hello friends! new(ish)!
Ghostleech
What is ghostleeching?
The bittorrent protocol is inherently insecure. This means that if I know the info_hash of a torrent and the IP+ Port that your torrent client is running on, I can connect to you and download the torrent from you, EVEN if I am NOT a member of your private tracker
In this scenario, the seeder is not you, but the peer you have scraped. By directly knowing the infohash and IP+Port, you are able to bypass the tracker and download from the seeder directly
Case 1: You are NOT a member of a private tracker, but your friend is
If your IRC friend is on a /good/ private tracker and you are not. Just ask him for:
a) the torrent info_hash (eg: c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn)
b) an IP address:port of a seedbox user
Convert the infohash to a magnet link:
magnet:?xt=urn:btih:INFOHASH
magnet:?xt=urn:btih:c12fe1c06bba254a9dc9f519b335aa7c1367a88a&dn
and add that magnet link into your torrent client of choice and add the Peer using the given IP address:port
Congratulations! You are enjoying private tracker speeds, without private tracker autism.
Case 2: You ARE a member of a private tracker
Perhaps you want to download some files without taking a ratio hit:
- Grab a torrent.
- Pause the torrent or severely limit the download speed
- Write down all fast peers (IP and Port)
On a different IP:
- Add the torrent to your client
- Remove the tracker (which has your passkey and identifying information)
- Add the peers and you are good to go!
FAQ
Scrapping peers
You want to build a list of seedboxes and Archivers. Don't do this manually. Download for a week normally, but log all your activity with iptraf or iftop. Then sort by speed to get your list
I can't add peers
Some clients prevent adding peers if you remove the private tracker. You have 4 solutions:
- Use a DHT-Patched client (utorrent serenity)
- Use a utorrent DHT Patcher
- Use an /old/ Azureus Peer Injector
- Get the info_hash, convert to magnet link and add the magnet URl
It takes awhile for the torrent to start
It can take up to 5 minutes. If the torrent hasn't started by then, your peers are bad.
How can I detect if I was /ghostleeched/
No method at the moment. If you have a seedbox assume you were /ghostleeched/.
How can I prevent /ghostleeching/
Due to the protocol there is no easy way (other than stop using private trackers). You can try changing your ports every day. However this is not a reliable method, since the /ghostleecher/ will just grep your IP in the network logs to find the new port.
Notable cases
IPT was involved with a similar technique. They took peers from PTP/BTN, added them to their own tracker and gavethem to their own swarm (the IPT users)
Can I be banned for this
Yes. However, as a /ghostleecher/ in case 1 you have nothing to worry about since you can get a new IP. If you are providing the info_hashes+peers use your head.