How to install Tampermonkey and a script for WebRTC debugging

Installing Tampermonkey in Chrome and adding a user script

Installing Tampermonkey

To run user scripts in Chrome it's convenient to use the extension Tampermonkey.

Go to the Chrome Web Store and install the extension:

Tampermonkey - Chrome Web Storechromewebstore.google.com

After installation click the extensions icon in the top right and pin Tampermonkey.

The extension is only needed to run the script in the browser. It does not itself prevent WebRTC leaks.

How to add a script manually

For this instruction use the script from the Gist:

Script for debugging WebRTC

Open the Gist with the script

Follow the link to the Gist.

Open the script file and copy its contents completely.

Create a new script in Tampermonkey

Click the icon Tampermonkey and choose Create a new script.

Delete the default template that opens in the editor.

Paste the script code

Paste the copied code from the Gist into the Tampermonkey editor.

Save changes with the shortcut Ctrl + S or with the button File → Save.

Check that the script is enabled

Make sure the new script appears in the Tampermonkey list and is in status Enabled.

How to check that the script is working

Make sure the switch for the script is turned on.
Refresh the page you need.
Open DevTools via F12.
Go to the Console.
It's convenient to filter output by tags \[TM], \[WebRTC] and \[NET].

Which logs should appear

Right after the script starts usually service messages appear:

[TM] Network hooks installed
[TM] WebRTC hook installed

If the page creates RTCPeerConnection, WebRTC logs will appear in the console:

[WebRTC] created
config: { iceServers: [...] }
ICE servers: [...]

During candidate gathering local and remote candidates will be visible:

[WebRTC] local candidate raw: candidate:...
[WebRTC] local candidate parsed: { ip: "192.168.1.10", port: "52344", type: "host" }

[WebRTC] remote candidate raw: candidate:...
[WebRTC] remote candidate parsed: { ip: "185.123.45.67", port: "3478", type: "srflx" }

If the connection reaches route selection, the script will show the final path:

[WebRTC] SELECTED PATH (connectionstatechange)
candidate-pair: { ... }
local-candidate: { ip: "10.0.0.2", port: 54012, protocol: "udp", candidateType: "host" }
remote-candidate: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }
[WebRTC] REAL REMOTE ENDPOINT: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }

If the site sends WebRTC data via fetch, xhr, WebSocket or sendBeacon, the script will show that too:

[NET][fetch] https://site.example/api
[NET] SDP detected
v=0
o=- 46117317 2 IN IP4 127.0.0.1
...

[NET][ws] wss://site.example/socket
[NET] ICE detected
{"candidate":"candidate:...","sdpMid":"0","sdpMLineIndex":0}

What to look at first

\[TM] WebRTC hook installed — the script loaded successfully.
\[WebRTC] created — the page actually created a WebRTC connection.
\[WebRTC] local candidate parsed — a local candidate is visible.
\[WebRTC] remote candidate parsed — a remote candidate is visible.
\[WebRTC] REAL REMOTE ENDPOINT — the most useful log. It shows the final remote endpoint chosen by WebRTC.

If there are few logs

This script adds two manual commands to the console:

__dumpAllWebRTCSelectedPaths()
__dumpAllWebRTCStats()

The first command reprints the selected paths.

The second shows a full snapshot of candidate-pair, local-candidate, remote-candidate and transport.

Useful to check after installation

After running the script you can check WebRTC behavior using the services from the article Where you can check for a WebRTC leak.

If you want to understand the leakage mechanism itself, see the article How a leak through WebRTC works.

PreviousAbout the UDP protocol NextHow a leak through WebRTC works

Last updated 2 days ago

Was this helpful?

hashtagInstalling Tampermonkey

hashtagHow to add a script manually

hashtagOpen the Gist with the script

hashtagCreate a new script in Tampermonkey

hashtagPaste the script code

hashtagCheck that the script is enabled

hashtagHow to check that the script is working

hashtagWhich logs should appear

hashtagWhat to look at first

hashtagIf there are few logs

hashtagUseful to check after installation