通过web获取客户端的内网ip地址

在线查询ip地址时，发现该网站竟然可以显示我的内网ip地址。

特意在电脑上查了一下内网的ip地址，竟然准确无误。

gg到了代码。测试可以正常获取用户内外ip地址。

即使你挂上proxy也可以正确获取到内网ip地址。

代码如下:

代码中的ipv4地址可以调用第三方接口。

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112

<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <h4> Demo for: <a href="https://github.com/diafygi/webrtc-ips"> https://github.com/diafygi/webrtc-ips </a> </h4> <p> This demo secretly makes requests to STUN servers that can log your request. These requests do not show up in developer consoles and cannot be blocked by browser plugins (AdBlock, Ghostery, etc.). </p> <h4>Your local IP addresses:</h4> <ul></ul> <h4>Your public IP addresses:</h4> <ul></ul> <script> //get the IP addresses associated with an account function getIPs(callback){ var ip_dups = {}; //compatibility for firefox and chrome var RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection; var useWebKit = !!window.webkitRTCPeerConnection; //bypass naive webrtc blocking if(!RTCPeerConnection){ //create an iframe node var iframe = document.createElement('iframe'); iframe.style.display = 'none'; //invalidate content script iframe.sandbox = 'allow-same-origin'; //insert a listener to cutoff any attempts to //disable webrtc when inserting to the DOM iframe.addEventListener("DOMNodeInserted", function(e){ e.stopPropagation(); }, false); iframe.addEventListener("DOMNodeInsertedIntoDocument", function(e){ e.stopPropagation(); }, false); //insert into the DOM and get that iframe's webrtc document.body.appendChild(iframe); var win = iframe.contentWindow; RTCPeerConnection = win.RTCPeerConnection || win.mozRTCPeerConnection || win.webkitRTCPeerConnection; useWebKit = !!win.webkitRTCPeerConnection; } //minimal requirements for data connection var mediaConstraints = { optional: [{RtpDataChannels: true}] }; //firefox already has a default stun server in about:config // media.peerconnection.default_iceservers = // [{"url": "stun:stun.services.mozilla.com"}] var servers = undefined; //add same stun server for chrome if(useWebKit) servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]}; //construct a new RTCPeerConnection var pc = new RTCPeerConnection(servers, mediaConstraints); function handleCandidate(candidate){ //match just the IP address var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/ var ip_addr = ip_regex.exec(candidate)[1]; //remove duplicates if(ip_dups[ip_addr] === undefined) callback(ip_addr); ip_dups[ip_addr] = true; } //listen for candidate events pc.onicecandidate = function(ice){ //skip non-candidate events if(ice.candidate) handleCandidate(ice.candidate.candidate); }; //create a bogus data channel pc.createDataChannel(""); //create an offer sdp pc.createOffer(function(result){ //trigger the stun server request pc.setLocalDescription(result, function(){}, function(){}); }, function(){}); //wait for a while to let everything done setTimeout(function(){ //read candidate info from local description var lines = pc.localDescription.sdp.split('\n'); lines.forEach(function(line){ if(line.indexOf('a=candidate:') === 0) handleCandidate(line); }); }, 1000); } //insert IP addresses into the page getIPs(function(ip){ var li = document.createElement("li"); li.textContent = ip; //local IPs if (ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/)) document.getElementsByTagName("ul")[0].appendChild(li); //assume the rest are public IPs else document.getElementsByTagName("ul")[1].appendChild(li); }); </script> </body> </html>

原文：https://blog.csdn.net/u013332124/article/details/46928479