通过webrtc-ip获取本地和外网IP地址
亿网Firefox 跟 Chrome支持WebRTC可以向STUN服务器请求,返回内外网IP,不同于XMLHttpRequest请求,STUN请求开发者工具当中看不到网络请求的。
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 | < ! DOCTYPE html > < html > < head > < meta http – equiv = “Content-Type” content = “text/html; charset=utf-8” > < / head > < body > < h4 > Demo for : < a href = “https://github.com/diafygi/webrtc-ips” > https : //github.com/diafygi/webrtc-ips < / a > < / h4 > < p > This demo secretly makes requests to STUN servers that can log your request . These requests do not show up in developer consoles and cannot be blocked by browser plugins ( AdBlock , Ghostery , etc . ) . < / p > < h4 > Your local IP addresses : < / h4 > < ul > < / ul > < h4 > Your public IP addresses : < / h4 > < ul > < / ul > < h4 > Your IPv6 addresses : < / h4 > < ul > < / ul > < iframe id = “iframe” sandbox = “allow-same-origin” style = “display: none” > < / iframe > <script> //get the IP addresses associated with an account function getIPs ( callback ) { var ip_dups = { } ; //compatibility for firefox and chrome var RTCPeerConnection = window . RTCPeerConnection || window . mozRTCPeerConnection || window . webkitRTCPeerConnection ; var useWebKit = ! ! window . webkitRTCPeerConnection ; //bypass naive webrtc blocking using an iframe if ( ! RTCPeerConnection ) { //NOTE: you need to have an iframe in the page right above the script tag // //<iframe id=”iframe” sandbox=”allow-same-origin” style=”display: none”></iframe> //<script>…getIPs called in here… // var win = iframe . contentWindow ; RTCPeerConnection = win . RTCPeerConnection || win . mozRTCPeerConnection || win . webkitRTCPeerConnection ; useWebKit = ! ! win . webkitRTCPeerConnection ; } //minimal requirements for data connection var mediaConstraints = { optional : [ { RtpDataChannels : true } ] } ; var servers = { iceServers : [ { urls : “stun:stun.services.mozilla.com” } ] } ; //construct a new RTCPeerConnection var pc = new RTCPeerConnection ( servers , mediaConstraints ) ; function handleCandidate ( candidate ) { //match just the IP address var ip_regex = / ( [ 0 – 9 ] { 1 , 3 } ( \ . [ 0 – 9 ] { 1 , 3 } ) { 3 } | [ a – f0 – 9 ] { 1 , 4 } ( : [ a – f0 – 9 ] { 1 , 4 } ) { 7 } ) / var ip_addr = ip_regex . exec ( candidate ) [ 1 ] ; //remove duplicates if ( ip_dups [ ip_addr ] === undefined ) callback ( ip_addr ) ; ip_dups [ ip_addr ] = true ; } //listen for candidate events pc . onicecandidate = function ( ice ) { //skip non-candidate events if ( ice . candidate ) handleCandidate ( ice . candidate . candidate ) ; } ; //create a bogus data channel pc . createDataChannel ( “” ) ; //create an offer sdp pc . createOffer ( function ( result ) { //trigger the stun server request pc . setLocalDescription ( result , function ( ) { } , function ( ) { } ) ; } , function ( ) { } ) ; //wait for a while to let everything done setTimeout ( function ( ) { //read candidate info from local description var lines = pc . localDescription . sdp . split ( ‘\n’ ) ; lines . forEach ( function ( line ) { if ( line . indexOf ( ‘a=candidate:’ ) === 0 ) handleCandidate ( line ) ; } ) ; } , 1000 ) ; } //insert IP addresses into the page getIPs ( function ( ip ) { var li = document . createElement ( “li” ) ; li . textContent = ip ; //local IPs if ( ip . match ( / ^ ( 192 \ . 168 \ . | 169 \ . 254 \ . | 10 \ . | 172 \ . ( 1 [ 6 – 9 ] | 2 \ d | 3 [ 01 ] ) ) / ) ) document . getElementsByTagName ( “ul” ) [ 0 ] . appendChild ( li ) ; //IPv6 addresses else if ( ip . match ( / ^ [ a – f0 – 9 ] { 1 , 4 } ( : [ a – f0 – 9 ] { 1 , 4 } ) { 7 } $ / ) ) document . getElementsByTagName ( “ul” ) [ 2 ] . appendChild ( li ) ; //assume the rest are public IPs else document . getElementsByTagName ( “ul” ) [ 1 ] . appendChild ( li ) ; } ) ; </script> < / body > < / html > |
不管你经过了多少次代理,不管你网络情况是如何的复杂,都能获取到你真实的出口IP地址的。只支持chrome和Firefox浏览器。
文章转载来自:trustauth.cn