I had holidays for a week and was Snowboarding in the mountains of Switzerland and enjoyed the sun but now I’m back and hey, there was much cool stuff going on this week and so I’ve to write at least one blog entry about one thing happened this week.

Once more Jeremiah Grossman wrote a very interesting short entry to his blog, this entry he called “Goodbye Applet, Hello NAT’ed IP Address” what’s exactly what he described there. He showed another then the well known way to get an internal IP address of a single machine in a LAN. The original way was to have a Java Applet like the one on reglos.de which shows a users internal IP address but now we have something “new”.

At this point shame on everyone including me who have to work with webapplication security all days and never had a closer look at pdp’s Atom Database at GNUCITIZEN. In this database, pdp already described exactly the same as we can read in Jeremiah’s Blog but thanks to both of them for bringing that stuff to the people because nobody can be aware of things he/she don’t know. So fact is that pdp already wrote something about that and so it’s not new.

So, now let’s have a look on what I mean with the title of this entry “Back to the LAN”. pdp and Jeremiah showed a way to get the internal IP of a machine without a Java Applet and here’s the code:

function getNetInfo() {
var sock = new java.net.Socket();
sock.bind(new java.net.InetSocketAddress('0.0.0.0', 0));
sock.connect(new java.net.InetSocketAddress(document.domain, (!document.location.port)?80:document.location.port));
return {domain: sock.getLocalAddress().getHostName(), ip: sock.getLocalAddress().getHostAddress()};
}

This Javascript uses the Java class java.net and so it can get the internal IP address of the connecting machine (works AFAIK only in Firefox and Opera).

This technique once more shows us how unprotected web technologies still are today and that the LAN is not completely cut off from the Internet and not secure itself.