Skip to content

Leaks - DNS & Network Leak Tester

Source: extern/leaks/README.md Last updated: 2024-10

A modern, production-ready DNS and network leak detection tool built with React, TypeScript, and Express.

Features

Current (MVP)

  • DNS Leak Detection - Tests DNS-over-HTTPS endpoints and verifies leaks server-side
  • WebRTC IP Leak Detection - Detects both IPv4 and IPv6 address leaks
  • Backend Verification - Unique token-based system to truly verify DNS leaks
  • CORS Proxy - Solves CORS issues with external DNS/IP services
  • Modern UI - React + TypeScript + Tailwind CSS
  • Real-time Results - Live status indicators and detailed result displays

Architecture

Backend (Express + TypeScript)

  • Session Management - Creates unique test sessions with token-based verification
  • DNS Leak Verification - Generates unique tokens and logs which ones are resolved
  • CORS Proxy - Proxies requests to external services to avoid CORS issues
  • RESTful API - Clean API design with proper error handling

Frontend (React + TypeScript + Vite)

  • Component-Based - Modular, reusable components
  • State Management - Zustand for lightweight, fast state management
  • Type-Safe - Shared types between client and server
  • Responsive - Works on desktop and mobile

Project Structure

leaks/
├── client/              # React frontend
│   ├── src/
│   │   ├── components/  # React components
│   │   │   ├── tests/   # Test card components
│   │   │   ├── layout/  # Header, Summary, Controls
│   │   │   └── ui/      # Reusable UI components
│   │   ├── lib/         # API client, test logic
│   │   │   └── tests/   # Individual test implementations
│   │   ├── stores/      # Zustand state management
│   │   └── types/       # TypeScript types
│   └── package.json
├── server/              # Express backend
│   ├── src/
│   │   ├── routes/      # API endpoints
│   │   ├── services/    # Business logic
│   │   └── index.ts     # Server entry point
│   └── package.json
├── shared/              # Shared types
│   └── types/
└── public/              # Original HTML prototype

How DNS Leak Detection Works

  1. Backend generates unique tokens when you start a test session
  2. Frontend makes DNS requests to various DoH providers
  3. Frontend triggers image requests to http://localhost:4000/api/leak/{token}
  4. Backend logs which tokens were actually received
  5. Comparison - If backend received tokens that shouldn't have been resolved, there's a DNS leak

This is the only reliable way to detect DNS leaks - you need a server component to verify what actually got resolved.

API Endpoints

Test Session

  • POST /api/test/start - Start new test session, get tokens
  • GET /api/test/:sessionId/status - Get session status
  • GET /api/test/:sessionId/results - Get verified leak results

Proxies

  • POST /api/proxy/dns - Proxy DNS-over-HTTPS requests
  • POST /api/proxy/ip - Proxy IP detection requests
  • POST /api/proxy/fetch - General purpose proxy

Leak Canary

  • GET /api/leak/:token - DNS leak canary endpoint

Security Notes

This tool is for: - Testing your own VPN/proxy configuration - Privacy research and education - Security auditing with authorization

Not for: - Malicious fingerprinting - Tracking users without consent - Circumventing security controls