# How to install Tampermonkey and a script for debugging WebRTC ## Installing Tampermonkey To run user scripts in Chrome, it is convenient to use the extension **Tampermonkey**. Go to the Chrome Web Store and install the extension: {% embed url="" %} After installation, click the extensions icon in the top right and pin it **Tampermonkey**. {% hint style="info" %} The extension is only needed to run the script in the browser. By itself, it does not eliminate WebRTC leaks. {% endhint %} ## How to add the script manually For this guide, use the script from the Gist: * [WebRTC debug script](https://gist.github.com/Kr1tos/26585898c08e5222d5edc3d6fad546be) {% stepper %} {% step %} **Open the Gist with the script** Follow the Gist link. Open the file with the script and copy its entire contents. {% endstep %} {% step %} **Create a new script in Tampermonkey** Click the icon **Tampermonkey** and select **Create a new script**. Delete the default template that opens in the editor. {% endstep %} {% step %} **Paste the script code** Paste the copied code from the Gist into the Tampermonkey editor. Save the changes with the keyboard shortcut **Ctrl + S** or the button **File → Save**. {% endstep %} {% step %} **Check that the script is enabled** Make sure the new script appears in the Tampermonkey list and is in the status **Enabled**. {% endstep %} {% endstepper %} ## How to check that the script is working 1. Make sure the switch for the script is enabled. 2. Refresh the desired page. 3. Open DevTools via **F12**. 4. Go to the **Console**. 5. It is convenient to filter output by tags `\[TM]`, `\[WebRTC]` and `\[NET]`. ### What logs should appear Right after the script starts, service messages usually appear: ``` [TM] Network hooks installed [TM] WebRTC hook installed ``` If the page creates `RTCPeerConnection`, WebRTC logs will appear in the console: ``` [WebRTC] created config: { iceServers: [...] } ICE servers: [...] ``` During candidate gathering, local and remote candidates will be visible: ``` [WebRTC] local candidate raw: candidate:... [WebRTC] local candidate parsed: { ip: "192.168.1.10", port: "52344", type: "host" } [WebRTC] remote candidate raw: candidate:... [WebRTC] remote candidate parsed: { ip: "185.123.45.67", port: "3478", type: "srflx" } ``` If the connection reaches route selection, the script will show the final path: ``` [WebRTC] SELECTED PATH (connectionstatechange) candidate-pair: { ... } local-candidate: { ip: "10.0.0.2", port: 54012, protocol: "udp", candidateType: "host" } remote-candidate: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" } [WebRTC] REAL REMOTE ENDPOINT: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" } ``` If the site sends WebRTC data via `fetch`, `xhr`, `WebSocket` or `sendBeacon`, the script will show that too: ``` [NET][fetch] https://site.example/api [NET] SDP detected v=0 o=- 46117317 2 IN IP4 127.0.0.1 ... [NET][ws] wss://site.example/socket [NET] ICE detected {"candidate":"candidate:...","sdpMid":"0","sdpMLineIndex":0} ``` ### What to look at first * `\[TM] WebRTC hook installed` — the script loaded successfully. * `\[WebRTC] created` — the page actually created a WebRTC connection. * `\[WebRTC] local candidate parsed` — the local candidate is visible. * `\[WebRTC] remote candidate parsed` — the remote candidate is visible. * `\[WebRTC] REAL REMOTE ENDPOINT` — the most useful log. It shows the final remote endpoint chosen by WebRTC. ### If there are few logs This script adds two manual commands to the console: ```javascript __dumpAllWebRTCSelectedPaths() __dumpAllWebRTCStats() ``` The first command reprints the selected paths. The second shows a full snapshot of `candidate-pair`, `local-candidate`, `remote-candidate` and `transport`. ## Useful to check after installation After starting the script, you can check WebRTC behavior using the services from the article [How to check for a WebRTC leak](https://docs.proxyshard.com/eng/our-products/about-udp/webrtc-leak-check-tools). If you want to understand the mechanism of the leak itself, see the article [How a leak through WebRTC works](https://docs.proxyshard.com/eng/our-products/about-udp/how-webrtc-leak-works).