We are still actively working on the spam issue.
Ghostleech
Contents
What is ghostleeching?
The bittorrent protocol is inherently insecure. This means that if I know the info_hash of a torrent and the IP+ Port that your torrent client is running on, I can connect to you and download the torrent from you, EVEN if I am NOT a member of your private tracker
In this scenario, the seeder is not you, but the peer you have scraped. By directly knowing the infohash and IP+Port, you are able to bypass the tracker and download from the seeder directly
Case 1: You are NOT a member of a private tracker, but your friend is
If your IRC friend is on a /good/ private tracker and you are not. Just ask him for:
a) the torrent info_hash (eg: c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn)
b) an IP address:port of a seedbox user
Convert the infohash to a magnet link:
magnet:?xt=urn:btih:INFOHASH
magnet:?xt=urn:btih:c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn
and add that magnet link into your torrent client of choice and add the Peer using the given IP address:port
Congratulations! You are enjoying private tracker speeds, without private tracker autism.
Case 2: You ARE a member of a private tracker
Perhaps you want to download some files without taking a ratio hit:
1. Grab a torrent.
2. Pause the torrent or severely limit the download speed
3. Write down all /fast/ peers (IP and Port)
On a different IP:
4. Add the torrent to your client
5. Remove the tracker (which has your passkey and identifying information)
6. Add the peers and you are good to go!
Warning 1: It looks suspicious if you grab many .torrent files, but dont actually download anything (because you /ghostleeched/ it all). Mix up actual downloading with /ghostleeching/
Warning 2: It is /unsafe/ and /suspicious/ to add a .torrent. Let it announce to a tracker (get peers) and then stop it. What you want to do is CULTIVATE A LIST(IP+Port) of seedbox owners and "Archivers". The best way to do this is to download a torrent the /normal/ way, but log all traffic. Sort by speed and you have your seedbox users
With this list you can bypass steps 1-3. Add your torrent (IN A STOPPED STATE), remove the tracker, add your peers
Warning 3: It is risky to /ghostleech/ on small swarms (<10 peers + Old torrents). Let the size of the swarm protect you
FAQ
Scrapping peers
You want to build a list of seedboxes and Archivers. Don't do this manually. Download for a week normally, but log all your activity with iptraf or iftop. Then sort by speed to get your list
I can't add peers
Some clients prevent adding peers if you remove the private tracker. You have 4 solutions:
- Use a DHT-Patched client (utorrent serenity)
- Use a utorrent DHT Patcher
- Use an /old/ Azureus Peer Injector
- Get the info_hash, convert to magnet link and add the magnet URl
It takes awhile for the torrent to start
It can take up to 5 minutes. If the torrent hasn't started by then, your peers are bad.
How can I detect if I was /ghostleeched/
No method at the moment. If you have a seedbox assume you were /ghostleeched/.
How can I prevent /ghostleeching/
Due to the protocol there is no easy way (other than stop using private trackers). You can try changing your ports every day. However this is not a reliable method, since the /ghostleecher/ will just grep your IP in the network logs to find the new port.
Notable cases
IPT was involved with a similar technique. They took peers from PTP/BTN, added them to their own tracker and gavethem to their own swarm (the IPT users)
Can I be banned for this
Yes. However, as a /ghostleecher/ in case 1 you have nothing to worry about since you can get a new IP. If you are providing the info_hashes+peers use your head.
