How to install Tampermonkey and a script for WebRTC debugging

Installing Tampermonkey in Chrome and adding a custom script

Installing Tampermonkey

To run user scripts in Chrome, it is convenient to use the extension Tampermonkey.

Go to the Chrome Web Store and install the extension:

Tampermonkey - Chrome Web Storechromewebstore.google.com

After installation, click the extensions icon in the top right and pin it Tampermonkey.

The extension is only needed to run the script in the browser. By itself, it does not eliminate WebRTC leaks.

How to add the script manually

For this guide, use the script from the Gist:

WebRTC debug script

Open the Gist with the script

Follow the Gist link.

Open the file with the script and copy its entire contents.

Create a new script in Tampermonkey

Click the icon Tampermonkey and select Create a new script.

Delete the default template that opens in the editor.

Paste the script code

Paste the copied code from the Gist into the Tampermonkey editor.

Save the changes with the keyboard shortcut Ctrl + S or the button File → Save.

Check that the script is enabled

Make sure the new script appears in the Tampermonkey list and is in the status Enabled.

How to check that the script is working

Make sure the switch for the script is enabled.
Refresh the desired page.
Open DevTools via F12.
Go to the Console.
It is convenient to filter output by tags \[TM], \[WebRTC] and \[NET].

What logs should appear

Right after the script starts, service messages usually appear:

[TM] Network hooks installed
[TM] WebRTC hook installed

If the page creates RTCPeerConnection, WebRTC logs will appear in the console:

[WebRTC] created
config: { iceServers: [...] }
ICE servers: [...]

During candidate gathering, local and remote candidates will be visible:

[WebRTC] local candidate raw: candidate:...
[WebRTC] local candidate parsed: { ip: "192.168.1.10", port: "52344", type: "host" }

[WebRTC] remote candidate raw: candidate:...
[WebRTC] remote candidate parsed: { ip: "185.123.45.67", port: "3478", type: "srflx" }

If the connection reaches route selection, the script will show the final path:

[WebRTC] SELECTED PATH (connectionstatechange)
candidate-pair: { ... }
local-candidate: { ip: "10.0.0.2", port: 54012, protocol: "udp", candidateType: "host" }
remote-candidate: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }
[WebRTC] REAL REMOTE ENDPOINT: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }

If the site sends WebRTC data via fetch, xhr, WebSocket or sendBeacon, the script will show that too:

[NET][fetch] https://site.example/api
[NET] SDP detected
v=0
o=- 46117317 2 IN IP4 127.0.0.1
...

[NET][ws] wss://site.example/socket
[NET] ICE detected
{"candidate":"candidate:...","sdpMid":"0","sdpMLineIndex":0}

What to look at first

\[TM] WebRTC hook installed — the script loaded successfully.
\[WebRTC] created — the page actually created a WebRTC connection.
\[WebRTC] local candidate parsed — the local candidate is visible.
\[WebRTC] remote candidate parsed — the remote candidate is visible.
\[WebRTC] REAL REMOTE ENDPOINT — the most useful log. It shows the final remote endpoint chosen by WebRTC.

If there are few logs

This script adds two manual commands to the console:

__dumpAllWebRTCSelectedPaths()
__dumpAllWebRTCStats()

The first command reprints the selected paths.

The second shows a full snapshot of candidate-pair, local-candidate, remote-candidate and transport.

Useful to check after installation

After starting the script, you can check WebRTC behavior using the services from the article How to check for a WebRTC leak.

If you want to understand the mechanism of the leak itself, see the article How a leak through WebRTC works.

PreviousAbout the UDP protocol NextHow WebRTC leaks work

Last updated 2 hours ago

Was this helpful?

hashtagInstalling Tampermonkey

hashtagHow to add the script manually

hashtagHow to check that the script is working

hashtagWhat logs should appear

hashtagWhat to look at first

hashtagIf there are few logs

hashtagUseful to check after installation