WebRTC IP Leak

1. <!DOCTYPE html>
2. <html>
3.     <head>
4.         <title>WebRTC IP Leak VPN / Tor IP Test</title>
5.         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6.         <link rel="stylesheet" type="text/css" href="style.css">
7.  
8.         <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, user-scalable=0">
9.         <meta name="apple-mobile-web-app-capable" content="yes">
10.         <meta name="keyword" content="Webrtc Leak, IP Leaking, webrtc, ip, leak, webrtc leaking ip, ip leak">
11.         <meta name="Author" content="Spade | Spade Pirates">
12.         <meta name="Copyright" content="Spade Pirates">
13.         <meta name="Description" content="Test Your Browser">
14.         <meta property="og:title" content="WebRTC IP Leak VPN / Tor IP Test">
15.         <meta property="og:image" content="http://img02.deviantart.net/01a0/i/2016/234/6/2/nsa_wallpaper_by_quadrixel-daeuxzx.jpg">
16.        
17.         <link rel="shortcut icon" type="icon" href="http://i.imgur.com/CesSFnl.gif">
18.         <style type="text/css">
19.             * {
20.                 margin: 0;
21.                 padding: 0;
22.             }
23.             .main{
24.                 margin: 30px 0 0 30px;
25.                 width: 600px;
26.             }
27.             .error{
28.                 width: 100%;
29.                 text-align: center;
30.                 background: red;
31.                 padding: 10px;
32.             }
33.  
34.             .success{
35.                 width: 100%;
36.                 text-align: center;
37.                 background: lime;
38.                 padding: 10px;
39.             }
40.  
41.             body{
42.                 line-height: 30px;
43.                 font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;
44.                 font-size: 14px;
45.             }
46.  
47.             a{
48.                 text-decoration: none;
49.             }
50.         </style>
51.     </head>
52.     <body> 
53. <?
54.     /*
55.         This will Check Your if your IP is Leaking onLine :v
56.         Script Made by ME :D
57.         -/Spade Was Here-/
58.     */
59.  
60.     if(isset($_SERVER['HTTP_USER_AGENT'])){
61.         $agent = $_SERVER['HTTP_USER_AGENT'];
62.     }
63.  
64.     //Check if Firefox or Not :D
65.     // Spade Was Here :p
66.  
67.     if(strlen(strstr($agent, 'Firefox'))){
68.         echo "<div class='success'><p1>If you're IP is Leaking from below. You can follow this <a href='http://xbox.nu/webrtc.txt'>Steps</a> to Prevent WebRTC Leak.</p1></div>";
69.     }else{
70.         echo "<div class='error'><p1>Google Chrome Tolerate WebRTC Leak. Please Use Firefox Instead.</p1></div>";
71.     }
72. ?>
73.     <div class="main">
74.         <h2>WebRTC IP Leak VPN / Tor IP Test</h2>
75.         <p>WebRTC is a communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN. While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe. This page will test if your internet browser is affected by the <b>WebRTC Leak</b>.</p>
76.         <br>
77.         <p>This demo secretly makes requests to STUN servers that can log your request. These requests do not show up in developer consoles and cannot be blocked by browser plugins like AdBlock, Ghostery, etc. </p>
78.  
79.         <h4>Your Local IP Addresses:</h4>
80.             <ul></ul>
81.         <h4>Your Public IP Addresses:</h4>
82.             <ul></ul>
83.         <h4>Your IPv6 Addresses:</h4>
84.             <ul></ul>
85.  
86.         <iframe id="iframe" sandbox="allow-same-origin" style="display: none;"></iframe>
87.  
88.         <script>
89.             //get IP addresses associated with an account :D
90.  
91.             function getIPs(callback){
92.                 var ip_dups = {};
93.  
94.                 //Compatibility for Firefox and Chrome
95.                 var RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection;
96.  
97.                 //and for the Bypass of Naive WebRTC Blocking Using iFrame
98.  
99.                 if(!RTCPeerConnection){
100.                     /*
101.                         Note: you need to have an iframe in the page right above the script tag :v
102.                         <iframe id="iframe" sandbox="allow-same-origin" style="display: none;"></iframe>
103.                         <script>.. getIPs called in here...
104.                     */
105.                     var win = iframe.contentWindow;
106.                     RTCPeerConnection = win.RTCPeerConnection || win.mozRTCPeerConnection || win.webkitRTCPeerConnection;
107.                     useWebKit = !!win.webkitRTCPeerConnection;
108.                 }
109.  
110.                 //minimal requirements for data connection
111.                 var mediaConstraints = {
112.                     optional: [{RtpDataChannels: true}]
113.                 };
114.  
115.                 var servers = {iseServers: [{urls: "stun:stun.services.mozilla.com"}]};
116.  
117.                 //construct a new RTCPeerConnection
118.                 var pc = new RTCPeerConnection(servers, mediaConstraints);
119.  
120.                 function handleCandidate(candidate){
121.                     //Match the IP address
122.                     var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
123.                     var ip_addr = ip_regex.exec(candidate)[1];
124.  
125.                     //remove duplicates
126.                     if(ip_dups[ip_addr] === undefined)
127.                         callback(ip_addr);
128.  
129.                     ip_dups[ip_addr] = true;
130.                 }//function handleCandidate() ends here
131.  
132.                 //listen for candidate events
133.                 pc.onicecandidate = function(ice){
134.                     //skip non-candidate events
135.                     if(ice.candidate)
136.                         handleCandidate(ice.candidate.candidate);
137.                 };
138.  
139.                 //create a bogus data channel
140.                 pc.createDataChannel("");
141.  
142.                 //create an offer sdp
143.                 pc.createOffer(function(result){
144.  
145.                     //trigger the stun server request
146.                     pc.setLocalDescription(result, function(){}, function(){});
147.  
148.                 }, function(){});
149.  
150.                 //wait for a while to let everything done
151.                 setTimeout(function(){
152.                     //read candidate info from local description
153.                     var lines = pc.localDescription.sdp.split('\n');
154.  
155.                     lines.forEach(function(line){
156.                         if(line.indexOf('a=candidate:') === 0)
157.                             handleCandidate(line);
158.                     });
159.                 }, 1000);
160.             }//function getIPs() ends here
161.  
162.             //inserting IP addresses into the Page :D
163.             getIPs(function(ip){
164.                 var li = document.createElement("li");
165.                 li.textContent = ip;
166.  
167.                 //Local IPs
168.                 if(ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/))
169.                     document.getElementsByTagName("ul")[0].appendChild(li);
170.  
171.                 //IPv6 addresses
172.                 else if(ip.match(/^[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}$/))
173.                     document.getElementsByTagName("ul")[2].appendChild(li);
174.  
175.                 //assume the rest are Public IPs
176.                 else
177.                     document.getElementsByTagName("ul")[1].appendChild(li);
178.             });
179.         </script>
180.     </div>
181.     <noscript><meta http-equiv="refresh" content="0; URL=http://goo.gl/HE5XVS"></noscript>
182.     </body>
183. </html>