Back to overview

One Leak is Enough to Expose Them All --- From a WebRTC IP Leak to Web-based Network Scanning

Type of publication Peer-reviewed
Publikationsform Proceedings (peer-reviewed)
Author Hazhirpasand Mohammadreza, Ghafari Mohammad,
Project Agile Software Analysis
Show all

Proceedings (peer-reviewed)

Page(s) 61 - 76
Title of proceedings International Symposium on Engineering Secure Software and Systems (ESSoS 2018)
DOI 10.1007/978-3-319-94496-8_5

Open Access

Type of Open Access Website


WebRTC provides browsers and mobile apps with rich realtime communications capabilities, without the need for further software components. Recently, however, it has been shown that WebRTC can be triggered to fingerprint a web visitor, which may compromise the user's privacy. We evaluate the feasibility of exploiting a WebRTC IP leak to scan a user's private network ports and IP addresses from outside their local network. We propose a web-based network scanner that is both browser- and network-independent, and performs nearly as well as system-based scanners. We experiment with various popular mobile and desktop browsers on several platforms and show that adversaries not only can exploit WebRTC to identify the real user identity behind a web request, but also can retrieve sensitive information about the user's network infrastructure. We discuss the potential security and privacy consequences of this issue and present a browser extension that we developed to inform the user about the prospect of suspicious activities.