详解WebRTC泄露

WebRTC泄露

WebRTC(Web Real-Time Communication)允许开发者直接在浏览器中实现点对点(P2P)的音视频通信、数据传输等功能

一般浏览器默认启用WebRTC(但是一些匿名浏览器如tor浏览器默认禁用),且使用WebRTC不需要经过用户同意,可利用性还是很高的

如图,我挂了一个香港的代理,并且用WebRTC泄露成功获取了我的真实IP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
function rtcLeak(stun = "stun:stun.l.google.com:19302") {
    return new Promise((resolve, reject) => {
        const myPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection || window.msRTCPeerConnection;
        const pc = new myPeerConnection({ iceServers: [{ urls: stun }] });
        pc.createDataChannel("");
        //当WebRTC试图建立连接时,它会生成一系列的ICE候选者
        //通过正则表达式匹配这些ICE候选者是否包含IP地址
        pc.onicecandidate = (event) => {
            if (event && event.candidate && event.candidate.candidate) {
                const ipRegex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/;
                const ipMatch = event.candidate.candidate.match(ipRegex);

                if (ipMatch) {
                    pc.close();
                    resolve(ipMatch[1]);
                }
            }
        };
        pc.createOffer()
            .then((offer) => pc.setLocalDescription(offer))
            .catch((error) => {
                reject(error);
            });
    });
}

rtcLeak()
    .then((ip) => {
        alert(ip);
    })
    .catch((error) => {
        console.error(error);
    });

禁用WebRTC

禁用WebRTC不仅能防止IP泄露,还能阻止流氓网站偷偷跑PCDN(是的,国内某些大厂的行为,网页都能用来跑PCDN,真是四马了)

对于非Chrome浏览器,这里有详细步骤:https://nordvpn.com/zh/blog/jinyong-webrtc/

Chrome浏览器没法直接禁用,必须用插件或油猴脚本实现

比如谷歌官方的插件:https://chromewebstore.google.com/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

或者油猴脚本:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
// ==UserScript==
// @name 禁用WebRTC
// @match *://*/*
// @version 1
// @description 禁用WebRTC
// @run-at document-start
// @website https://crackme.net/articles/rtcleak
// ==/UserScript==

["","webkit","moz","ms"].forEach(prefix => {
    [
        "RTCError",
        "RTCRtpSender",
        "RTCDTMFSender",
        "RTCErrorEvent",
        "RTCTrackEvent",
        "RTCCertificate",
        "RTCDataChannel",
        "RTCRtpReceiver",
        "RTCStatsReport",
        "RTCIceCandidate",
        "RTCIceTransport",
        "RTCDtlsTransport",
        "RTCSctpTransport",
        "RTCPeerConnection",
        "RTCRtpTransceiver",
        "RTCDataChannelEvent",
        "RTCEncodedAudioFrame",
        "RTCEncodedVideoFrame",
        "RTCSessionDescription",
        "RTCDTMFToneChangeEvent",
        "RTCPeerConnectionIceEvent",
        "RTCPeerConnectionIceErrorEvent"
    ].forEach(rtc => {
        const obj = prefix + rtc;
        if (unsafeWindow[obj]) delete unsafeWindow[obj];
    });
});
#编程 #网络安全
详解WebRTC泄露
https://crackme.net/articles/rtcleak/
作者
Brassinolide
发布于
2025年2月19日
许可协议