If POST requests are being made to a website via a browser using an HTTP proxy f

Question

If POST requests are being made to a website via a browser using an HTTP proxy from sslproxies.org, is it possible to trace the origin of those AJAX requests without having access to the proxy being used? Assume the role of the webmaster here, and assume the proxy used is either 'Anonymous or Elite Proxy' as marked on sslproxies.org

As a security project I'm looking at seeing if it's possible for me, the webmaster, to trace POST requests made through an HTTP proxy. By trace I mean identify the original senders IP or specific information about them that I can get from their browser.

Explanation / Answer

There is currently a vulnerability in the WebRTC implementation of both Firefox on Windows and Chrome on Windows which reveals the original IP address of a client behind a proxy server or VPN.

In order to exploit this vulnerability, the client must download a javascript from the server of the attacker and execute it.

Keep in mind that this is a malicious exploit which might get the website flagged by security software and search engines as serving malware.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects