In recent days, Daniel Roesler has discovered a security hole that allows WebRTC key and with a little ingenuity and JavaScript, recover local and public IP address of the user. If you use a proxy or VPN, so it is possible to get your IP address.
WebRTC is a set of APIs for managing audio chats / video directly from a browser without plug-in installed. Chrome and Firefox are natively supported. By exploiting the implementation of the protocol WebRTC Windows (and other operating systems would not be affected), it is possible to discover the actual IP address of the user is behind a proxy or a VPN.
To test this flaw, just follow the steps below:
* Go on and rate WhatIsMyIp your public IP address
* Enable your proxy or VPN and go to this web page that exploits the weakness WebRTC.
* If your IP address is identical to that returned to the page that exploits the bug WebRTC, it means I can also save my side to identify you
To protect themselves from this flaw and pending a fix in Firefox and Chrome, an extension was put online for Chrome, which disables WebRTC and activate only when needed.
In Firefox, you can install this extension that disables WebRTC or visit the panel about: config and reverse the media.peerconnection.enabled option to set it to "false".
Remember that the best support for this blog is to love and share our articles!
ConversionConversion EmoticonEmoticon