One Leak Is Enough to Expose Them All From a WebRTC IP Leak to Web-Based Network Scanning

• Published in: Engineering Secure Software and Systems pp. 61 - 76
• Main Authors: Hazhirpasand, Mohammadreza, Ghafari, Mohammad
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing 20.06.2018
• Series: Lecture Notes in Computer Science
• Subjects: Browser security; IP leak; Web-based network scanner
• ISBN: 3319944959; 9783319944951
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-94496-8_5

WebRTC provides browsers and mobile apps with rich real-time communications capabilities, without the need for further software components. Recently, however, it has been shown that WebRTC can be triggered to fingerprint a web visitor, which may compromise the user’s privacy. We evaluate the feasibility of exploiting a WebRTC IP leak to scan a user’s private network ports and IP addresses from outside their local network. We propose a web-based network scanner that is both browser- and network-independent, and performs nearly as well as system-based scanners. We experiment with various popular mobile and desktop browsers on several platforms and show that adversaries not only can exploit WebRTC to identify the real user identity behind a web request, but also can retrieve sensitive information about the user’s network infrastructure. We discuss the potential security and privacy consequences of this issue and present a browser extension that we developed to inform the user about the prospect of suspicious activities.