Some time ago, during a small event in my city, I’ve presented a small research on “decloaking” the true IP of a website visitor (ab)using the WebRTC technology.
WebRTC is a free, open project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs.
Is a component allowing calls to use the STUN and ICE mechanisms to establish connections across various types of networks? The STUN server sends a pingback that contains the IP address and port of the client
These STUN (Session Traversal Utilities for NAT) servers are used by VPNs to translate a local home IP address to a new public IP address and vice-versa. To do this, the STUN server maintains a table of both your VPN-based public IP and your local (“real”) IP during connectivity (routers at home replicate a similar function in translating private IP addresses to public and back.).
WebRTC allows requests to be made to STUN servers which return the “hidden” home IP-address as well as local network addresses for the system that is being used by the user.
This functionality could be also used to de-anonymize and trace users behind common privacy protection services such as: VPN, SOCKS Proxy, HTTP Proxy and in the past (TOR users).
Browsers that have WebRTC enabled by default:
23% of the tested VPNs and Proxies services disclosed the real IP address of the visitors making the users traceable.
The following providers leaks users’ IP:
You can find the complete spreadsheet of tested VPN providers here: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0
Add a comment or send me a tweet if you have updated results for any of the VPN which I am missing details. (especially the “$$$” one, since I cannot subscribe to 200 different paid VPN services :P)
Some tips to follow in order to protect your IP during the internet navigation:
You can check if your VPN leaks through this POC: http://ip.voidsec.com
I’ve updated Daniel Roesler code in order to make it works again and you can find it on Github.
Paolo Stagno (aka VoidSec) is a Cyber Security Researcher and a Penetration Tester focused on the Offensive Security field. He is specialized in Security Research, Penetration Tests, Vulnerability Assessment, Network and Application Security. He is working as an external consultant for a wide range of clients across top tier international banks, major companies and industries.
(Security Affairs – WebRTC, VPN)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.