WebRTC Local IP leak - Githubissues

cztomczak / cefpython

Python bindings for the Chromium Embedded Framework (CEF)

Other

3.03k stars 468 forks source link

WebRTC Local IP leak #550

Open risha01 opened 4 years ago

risha01 commented 4 years ago

#!/usr/bin/python3
# coding: utf-8
import sys

from cefpython3 import cefpython as cef

if __name__ == '__main__':
    switches={
      "proxy-server": "socks5://localhost:9050",
      "force-webrtc-ip-handling-policy": "default_public_interface_only",
    }
    sys.excepthook = cef.ExceptHook
    cef.Initialize(settings={}, switches=switches)
    window_info = cef.WindowInfo()
    browser = cef.CreateBrowserSync()
    browser.LoadUrl("https://browserleaks.com/webrtc")
    cef.MessageLoop()
    cef.Shutdown()

Result: WebRTC-Local-IP-leak Please help!!!

cztomczak commented 4 years ago

Try setting the policy to "disable_non_proxied_udp".

There is some useful information in this upstream CEF topic: https://magpcss.org/ceforum/viewtopic.php?f=14&t=15194

risha01 commented 4 years ago

The result is the same :(

risha01 commented 4 years ago

If I use the Chrome-Extension in the Chrome-browser: manifest.json

{
    "manifest_version": 2,
    "name": "webRTCIPHandlingPolicy = 'disable_non_proxied_udp'",
    "version": "0.0.1",
    "description": "Sets chrome.privacy.network.webRTCIPHandlingPolicy to 'disable_non_proxied_udp'",
    "icons": {},
    "minimum_chrome_version": "48",
    "permissions": ["privacy"],
    "background": {
      "scripts": ["background.js"],
      "persistent": false
    }
  }

background.js

chrome.privacy.network.webRTCIPHandlingPolicy.set({
    value: 'disable_non_proxied_udp'
});

This is a good result: WebRTC-Local-IP-leak2

cztomczak commented 4 years ago

You can test the flags with latest CEF. Build or download cefclient / cefsimple applications from: http://opensource.spotify.com/cefbuilds/index.html

risha01 commented 4 years ago

I downloaded the package cef_binary_78.3.9+gc7345f2+chromium-78.0.3904.108_linux64, compiled the examples and ran: ./cefclient --url=https://browserleaks.com/webrtc --force-webrtc-ip-handling-policy=disable_non_proxied_udp Everything is OK only with the local address. By the way everything is OK with Local IP without --force-webrtc-ip-handling-policy=disable_non_proxied_udp. There is an External IP leak!!! WebRTC-Local-IP-leak3 I tried using the Chrome-Extension: ./cefclient --url=https://browserleaks.com/webrtc --load-extension=<path/to/unpacked/extension> Result:

[1230/220350.430794:INFO:content_main_runner_impl.cc(960)] Chrome is running in full browser mode.
[1230/220353.363141:FATAL:permissions_parser.cc(238)] Check failed: feature. Could not find feature for privacy

cztomczak commented 4 years ago

Marking as upstream CEF issue.