WebRTC [IP Leakage]

✨ Megiddo

✨ President ✨
Staff member
Joined
May 15, 2016
Messages
15,630
Likes
2,642
Points
1,730
WebRTC is one of those new technologies that, on the one hand, can be very useful, and on the other, can become a nightmare for those who want to remain anonymous in their Internet surfing.

WebRTC (Real-Time Communications) is a set of APIs supported by all major browsers. Its main use is to integrate communication capabilities in the browser, which can be used by sites and services for voice and video chat.

Browsers in which WebRTC is enabled by default

Here is a list of browsers in which WebRTC is enabled by default:

  • Google chrome
  • Google Chrome for Android
  • Mozilla firefox
  • Opera
  • Brave
  • Edge
  • Epiphany (Gnome)
  • Internet (Samsung Browser)
  • Safari
  • Vivaldi

WebRTC and anonymity

One of the privacy concerns of WebRTC is that browsers can reveal the “real” IP address of the device on sites even when using VPN, Proxy and other anonymization methods. Since there are no invitations with WebRTC permissions, sites can reveal the real IP address and the user will not even know about it.

Only a few browsers are equipped with the WebRTC shutdown feature and thus leak protection. For example, the Vivaldi browser has an option in the “Settings” -> “Privacy” section which disables IP address translation.

In certain situations, it would be nice to determine whether the site uses WebRTC technology. Below I will show how to do this.

How to check if the site uses WebRTC?

To display all WebRTC connections in Google Chrome or another Chromium browser, such as: Opera, Yandex or Vivaldi, enter in your browser’s address bar:

Code:
chrome://webrtc-internals/
Click "Create Dump" put a tick where it is selected and communicate anywhere.

After, look at the logs in the specified folder.

To display all WebRTC connections in Mozilla Firefox, you must enter in the address bar of your browser:

Code:
about:webrtc
Firefox will display the site address in the Session Statistics section.

Also similarly

Pressing "Start logging AES" can be hidden by clicking "Exit laying mode" and communicate anywhere.

After, look at the logs in the specified folder.
 
Top Bottom