JavaScript detection of LAN IP address

I have been using the following code to detect the LAN IP address of a client running some proprietary software (please no "you shouldn't do this", I didn't write the code).

function ip_local()
{
 var ip = false;
 window.RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection || false;

 if (window.RTCPeerConnection)
 {
  ip = [];
  var pc = new RTCPeerConnection({iceServers:[]}), noop = function(){};
  pc.createDataChannel('');
  pc.createOffer(pc.setLocalDescription.bind(pc), noop);

  pc.onicecandidate = function(event)
  {
   if (event && event.candidate && event.candidate.candidate)
   {
    var s = event.candidate.candidate.split('\n');
    ip.push(s[0].split(' ')[4]);
   }
  }
 }

 return ip;
}
ip_local();

Which is from another StackOverflow post, the code has been working fine for a year and a half up until this afternoon.

Where as my local ip seems to be detected as 153b3a68-e3fb-4451-9717-d9b3bc2b5c60.local instead of the usual 192.168.0.11.

Edit: If anyone cares, this issue is NOT bypassable and has to be done via a server side language, in my case I ended up using PHP as a temporary "bandaid" over the problem.

This is a problem for my app as it detects whether a local server is running on the host.. Which it cannot do if it cannot detect the LAN IP address.

Answers:

Answer

This is part of a new security standard, to prevent leakage of private IP addresses.

See also: https://tools.ietf.org/html/draft-ietf-rtcweb-mdns-ice-candidates-02

Summary:

As detailed in [IPHandling], exposing client private IP addresses by default maximizes the probability of successfully creating direct peer-to-peer connection between two clients, but creates a significant surface for user fingerprinting. [IPHandling] recognizes this issue, but also admits that there is no current solution to this problem; implementations that choose to use Mode 3 to address the privacy concerns often suffer from failing or suboptimal connections in WebRTC applications. This is particularly an issue on unmanaged networks, typically homes or small offices, where NAT loopback may not be supported.

This document proposes an overall solution to this problem by registering ephemeral mDNS names for each local private IP address, and then providing those names, rather than the IP addresses, to the web application when it gathers ICE candidates. WebRTC implementations resolve these names to IP addresses and perform ICE processing as usual, but the actual IP addresses are not exposed to the web application.

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us Javascript

©2020 All rights reserved.