Ability to track a person using HTML 5 WebRTC using your local IP. It allows for the discovery of every host on your local network.
This is obviously a huge privacy issue, and ‘Einar’ states this feature can at least make local exploitation easier for an attacker.
Also, HTML and JS script are executed by the browser as a”sandbox” designed to be isolated from the rest of the computer. However bugs may exist. WebRTC API needs to access physical devices which will provide real-time media information (and files):
Web pages access to users camera and microphone without permissions.
Einar Otto Stangvik – Thoughts on Matters
Test Page that will find your local ip addresses, using HTML5 WebRTC, and then use that info to probe for other live hosts on your lan(s).
The script on this page will attempt to find your local ip addresses, using HTML5 WebRTC, and then use that info to probe for other live hosts on your lan(s).
It can be used as a fingerprinting technique.
Also if a rogue script can exploit an XSS vulnerability, it’s likely in a lot of cases the user has not set a password on the router’s LAN admin interface.So, the script can run through a short list of guesses, get lucky, and poke a hole in the user’s firewall from the inside.