"Measured" the feasibility of obtaining a real IP from a visitor via stun Bypass proxy

Foreword: Recently the specialized course has the work, has chosen the IP tracking and the anti-tracking this question, thus, has this article.

First, look at the concept of STUN . STUN (simple traversal of the UDP over Nats,nat) is a network protocol that allows clients located on a NAT (or multiple NAT) to find their own public address, find out what type of NAT they are in and NAT Internet-side port that is bound to a local port. This information is used to establish UDP traffic between two hosts that are at the same time behind the NAT router. The protocol is defined by RFC 3489.

Firefox and Chrome support WEBRTC can request to the stun server, return to the internal and external network IP, different from XMLHttpRequest request, stun request developer tools in the Web request to see the Firefox and Chrome support WEBRTC can request to stun server, return internal and external network IP, different from XMLHttpRequest request,Stun Request developer Tool not to see the network request!

Often play the black small partner, thought hangs the VPN or the agent is safe? Be careful to check the water meter, haha. Let me do the actual test of the above two separately.

GitHub link to test code: Https://github.com/diafygi/webrtc-ips

Test URL: http://p2j.cn/tools/ip.html (it is recommended not to use IE test, of course, can also be tested in the console)

First look at Google's goagent agent open test results ... OK, the local and external network IP is acquired

650) this.width=650; "title=" realip.jpg "style=" Float:none "src=" http://s3.51cto.com/wyfs02/M00/5B/95/ Wkiom1umjeetkt-raaufnqf9--m563.jpg "alt=" Wkiom1umjeetkt-raaufnqf9--m563.jpg "/>

# #本文出自: http://zerosecurity.blog.51cto.com##

Then look at the effect of using the VPN, the internal and external network IP and VPN IP are all obtained ...

650) this.width=650; "title=" realip2.jpg "style=" Float:none "src=" http://s3.51cto.com/wyfs02/M02/5B/8F/ Wkiol1umjxtrfxdlaarrn_z8tj4549.jpg "alt=" Wkiol1umjxtrfxdlaarrn_z8tj4549.jpg "/>

So ... You know 650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0042.gif "alt=" J_0042.gif "/>

and send another GitHub. Related code: https://github.com/natevw/ipcalf/

This article is from the "Nocturnal Person" blog, so be sure to keep this source http://zerosecurity.blog.51cto.com/9913090/1622674

"Measured" the feasibility of obtaining a real IP from a visitor via stun Bypass proxy