Private BitTorrent Trackers Vulnerable To Anonymous Leechers
Written by enigmax on September 07, 2007Since the birth of restrictions, there’s always been someone ready to set-free. BitTorrent set media free and then for a multitude of reasons, private torrent trackers restricted it. It appears that a group of people have published a method to allow non-members to leech private trackers for free. But at what cost?
A private tracker is a site which tracks/indexes torrents in the same way that a public one does but requires the user to become a registered member first. Depending on a site’s popularity and growth strategy, the work involved in becoming a member can range from ‘easy’, right up to ‘almost impossible’ – there are even tools available to automate the task and sites to trade invitations.
Why would anyone bother accessing a private site when you can get great stuff from PirateBay or Mininova? Most users cite better download speeds, great timing and availability of content while others believe they have better security. Most private trackers require that the user maintains a good ‘ratio’ – i.e he uploads back to the community the amount of data that he took. Because this behavior is monitored and enforced by a range of punishments, the user tends to seed more to avoid them. The ultimate punishment for not sharing is banning, which means the member can no longer access the content indexed within, well – that’s usually the case.
Information has been published showing a method for non-members to access and download stuff from private sites, using the (optional) Azureus Peer Injector plug-in and lists of peers (BitTorrent users IP addresses and ports they use) harvested from well known private trackers. Usually it’s the tracker on a site that decides if you can join the swarm or not (while recording your stats/ratio) but by using this method it’s theoretically possible to enter the swarm of a particular torrent without ever connecting to the tracker. The theory says that as long as you can access a .torrent file originating from the site (via a torrent dump site such as mininova, a friend or the site’s unprotected RSS feed for example) plus an accurate and up to date peerlist, you can download without being a member, ratio-free.
However useful this might sound to some, there is a cost. For the method to work, the group needs to harvest user’s IP addresses from each tracker they wish to exploit and make them available for people to download. They appear to have already compromised the privacy of users of TorrentLeech and SceneTorrents by publishing their IP addresses in a peerlist, at the same time claiming the method improves the individual’s privacy.
Its common on P2P forums for people to debate the benefits and drawbacks of public and private sites. Some feel private sites restrict, while others understand that a site’s growth sometimes needs to be artificially limited due to technical, staffing or budget issues. Some feel it’s wrong to ring-fence the available media and that it should really be ’set-free’ while others feel that it’s neat being a member at a fast tracker with great image and they’re quite happy at being part of an ‘exclusive’ club.
In any event, I guess both parties are on roughly the same side in the end and they would likely agree – although of limited use on their own, the user’s IPs on sites like TorrentLeech, SceneTorrents and any other tracker should definitely be kept as private as possible, even if others believe the torrents shouldn’t be.
Previously: The Pirate Bay Won’t Bow Down to “Weak” US Government
Next: Convicted BitTorrent Admin Fights for his Right to Use Linux
65 Responses
I’m a member of quite a few private sites, and while they ARE handy to have, if you want something quick…it can be a pain to keep your ratio healthy. And a lot of mods at these sites are power-crazed little Hitlers…I’m sure you’ve all experienced the mod who thinks he’s so 1337, and flames users and if you say a word back you’re booted…! Demonoid is the No.1 site imho…and EASY to get invites to, and the mods are all sensible. They have all you need
Okay, what the fuck is up with these ads? I’m hearing sound in the background, and my browser won’t allow me to go back because the advertisements are loading a whole fucking page in a frame inside this page.
edit Ernesto: Someone abused ad space we offered, issue is resolved now, clean as usual. Sorry for the inconvenience it might have caused, I didn’t notice anything unusual myself. If any of you guys notice something like this in the future contact us asap please.
that’s it. i’m removing this from my bookmarks. if you guys are going to shuve crappy advertising down our throats like this then you’re basically hypocrites.
edit Ernesto: Someone abused ad space we offered, issue is resolved now, clean as usual. Sorry for the inconvenience it might have caused, I didn’t notice anything unusual myself. If any of you guys notice something like this in the future contact us asap please.
Of course, it’s also important to mention that this isn’t just limited to Azureus – µTorrent has ‘add peer’ built in.
No need for hostility… Just get informed….!!!
I guess you never heard of a little program call Ad Blocker plus …. huh ….hehehe on more word… ((SWeeT))
@ad worrier: i don’t hear any sounds or see any strange ads and i use internet explorer 6 :\
lol yah you guys need adblock or something, I don’t see a thing.
This Peer Injector thing ticks me off… I spent all summer uploading to up my ratio in preparation for the school year, and now some loser is going to leech whatever he wants off of me. Screw that.
There is also no adverts for me, and I am a long time opera user.
Dave – Why the special prep for school – mostly they have faster connections, although the policies are getting tougher.
[quote comment="160600"]I’m a member of quite a few private sites, and while they ARE handy to have, if you want something quick…it can be a pain to keep your ratio healthy. And a lot of mods at these sites are power-crazed little Hitlers…I’m sure you’ve all experienced the mod who thinks he’s so 1337, and flames users and if you say a word back you’re booted…! Demonoid is the No.1 site imho…and EASY to get invites to, and the mods are all sensible. They have all you need[/quote]
It’s easy as pie to keep a good ratio. I dunno what you’re tlaking about.
Openly making available lists of active IP’s and ports being used for filesharing is completely fkin retarded. Any idiot knows that private sites are not any “safer” than a public one, but this is doing half of the **AA’s job for them. Congrats to the cheating Romanian fuckwits that dreamed this up. Arsehole of the year award goes to you.
Demonoid.com for life.
[quote comment="160665"]
It’s easy as pie to keep a good ratio. I dunno what you’re tlaking about.[/quote]
No it isn’t! Not if say your upload speed is a 10th of your download speed.
IMHO, your ratio should only be as good as your download:upload speed ratio, but private trackers will never work like that.
no sounds here, long time FF user here.
Well, the IPs itself are nothing too interesting/worrying. Still this is quite bad.
I guess the clients that allow peers “from the wild” will have an option not to accept any connections not negotiated via the tracker itself in no time. Shouldn’t be too hard. Actually this should be default and “opening” for other peers should be only an option.
[quote comment="160611"]Okay, what the fuck is up with these ads?
[/quote]
[quote comment="160613"]if you guys are going to shuve crappy advertising down our throats like this then you’re basically hypocrites.[/quote]
Someone abused ad space we offered, issue is resolved now, clean as usual. Sorry for the inconvenience it might have caused, I didn’t notice anything unusual myself. If any of you guys notice something like this in the future contact us asap please.
What are you doing linking to this site, are you saying this a good thing and thus giving people the links so they can do THIS ?
pretty low…
@newb
The information is out there regardless of weather torrentfreak links to them or not. You can just google for this and there are 10 websites that pop up on the first page that tell you all about it.
If people are going to cheat they are going to cheat regardless of what others say or do.
Man, it takes some people a long time to catch up.
I built a proof of concept over 18 months ago for exactly this type of attack, only there’s no need to allow plain text downloading of IPs or use a peer injector plug in.
It even works with every single client out there.
This is as old as the protocol itself, and az already has code to protect users from being swamped by external connections. It just needs finalizing, if any private tracker admins with more time than myself would like to volunteer to help out.
“Why would anyone bother accessing a private site when you can get great stuff from PirateBay or Mininova?”
Because, there’s a LOT of stuff I can’t find on public trackers for I live in Québec.
This article contains little news.
Yes bittorrent is in theory impossible to close down completely.
However note that some private peers will monitor their leeches once they notice their ratio doesn’t improve, compare them to the tracker’s list, and subsequently ban or snub those ips that dont occur in both places on their clients.
I prefer private sites just cause of the community. Most of them take care of each other and don’t allow crap to be put into the area.
Example: I taught my cousin how to use BT finally and showed him a handful of sites to get stuff from. He tries to get Evan Almighty from MiniNova, and instead it’s a sweedish porn flick.
Now I’ve got nothing against porn :), but on most private sites they would have that file removed from the tracker, or change the label on it.
I guess the point I’m making is I like the upkeep of private over public.
People complaining about commercials:
Do block addservers in a DNS nullzone.
It will save you from being passively probed by for profit organisations
10 – 20 thousand times per host per month.
What ads? Don’t anyone here know Adblock?
What’s the point of having private trackers if IP numbers are being published on public sites?
I don’t care I live in Canada lol.
I can go at the police station and say i’m a pirate they wont arrest me!
This is an excellent hack, currently poorly implemented (but quite able to be improved).
It works on the assumption that a substantive number of the IP addresses that they’ve been able to capture will be sharing the file that you want.
Right now, they have
* SceneTorrents – ~180 clients
* TorrentLeech – ~500 clients
This sample is too small to be effective, and they appear to be manually collected and updated. The sample collection depends on an insider leaking the information.
The lists provided are not in a useful format. You can’t use these lists, as-is, with Azureus’ Peer Injector nor with the Add Peer feature of uTorrent.
The hack works because each peer in the list will be contacted, and a request for a hashid will be performed. The client will either continue the handshake (if the hashid matches an active download for the client) or drop the connection (if the client is not active in that download).
As not all peers on a private system participate in all swarms, someone trying to use this hack is likely to get a only few peers for their desired download. Overall the download will be slow.
Immediate defenses:
1. The BitTorrent protocol is a Tit-for-Tat protocol that rewards good sharers with faster downloads. Someone using this hack is a cheater, and is unlikely a good sharer, but must use the BitTorrent protocol. Ironically as a result, they’ve just cheated their way into a poor-performing download due to the protocol involved.
2. About once or twice a day, change your incoming port. This will invalidate the information on the collected lists.
There are simple defenses that are possible for both clients and trackers. At the moment, the cost of coding (and debugging) these outweigh the low risk presented by this hack. But if this hack takes off, I’ll be happy to discuss these.
On my bandwidth Mininova and Demonoid are all I’ll ever need. I max out at 250 KB/s on a good day. 20 KB/s upload. I usually feel piggish with ratios around .33 and such. But, my horrible ISP must really feel piggish with there $65 a month internet. I guess I am lucky just to be able to upload.
[quote comment="161410"]This is an excellent hack, currently poorly implemented (but quite able to be improved).[/quote]
I’d disagree with calling it a hack.
Although it may require extra code on the client to implement this way, a better implementation requires no kludges to make it work and works with all clients.
Everything being exploited is well within the protocol specs for client-client communications.
It is definately implemented poorly though, but the implementation may have more to do with the level of risk than anything else.
Posting a list of IPs isn’t likely to land you in court for any copyright infringement (as the main defendant or for secondary infringement) whereas tying a regularly updated list of IPs to a torrent hash may (it is how trackers operate afterall).
[quote comment="161410"]There are simple defenses that are possible for both clients and trackers.[/quote]
These forms of attack can only be stopped at the tracker end with an extension or change to the protocol.
Prevention would require a way for clients to check each incoming peer, either by communicating back with the tracker or by some other means.
Simply dropping all incoming peers until they’ve been seen on an announce return will slow down start of a torrent massively. Requiring a request back to the tracker for each peer requires more sockets open on the webserver and a lot more work for the tracker.
Selecting 200 peers from the database or file in one go is fairly light in processing. Opening the database or file 200 times and selecting one peer each time is not.
The coding on this one is extremely simple, the consequences to the trackers load and bandwidth consumption are not.
A less intensive way to prevent these attacks is to allow clients to verify themselves, using signed certificates whereby the tracker would sign a string consisting of peer_id/port/IP with a private key, allowing decryption and verification by the other peers using a public key. This one isn’t all that hard to implement if using a library such as openssl.
Either way requires all peers to use the new rules, and it isn’t that simple getting all clients to accept the changes and getting all private trackers on board.
BTW, if funchords is Robb, why did you select different bitcomet versions for “proving” it doesn’t behave as claimed? That methodology is flawed. If you want to claim something is false based on 0.90, then why not also give the results 0.7 or 0.6 as you do in other areas?
Not giving a complete picture suggests you knew what conclusions you wanted to arrive at and arrived at those conclusions any way you could, making your “study” completely worthless.
Your analysis of how superseeding works is correct, superseeds require a HAVE message from any other peer.
However, you decided not to test how BC reacts when it is that other peer and claimed it was false anyway.
TheShad0w was first to implement superseeding, and also the one who banned BC clients from connecting to bittornado, he actually studied how BC behaved with superseeds.
You also seem to forget that peers do not know superseeds as seeds, but as other peers. Superseeds do not allow other peers to know they have the complete torrent, so withholding HAVE messages from seeds is irrelevant.
If you haven’t the time to test all the versions, then don’t push a half complete study as if it’s irrefutable fact.
i prefer downloading off private sites also, granted i gotta seed what i dl but, when private sites you don’t get ppl uploading total bs on purpose or a virus infest p.o.s. I get my max dl speed and get it done. the restricted growth, is what they would call a nessicary evil, cause you can’t just set limit to 0 and let everyone on. Then you get the leechers that cap their upload to 1-2KB/sec and slow the torrent down and the site cause it can’t handle it. sometimes its hard to tell a friend you can’t get them on the site cause the user cap but they usally understand.
> BTW, if funchords is Robb, why did
> you select different bitcomet
> versions for “proving” it doesn’t
> behave as claimed?
This is off-topic here, but I’ll be happy to respond in some place that is appropriate. Start a thread somewhere and invite me to it.
robb (at sign) funchords (dot) com
dont no if this is the right place to put this i no a site http://www.phoenix-pt.org. its a cool site with some of the most well none staff there is.thay got 3000+ users but need peeps who can help upload or just peeps who will download ne thing off there i no this coz i am on there all the time . there forums are cool and if not ne thing else just look at the way thay have moded the bt code there site looks cool and never seen a site like it be for
@funchords: Not a member of any places were this sort of thing would be discussed that is open to invites.
No worries though, I just discovered versions 0.89 and 0.93 (yet to test 0.90-0.92) send back information on what you are downloading (info_hash and size), regardless of claims made in the privacy policy.
This is more bad news for BC users, on private or public trackers.
grim reaper sounds like the biggest fag in the universe
sparrows spreader digitized enlarge!Hawkins.Mercedes provider..
burglarizing relativistic asphalt elbowing cultured!individual terrestrials.meteoric?
Fujitsu nonbiodegradable arrangers.bigot endowment torturer!anatomically .
[quote comment="160699"][quote comment="160665"]
It’s easy as pie to keep a good ratio. I dunno what you’re tlaking about.[/quote]
No it isn’t! Not if say your upload speed is a 10th of your download speed.
IMHO, your ratio should only be as good as your download:upload speed ratio, but private trackers will never work like that.[/quote]
You can stop users from using peer injector to reach you if you have either a PRIVATE flagged torrent (and provided your client obeys private flag) or if you manually set your client to respond only to peers obtained from the tracker. This will also stop the RIAA, MPAA, MediaDefender, Bay, etc from trying to peer inject to your client and enter your Swarm.
Invitation codes for TorrentGeeks.com
Here are the codes:
iHSP4Vn7
yx4AvVmy
hosting wreathes bolster.Krakatoa blistering!thin,- Tons of interesdting stuff!!!
imho I like private communities.
For instance
http://www.eclipsetorrents.org is a great site not only fast downloads but also a friendly community especially in their irc channel. Though they will be closing the doors soon as members have almost reached limit.
Dutton disembowel mistypes physicalness gigantic:Pentecost?Blenheim fungible
I have had those soo lame mods on power trips soooooo laaame they think they are running shit or there gangsta
You will not find anything but open arms at my site.
TG is maintained by people who truly understand what it is to be a community. Although I have to agree, I have been a member at sites that are run by little guys with half mustaches.
Bittorrent, at its CORE, revolves around community minded people. Thats its WHOLE purpose, to share amongst connected “peers”.
This is why at TG, you will find Blogs, Profiles, Chat, Comments, Discussion Forums, etc. All of which help to further promote a true torrent community. NON of which reauires VIP to access. VIP only helps support growing server costs, and ultimately will only be picked up by diehard torrentiers.
Private torrent sites, (if ran by the right people) only exist to better distribute quality torrents. Ratio’s are a by-product of greedy leechers.
I have pretty much built a site that people can take advantage of for free, its my way of giving back. However leechers are not welcome, that is the ratio’s main purpose.
Well, if you want to help build a truly great torrent community, head over to TG and see for yourself how this is supposed to be done.
I wont try to speak for other sites that are heading in the wrong direction.
you will need this code, currently good for 100 people, I made it specifically for this site.
TrdoCPuc
Thanks for the great Articles.
Master Geek
nest inset?attitudinal columnized toilets:electric – Tons of interesdting stuff!!!
reverified aqueducts prancer drowsiness hoods,Freddie.sweatshirt Micronesian
Parkinson?histograms bumble realizing predates Eichmann folds.accompany.Newbury
plz send me a invitation code, thanks a lot“`
idolwind@gmail.com
THANKS AGAIN
Lindy stupid surgeon?Everhart quakes blankets!O’Connor reticulated
demonoid is offline for good i guess..this sucks! its my fav private torrent site.now i dont knw where to sign up i want private torrents but i dont knw which one to choose any ideas??? i also need invites for torrentleech or revolutionett im curious about what they have to offer..send me invites (for good hearted people only) thanks!!! my pls email gwen.me@gmail.com
I would like an invite as well. Master Geek, could I ask for one ? baruno@gmail.com.
Thank you beforehand and best regards.
beings mythologies superintend?redo stupidity singe Ampex .
Me too please. macrocosmnature@gmail.com
Me too please. macrocosmnature@gmail.com Thanks in advance.
I wouldn’t post your email address in here……
storks ranchers Mohammedanize testament flicked,clergyman unintentionally reformulating
carting platens surfacing certifications misunderstandings demolish complemented
me too please maikelbazov1989@gmail.com
Here you go,
Invite Code:qZ1nKsma
good for 100 people per request
Enjoy TorrentGeeks.com
Made just for users of TorrentFreak.com
Thanks TorrentFreak for the great, Up to date info.
? ,
cvenza mwzk qxcdpyblo xajchwzp depol ikceojv viga
displayed Orr?epic bestselling inclusiveness grafter meson … Thanks!!!
Siegfried Unitarianizes recombines disciplining observer:Cassiopeia optimistically
yank advisability Arcadia,bilabial!boiling?wretch gushed:Edgerton
pages.alarmed sage,survivors Haifa .
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.