We are still actively working on the spam issue.

Difference between revisions of "Ghostleech"

From InstallGentoo Wiki
Jump to: navigation, search
m (Add stub, change format)
(Minimize FAQ)
 
Line 7: Line 7:
 
[[File:Ghostleeching.png|thumb|left|A sample ghostleeching scenario.]]
 
[[File:Ghostleeching.png|thumb|left|A sample ghostleeching scenario.]]
  
The bittorrent protocol is inherently insecure. This means that if I know the info_hash of a torrent and the IP+Port that your torrent client is running on, I can connect to you and download the torrent from you, ''even if I am not a member of your private tracker''.
+
The BitTorrent protocol is inherently insecure. This means that if I know the info_hash of a torrent and the IP+Port that your torrent client is running on, I can connect to you and download the torrent from you, ''even if I am not a member of your private tracker''.
  
 
In this scenario, the seeder is not you, but the peer you have scraped. By directly knowing the infohash and IP+Port, you are able to bypass the tracker and download from the seeder directly
 
In this scenario, the seeder is not you, but the peer you have scraped. By directly knowing the infohash and IP+Port, you are able to bypass the tracker and download from the seeder directly
Line 72: Line 72:
  
 
===How can I prevent /ghostleeching/===
 
===How can I prevent /ghostleeching/===
Due to the protocol there is no easy way (other than stop using private trackers). You can try changing your ports every day. However this is not a reliable method, since the /ghostleecher/ will just grep your IP in the network logs to find the new port.  
+
Due to the protocol there is no easy way (other than stop using private trackers). You can try changing your ports every day. However this is not a reliable method, since the /ghostleecher/ will just grep your IP in the network logs to find the new port. You can also change your IP once in a while by spoofing your router's MAC.
 +
 
 +
===How can I minimize my chances of being /ghostleeched/===
 +
Avoid connecting to large swarms whenever possible. The smaller the swarms you connect to, the less likely you will be ghostleeched. Small swarms with big torrents get you more bonus points anyway.  
  
 
===Notable cases===
 
===Notable cases===

Latest revision as of 01:37, 14 July 2023

Warning: ghostleeching is considered cheating by private trackers. Use your head or lose your account.

Ghostleaching is a method of Torrent leaching which is frowned upon by multiple individuals and organizations.

What is ghostleeching?

A sample ghostleeching scenario.

The BitTorrent protocol is inherently insecure. This means that if I know the info_hash of a torrent and the IP+Port that your torrent client is running on, I can connect to you and download the torrent from you, even if I am not a member of your private tracker.

In this scenario, the seeder is not you, but the peer you have scraped. By directly knowing the infohash and IP+Port, you are able to bypass the tracker and download from the seeder directly

Case 1: You are NOT a member of a private tracker, but your friend is

If your IRC friend is on a /good/ private tracker and you are not. Just ask him for:

a) the torrent info_hash (eg: c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn)

b) an IP address:port of a seedbox user

Convert the infohash to a magnet link:

magnet:?xt=urn:btih:INFOHASH

magnet:?xt=urn:btih:c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn

and add that magnet link into your torrent client of choice and add the Peer using the given IP address:port

Congratulations! You are enjoying private tracker speeds, without private tracker autism.

Case 2: You ARE a member of a private tracker

Perhaps you want to download some files without taking a ratio hit:

  1. Grab a torrent.
  2. Pause the torrent or severely limit the download speed
  3. Write down all fast peers (IP and Port)

On a different IP:

  1. Add the torrent to your client
  2. Remove the tracker (which has your passkey and identifying information)
  3. Add the peers and you are good to go!
Note:
  • It looks suspicious if you grab many .torrent files, but don't actually download anything because you /ghostleeched/ it all. Many trackers automatically detect this. Mix up actual downloading with /ghostleeching/
  • It is unsafe and suspicious to add a .torrent. Let it announce to a tracker (get peers) and then stop it. What you want to do is cultivate a list (IP+Port) of seedbox owners and "Archivers". The best way to do this is to download a torrent the normal way, but log all traffic. Sort by speed and you have your seedbox users
  • With this list you can bypass steps 1-3. Add your torrent (IN A STOPPED STATE); remove the tracker; add your peers
  • It is risky to ghostleech on small swarms (<10 peers + Old torrents). Let the size of the swarm protect you

FAQ

Scraping peers

You want to build a list of seedboxes and Archivers. Don't do this manually. Download for a week normally, but log all your activity with iptraf or iftop. Then sort by speed to get your list

I can't add peers

Some clients prevent adding peers if you remove the private tracker. You have 4 solutions:

  • Use a DHT-Patched client (utorrent serenity)
  • Use a utorrent DHT Patcher
  • Use an /old/ Azureus Peer Injector
  • Get the info_hash, convert to magnet link and add the magnet URI

It takes a while for the torrent to start

It can take up to 5 minutes. If the torrent hasn't started by then, your peers are bad.

How can I detect if I was /ghostleeched/

No method at the moment. If you have a seedbox assume you were /ghostleeched/.

How can I prevent /ghostleeching/

Due to the protocol there is no easy way (other than stop using private trackers). You can try changing your ports every day. However this is not a reliable method, since the /ghostleecher/ will just grep your IP in the network logs to find the new port. You can also change your IP once in a while by spoofing your router's MAC.

How can I minimize my chances of being /ghostleeched/

Avoid connecting to large swarms whenever possible. The smaller the swarms you connect to, the less likely you will be ghostleeched. Small swarms with big torrents get you more bonus points anyway.

Notable cases

IPT was involved with a similar technique. They took peers from PTP/BTN/HDB, added them to their own tracker, and gave them to their own swarm (the IPT users)

Can I be banned for this

Yes. However, as a /ghostleecher/ in case 1 you have nothing to worry about since you can get a new IP. If you are providing the info_hashes+peers use your head.