2015-01-26 05:56:40 +00:00
|
|
|
<!DOCTYPE html>
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<h4>
|
|
|
|
Demo for:
|
|
|
|
<a href="https://github.com/diafygi/webrtc-ips">
|
|
|
|
https://github.com/diafygi/webrtc-ips
|
|
|
|
</a>
|
|
|
|
</h4>
|
2015-01-26 06:14:02 +00:00
|
|
|
<p>
|
|
|
|
This demo secretly makes requests to STUN servers that can log your
|
|
|
|
request. These requests do not show up in developer consoles and
|
|
|
|
cannot be blocked by browser plugins (AdBlock, Ghostery, etc.).
|
|
|
|
</p>
|
2015-01-26 05:56:40 +00:00
|
|
|
<h4>Your local IP addresses:</h4>
|
|
|
|
<ul></ul>
|
|
|
|
<h4>Your public IP addresses:</h4>
|
|
|
|
<ul></ul>
|
|
|
|
<script>
|
|
|
|
//get the IP addresses associated with an account
|
|
|
|
function getIPs(callback){
|
|
|
|
var ip_dups = {};
|
|
|
|
|
|
|
|
//compatibility for firefox and chrome
|
|
|
|
var RTCPeerConnection = window.RTCPeerConnection
|
|
|
|
|| window.mozRTCPeerConnection
|
|
|
|
|| window.webkitRTCPeerConnection;
|
2015-02-05 19:34:41 +00:00
|
|
|
|
|
|
|
//bypass naive webrtc blocking
|
2015-02-01 22:42:37 +00:00
|
|
|
if (!RTCPeerConnection) {
|
2015-02-05 19:34:41 +00:00
|
|
|
var iframe = document.createElement('iframe');
|
2015-02-09 11:29:31 +00:00
|
|
|
//invalidate content script
|
|
|
|
iframe.sandbox = 'allow-same-origin';
|
2015-02-05 19:34:41 +00:00
|
|
|
iframe.style.display = 'none';
|
|
|
|
document.body.appendChild(iframe);
|
|
|
|
var win = iframe.contentWindow;
|
|
|
|
window.RTCPeerConnection = win.RTCPeerConnection;
|
|
|
|
window.mozRTCPeerConnection = win.mozRTCPeerConnection;
|
|
|
|
window.webkitRTCPeerConnection = win.webkitRTCPeerConnection;
|
|
|
|
RTCPeerConnection = window.RTCPeerConnection
|
|
|
|
|| window.mozRTCPeerConnection
|
|
|
|
|| window.webkitRTCPeerConnection;
|
2015-02-01 22:42:37 +00:00
|
|
|
}
|
2015-02-05 19:34:41 +00:00
|
|
|
|
|
|
|
//minimal requirements for data connection
|
2015-01-26 05:56:40 +00:00
|
|
|
var mediaConstraints = {
|
2015-01-26 06:03:19 +00:00
|
|
|
optional: [{RtpDataChannels: true}]
|
2015-01-26 05:56:40 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
//firefox already has a default stun server in about:config
|
|
|
|
// media.peerconnection.default_iceservers =
|
|
|
|
// [{"url": "stun:stun.services.mozilla.com"}]
|
|
|
|
var servers = undefined;
|
|
|
|
|
2015-01-26 06:03:19 +00:00
|
|
|
//add same stun server for chrome
|
2015-01-26 05:56:40 +00:00
|
|
|
if(window.webkitRTCPeerConnection)
|
2015-01-26 06:03:19 +00:00
|
|
|
servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
|
2015-01-26 05:56:40 +00:00
|
|
|
|
|
|
|
//construct a new RTCPeerConnection
|
|
|
|
var pc = new RTCPeerConnection(servers, mediaConstraints);
|
|
|
|
|
2015-02-25 12:00:29 +00:00
|
|
|
function handleCandidate(candidate){
|
|
|
|
//match just the IP address
|
|
|
|
var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/
|
|
|
|
var ip_addr = ip_regex.exec(candidate)[1];
|
2015-01-26 05:56:40 +00:00
|
|
|
|
2015-02-25 12:00:29 +00:00
|
|
|
//remove duplicates
|
|
|
|
if(ip_dups[ip_addr] === undefined)
|
|
|
|
callback(ip_addr);
|
2015-01-26 05:56:40 +00:00
|
|
|
|
2015-02-25 12:00:29 +00:00
|
|
|
ip_dups[ip_addr] = true;
|
|
|
|
}
|
2015-01-26 05:56:40 +00:00
|
|
|
|
2015-02-25 12:00:29 +00:00
|
|
|
//listen for candidate events
|
|
|
|
pc.onicecandidate = function(ice){
|
2015-01-26 05:56:40 +00:00
|
|
|
|
2015-02-25 12:00:29 +00:00
|
|
|
//skip non-candidate events
|
|
|
|
if(ice.candidate)
|
|
|
|
handleCandidate(ice.candidate.candidate);
|
2015-01-26 05:56:40 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
//create a bogus data channel
|
|
|
|
pc.createDataChannel("");
|
|
|
|
|
|
|
|
//create an offer sdp
|
|
|
|
pc.createOffer(function(result){
|
|
|
|
|
2015-01-26 06:03:19 +00:00
|
|
|
//trigger the stun server request
|
2015-01-29 02:42:47 +00:00
|
|
|
pc.setLocalDescription(result, function(){}, function(){});
|
2015-01-26 05:56:40 +00:00
|
|
|
|
|
|
|
}, function(){});
|
2015-02-25 12:00:29 +00:00
|
|
|
|
|
|
|
//wait for a while to let everything done
|
|
|
|
setTimeout(function(){
|
|
|
|
//read candidate info from local description
|
|
|
|
var lines = pc.localDescription.sdp.split('\n');
|
|
|
|
|
|
|
|
lines.forEach(function(line){
|
|
|
|
if(line.startsWith('a=candidate:'))
|
|
|
|
handleCandidate(line);
|
|
|
|
});
|
|
|
|
}, 1000);
|
2015-01-26 05:56:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
//insert IP addresses into the page
|
|
|
|
getIPs(function(ip){
|
|
|
|
var li = document.createElement("li");
|
|
|
|
li.textContent = ip;
|
|
|
|
|
2015-01-27 08:04:49 +00:00
|
|
|
//local IPs
|
2015-01-29 02:49:39 +00:00
|
|
|
if (ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/))
|
2015-01-26 05:56:40 +00:00
|
|
|
document.getElementsByTagName("ul")[0].appendChild(li);
|
|
|
|
|
|
|
|
//assume the rest are public IPs
|
|
|
|
else
|
|
|
|
document.getElementsByTagName("ul")[1].appendChild(li);
|
|
|
|
});
|
|
|
|
</script>
|
|
|
|
</body>
|
|
|
|
</html>
|