0

So I am working on preventing ip leak through webrtc detection , but most of the solution I can find is disabling webrtc, or using an extension. But I'm avoiding to do that, is there a way I can intercept the webrtc detection and send back a fake ip address instead of my actual ip address?

*I've read that even if you use vpn or proxy, it can still detect your actual ip address.

Marcus Jason
  • 250
  • 4
  • 11
  • I think there are some ways. maybe proxy or vpn can be. – pullidea-dev Jun 25 '21 at 00:13
  • @Nikita I read that even if you use a vpn or proxy, webrtc can still detect your actual ip. :( – Marcus Jason Jun 25 '21 at 00:15
  • Browsers don't return the ip anymore but just a fake local address: https://stackoverflow.com/questions/56755747/rtcicecandidate-no-longer-returning-ip (and anyway it was always just a **local** address, which by itself isn't that much of a deal, except if you are victim of a targeted attack and they know more about you than what your browser reveals. – Kaiido Jun 25 '21 at 03:35

1 Answers1

2

Yoiu should check whether what you read is the truth.

With current versions of browsers, no local ip addresses will be exposed to Javascript, they're obfuscated as mdns hostnames like this:

candidate:0 1 UDP 2122187007 a809bdf8-19c0-4af1-bfdb-9d432d40ecd5.local 57583 typ host

(note that within the same local network, this can still be resolved)

If the peerconnection is using a STUN server, a public ip address may be gathered. A properly configured VPN will prevent that. A HTTP proxy being sold as a "VPN" may not. That is a defect in such products. See https://webrtchacks.com/so-your-vpn-is-leaking-because-of-webrtc/ for a lengthy rant on this.

Philipp Hancke
  • 15,855
  • 2
  • 23
  • 31