|
</body>
|