如何检测和防止 WebRTC 导致的 IP 泄露

54次阅读

共计 1933 个字符，预计需要花费 5 分钟才能阅读完成。

老话题再提一下：WebRTC 功能可能导致 IP 泄露，即使使用了浏览器代理，也可能无法阻止泄露。快来检测一下你的 IP 是否安全吧！

直接复制以下代码到您的浏览器控制台（F12）执行。如果有 IP 输出，说明您的 IP 可能存在泄露风险。

(function() {
// WebRTC IPs
const iceServers = [{ urls: 'stun:stun.l.google.com:19302'},
{urls: 'stun:stun1.l.google.com:19302'},
{urls: 'stun:stun2.l.google.com:19302'},
{urls: 'stun:stun3.l.google.com:19302'},
{urls: 'stun:stun4.l.google.com:19302'},
];

function getUserIPs(callback) {const myPeerConnection = new RTCPeerConnection({ iceServers});
myPeerConnection.createDataChannel("");
myPeerConnection.createOffer().then(offer => myPeerConnection.setLocalDescription(offer));

myPeerConnection.onicecandidate = function(event) {if (event.candidate) {const parts = event.candidate.candidate.split(' ');
const ip = parts[4];
callback(ip);
}
};
}

getUserIPs((ip) => {const ipv4Regex = /^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
const ipv6Regex = /^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}(([0-9a-fA-F]{1,4}:){1,4}|((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/;
if (ipv4Regex.test(ip)) {console.log('WebRTC IPv4 Address:', ip);
} else if (ipv6Regex.test(ip)) {console.log('WebRTC IPv6 Address:', ip);
} else {console.log('WebRTC Local IP Address:', ip);
}
});
})();

如果检测到 IP 泄露的情况，建议你采取以下措施：