• Stars
    star
    3,394
  • Rank 13,187 (Top 0.3 %)
  • Language
    HTML
  • License
    MIT License
  • Created almost 10 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Demo: https://diafygi.github.io/webrtc-ips/

STUN IP Address requests for WebRTC

Demo: https://diafygi.github.io/webrtc-ips/

What this does

Firefox and Chrome have implemented WebRTC that allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in javascript. This demo is an example implementation of that.

Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.

Code

Here is the annotated demo function that makes the STUN request. You can copy and paste this into the Firefox or Chrome developer console to run the test.

//get the IP addresses associated with an account
function getIPs(callback){
    var ip_dups = {};

    //compatibility for firefox and chrome
    var RTCPeerConnection = window.RTCPeerConnection
        || window.mozRTCPeerConnection
        || window.webkitRTCPeerConnection;
    var useWebKit = !!window.webkitRTCPeerConnection;

    //bypass naive webrtc blocking using an iframe
    if(!RTCPeerConnection){
        //NOTE: you need to have an iframe in the page right above the script tag
        //
        //<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
        //<script>...getIPs called in here...
        //
        var win = iframe.contentWindow;
        RTCPeerConnection = win.RTCPeerConnection
            || win.mozRTCPeerConnection
            || win.webkitRTCPeerConnection;
        useWebKit = !!win.webkitRTCPeerConnection;
    }

    //minimal requirements for data connection
    var mediaConstraints = {
        optional: [{RtpDataChannels: true}]
    };

    var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};

    //construct a new RTCPeerConnection
    var pc = new RTCPeerConnection(servers, mediaConstraints);

    function handleCandidate(candidate){
        //match just the IP address
        var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
        var ip_addr = ip_regex.exec(candidate)[1];

        //remove duplicates
        if(ip_dups[ip_addr] === undefined)
            callback(ip_addr);

        ip_dups[ip_addr] = true;
    }

    //listen for candidate events
    pc.onicecandidate = function(ice){

        //skip non-candidate events
        if(ice.candidate)
            handleCandidate(ice.candidate.candidate);
    };

    //create a bogus data channel
    pc.createDataChannel("");

    //create an offer sdp
    pc.createOffer(function(result){

        //trigger the stun server request
        pc.setLocalDescription(result, function(){}, function(){});

    }, function(){});

    //wait for a while to let everything done
    setTimeout(function(){
        //read candidate info from local description
        var lines = pc.localDescription.sdp.split('\n');

        lines.forEach(function(line){
            if(line.indexOf('a=candidate:') === 0)
                handleCandidate(line);
        });
    }, 1000);
}

//Test: Print the IP addresses into the console
getIPs(function(ip){console.log(ip);});

More Repositories

1

gethttpsforfree

Source code for https://gethttpsforfree.com/
JavaScript
2,178
star
2

webcrypto-examples

Web Cryptography API Examples Demo: https://diafygi.github.io/webcrypto-examples/
HTML
1,612
star
3

acme-nosudo

Free HTTPS certificates without having to trust the letsencrypt cli with sudo/root
Python
1,187
star
4

gnu-pricing

Turn GNU command line tools into SaaS (Stupid Hackathon Project)
CSS
510
star
5

byoFS

Bring Your Own Filesystem
HTML
67
star
6

emailpk

Demo: https://diafygi.github.io/emailpk/
HTML
43
star
7

privacy-checklist

Checklist for securing communications
36
star
8

openpgp-python

Python
32
star
9

dice-css

A tiny dice icon css library https://diafygi.github.io/dice-css/
HTML
18
star
10

Offset248

Binary encoding for the Unicode world
16
star
11

myLock

Demo: https://diafygi.github.io/myLock/
15
star
12

publickeyjs

PGP keyserver javascript client library. Demo: https://diafygi.github.io/publickeyjs/
JavaScript
15
star
13

diceware-prettyprint

Generate user-friendly printouts of Diceware word lists. https://diafygi.github.io/diceware-prettyprint/
HTML
11
star
14

webrtc-chat

Encrypted P2P Chat Demo: https://diafygi.github.io/webrtc-chat/
HTML
11
star
15

eb-to-ical

Eventbrite-to-iCal Converter https://eb-to-ical.daylightpirates.org/
10
star
16

b2g_inari_nightly

Nightly Firefox OS builds for the ZTE Open (inari)
Shell
9
star
17

detect-throwaways

Demo: https://diafygi.github.io/detect-throwaways/index.html
HTML
7
star
18

keyserver-elasticsearch

Demo: https://keyserver-elasticsearch.daylightpirates.org
7
star
19

d3cheap

4
star
20

svg-font-to-svg-sprite-converter

Simple script that converts svg fonts to svg symbols. Demo: https://diafygi.github.io/svg-font-to-svg-sprite-converter/examples/
Python
3
star
21

pdfformfiller

Insert text into existing pdfs. Usefull for filling out pdf forms.
Python
3
star
22

sks-explorer

Demo: https://research.daylightpirates.org/sks-explorer/
Python
2
star
23

flashblock-firefox34

2
star
24

bootstrap-boilerplate

My starting point for one-off side project websites
HTML
1
star
25

xxhash-asm

xxHash asm.js library
JavaScript
1
star
26

kitco-android

Automatically exported from code.google.com/p/kitco-android
Java
1
star
27

github-actions-playground

Where I test various Github Actions functionality
Python
1
star
28

d3_heatmaps

Using svg gradients to make heatmaps in d3
JavaScript
1
star
29

diafygi.github.io

Static website for https://daylightpirates.org/
HTML
1
star
30

d3_hackathon

D3 Code for America Hackathon
1
star
31

voter-registration

Voter Registration App - Demo: https://diafygi.github.io/voter-registration/
JavaScript
1
star
32

solartetris

Install solar panels using tetris! Play: https://diafygi.github.io/solartetris/
JavaScript
1
star