How to install Tampermonkey and a script for WebRTC debugging

Installing Tampermonkey in Chrome and adding a custom script

Installing Tampermonkey

To run user scripts in Chrome, it is convenient to use the extension Tampermonkey.

Go to the Chrome Web Store and install the extension:

Tampermonkey - Chrome Web Storechromewebstore.google.com

After installation, click the extensions icon in the top right and pin it Tampermonkey.

The extension is only needed to run the script in the browser. By itself, it does not eliminate WebRTC leaks.

How to add a script manually

For this guide, use the script from the Gist:

WebRTC debug script

Open the Gist with the script

Follow the link to the Gist.

Open the file with the script and copy its contents in full.

Create a new script in Tampermonkey

Click the icon Tampermonkey and select Create a new script.

Delete the default template that opens in the editor.

Paste the script code

Paste the copied code from the Gist into the Tampermonkey editor.

Save the changes with the keyboard shortcut Ctrl + S or the button File → Save.

Check that the script is enabled

Make sure the new script appears in the Tampermonkey list and has the status Enabled.

How to check that the script is working

Make sure the toggle for the script is enabled.
Refresh the required page.
Open DevTools with F12.
Go to the Console.
It is convenient to filter the output by labels \[TM], \[WebRTC] and \[NET].

What logs should appear

Immediately after the script starts, service messages usually appear:

[TM] Network hooks installed
[TM] WebRTC hook installed

If the page creates RTCPeerConnection, WebRTC logs will appear in the console:

[WebRTC] created
config: { iceServers: [...] }
ICE servers: [...]

During candidate gathering, local and remote candidates will be visible:

[WebRTC] local candidate raw: candidate:...
[WebRTC] local candidate parsed: { ip: "192.168.1.10", port: "52344", type: "host" }

[WebRTC] remote candidate raw: candidate:...
[WebRTC] remote candidate parsed: { ip: "185.123.45.67", port: "3478", type: "srflx" }

If the connection reached route selection, the script will show the final path:

[WebRTC] SELECTED PATH (connectionstatechange)
candidate-pair: { ... }
local-candidate: { ip: "10.0.0.2", port: 54012, protocol: "udp", candidateType: "host" }
remote-candidate: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }
[WebRTC] REAL REMOTE ENDPOINT: { ip: "185.123.45.67", port: 3478, protocol: "udp", candidateType: "srflx" }

If the site sends WebRTC data through fetch, xhr, WebSocket or sendBeacon, the script will show that too:

[NET][fetch] https://site.example/api
[NET] SDP detected
v=0
o=- 46117317 2 IN IP4 127.0.0.1
...

[NET][ws] wss://site.example/socket
[NET] ICE detected
{"candidate":"candidate:...","sdpMid":"0","sdpMLineIndex":0}

What to look at first

\[TM] WebRTC hook installed — the script loaded successfully.
\[WebRTC] created — the page actually created a WebRTC connection.
\[WebRTC] local candidate parsed — the local candidate is visible.
\[WebRTC] remote candidate parsed — the remote candidate is visible.
\[WebRTC] REAL REMOTE ENDPOINT — the most useful log. It shows the final remote endpoint chosen by WebRTC.

If there are few logs

This script adds two manual commands to the console:

__dumpAllWebRTCSelectedPaths()
__dumpAllWebRTCStats()

The first command reprints the selected paths.

The second shows a full snapshot of candidate-pair, local-candidate, remote-candidate and transport.

Useful to check after installation

After launching the script, you can check WebRTC behavior through the services from the article How to check for a WebRTC leak.

If you want to understand the leak mechanism itself, see the article How a leak through WebRTC works.

PreviousAbout the UDP protocol NextHow a leak through WebRTC works

Last updated 7 days ago

Was this helpful?

hashtagInstalling Tampermonkey

hashtagHow to add a script manually

hashtagHow to check that the script is working

hashtagWhat logs should appear

hashtagWhat to look at first

hashtagIf there are few logs

hashtagUseful to check after installation