Marco Pontello's Home Page
Questa pagina in italiano

(Last updated: 29/01/20)


LeakOut - Firewall outbound control tester

LeakOut is a simple tool to demonstrate how it's possibile, in certain situations, to circumvent the outbound control/filtering systems of personal firewalls.

Other tools that do a similar test, using various different techniques, are Tooleaky, LeakTest, FireHole, and others..

LeakOut doesn't use any especially exotic or refined technique. That's by design to demonstrate that the "sense of security" that come from an advertised active outbound filtering and/or application control/fingerprinting system is often just an illusion.

LeakOut just uses the default browser to access a specific URL (a page on this same site) to pass a bit of data appended to the URL. That's just for demonstration, and specifically: your user name, your machine's name, and the Windows's directory.

LeakOut should be able to accomplish its objective in these situations:

  • No firewall is present; or the firewall doesn't have any form of outbound filtering (e.g., old Windows XP's standard firewall) is the only one present.
  • A properly configured firewall with outbound filtering & application control active is installed but full access has been granted to the default browser (this is probably the case with the vast majority of PCs).
  • A properly configured firewall as above, but setup to 'Ask' every time even for the browser and authorization has been given to the browser at least once and the browser is still open. This should work if the browser is Firefox or Opera, for example, as they normally open a new URL in the same window & process that's already open.


    LeakOut v1.04, 10KB ZIP

    Change Log

    LeakOut v1.04 - 13/01/11:
    * Fixed some typos.

    LeakOut v1.03 - 03/02/05:
    * Fixed another little bug in the browser detection code.

    LeakOut v1.02 - 02/02/05:
    * Fixed default browser detection.

    LeakOut v1.00 - 01/02/05:
    - First version available.