Hacked µTorrent

[tumu]

Everyone wanted DHT in uTorrent, now live with the consequences of having it.

[Ultima]

Whatever, Azureus is just as suceptible (heck, even more so, since the source is open).

@rudolfo2: I think the fake clients are only the clients faking their ID as µTorrent, not hacked versions of µTorrent.

[ironboyzz]

@Ultima > Agree. Just hacking the client id reported to tracker. Love to find that progy, never use a keyboard the same!

@tuma > Also agree. But torrenting has changed alot since I started ... ratios! But like anything else in this world there is always scum in the barrel and you have to account for them!

[BlackLion]

@tuma > Also agree. But torrenting has changed alot since I started ... ratios! But like anything else in this world there is always scum in the barrel and you have to account for them!

And therin lies the rub. ALL this is basically for one reason......the 'scum', I will let 1c3d0g call them a bunch of names, hes far better at it than I am without leechers pub or priv we dont have these issues.....and the beat goes on......

[mark8037]

They might not be doing something ethical but it can't be illegal. If utorrent is open source (btw where can I find the source?) then anyone can change it, even if it is for nefarious purposes

[boo]

mark8037, it's just unethical not illegal

You can't download the source of µTorrent because ludde won't make it public.

The reasons are (I guess) like stop people from making a µTorrent version that cheats and to debug µTorrent easily without having to look for bugs that doesn't exist.

[1c3d0g]

mark8037: http://www.utorrent.com/faq.php#Is_.C2.B5Torrent_open_source.3F

[BlackLion]

@mark8037:

1: we are not debating either the ethicality or the legality of what they are doing as much as discussing how their efforts alter the climate that we are bt'ers have to operate within.

2: µTorrent is not open source. You can stop salivating now. Thank you very much.

[mark8037]

Its ironic we as bt'ers are outraged at someone who stole and modified utorrent when the most prevalent use of bt is to steal. Don't get me wrong, I use bittorent as much as if not more than the average joe, but enough with the hypocrisy

[TheDude]

I have to agree with mark8037.

What are most private trackers about ?

Keeping pirated stuff from being seen by the authorities.

I find that the people who are the most constipated about "leechers" are the ones who runs private sites that only have stolen things.

As such the private sites themselves become "authorities".

Hacking has always been about tweaking the authorities - I knew the very first hacker over 30 years ago and it hasn't changed.

[boo]

I have to agree with mark8037.

What are most private trackers about ?

Keeping pirated stuff from being seen by the authorities.

what a joke, authorities can easily get an account.

The reason is that the rules can be more strict and ratios that forces people to seed,

this makes that private trackers has a higher quality than the public trackers.

[BlackLion]

Thank you boo. all that krap about hiding from 'tha man' is ridiculous, always has been. just an excuse for behaviour that is more unreasonable than the behaviour that was going on in the first place. 'The authorities' can find out what they want about who they want whenever they want and however they want to go about doing that. Lets not any of us make the mistake of thinking we are 'special'. No one here is claiming innocence to anything. If you dont like the model that exists, create a new/better one, but dont break the one that exists just because you dont want to operate within it. If you are right the masses will follow you. If people seeded like they were supposed to on pubs there would be no place for privs, no one would need to use them. Dont hate on the people that want to share cuz you feel differently about it than they do. Be a creator, not a destroyer. And please dont hate. Its ugly.

[splintax]

in my opinion, it'a a personal attack on ludde.

haha, okay, if you say so...

I have an idea. What would happen if utorrent.exe hashed itself with SHA-1 or something and passed that into the UID? That way you could tell if someone was using an unofficial build

Of course, I guess people could hack that too...

[alcaholjunkie]

The only sure way that my drunken self could think of validating an official build of µtorrent would be:

µtorrent makes a hash of istself, sends it to tracker, tracker checks that has with reported version name of µtorrent client to µtorrent website with the hash to makes sure it matches... but then there would obviously be a flaw

but then you do the hash with the connection IP or something and do the same process, and that could prevent a hacked µtorrent a little while? lol, I dunno i'm drunk

[Switeck]

Firstly, if the hacked µTorrent v1.4 allows DHT to run even on private trackers, then other cheaters could download/upload only with it or others on DHT. The REAL µTorrent + Mainline + Azureus would only allow connections in the private tracker to others known by the private tracker.

One way someone might use this to cheat a private tracker is to have other instance/s of the hacked µTorrent v1.4 running and have it download from the the hacked µTorrent v1.4 that's connected to the private tracker. Their upload stats would show lots of uploading and their ratio might look "really good" to the private tracker. Many private trackers also have cross-checking means though to determine if seeds+peers are "leaking" the torrent via DHT elsewhere, so they may be discovered and banned (by ip and/or password+id).

Secondly, despite the nature of how µTorrent can be used, the hack is breaking copyright laws. Reverse-engineering has been wrongly made nearly illegal in the USA and totally illegal in numerous countries in Europe. This to me is a bigger issue than "piracy" because where's innovation and peer review going to come from when nobody can even see the "emperor's new clothes"? Computer security is almost a sham now because security reviewers are legally forbidden from don't low-level tests...but hackers already have rooted through many boxes because "insider secrets" are well-known information to them.

Lastly, private trackers can ban all µTorrent v1.4's and force people to upgrade to µTorrent v1.4.1. That would kill that particular hack. I'm sure a later version would just pop up in a couple days though.

[alcaholjunkie]

Well considering that some hacks can rename the client ID to anything they want... banning a client because of that is idiotic because it just wouldn't stop anything but actual users:-/

[anoxan]

in my opinion' date=' it'a a personal attack on ludde.[/quote']

haha, okay, if you say so...

well, it kinda is...one of the reasons it's closed source is so people can't modify it (easily)

the fact that someone put the time in to hack uT shows my point..I mean, if they wanted to just hack a client to share with dht on private trackers, there are a few choices..that are open source

but they chose uT for a reason.

I don't know about you, but I'd take it personally if someone hacked the brakes on my car to share it's brake fluid with the rest of the road..

lol, k..bad analogy, but you get what I'm saying.....right?

[Inf]

I would go with a much closer analogy.

Lets say you have a car or a bus with an advertisment screen on it, visible from outside, that is switched on by default, but automatically switching itself off in the private areas the advertisments it show may be offensive. The analogy would be hacking a system that turns it off, totally pointless for a driver, but really offensive for the mentioned areas.

I still dont get the point of this hack, really.

[splintax]

µtorrent makes a hash of istself, sends it to tracker, tracker checks that has with reported version name of µtorrent client to µtorrent website with the hash to makes sure it matches...

What I had imagined is that the client ID would contain a hash (µTorrent v1.4.1-56D5B842). That could then be sent to the tracker and the tracker could ban anything with an incorrect hash. This would also allow µTorrent to mark fake µTorrent peers.

The problem arises when people hack the client to send the hash anyway without actually hashing itself.

One way someone might use this to cheat a private tracker is to have other instance/s of the hacked µTorrent v1.4 running and have it download from the the hacked µTorrent v1.4 that's connected to the private tracker.

Much easier just to use a ratio cheating (fake uploading) hack like the mods for Azureus, and it's equally detectable by the tracker..

[luk32]

In my humble opinion, everyone should understand that when you have the program's code, from any source, you can do anything to it, alter everything, even rewrite it.

As long as those dudes can alter part of the code, i belive we can assume, as-if they had the code.

It's not important if they're doing it with hex editor or any other way. If if they have enough skills they're like programmers with the sourcecode.

Therefore it's not a problem to fake anything sending from the program. You could easily alter any data that you send, from all the stats to even torrent's contents [but that would be fast discovered by the reciver, anyway you can do it].

The only way, i can think of at now, for checking client's authenticity would be downloading some data from your machine by the "authenticator" e.g. tracker, or anything independent of the client program. But we can assume, that as long as someone wants to use fake client, we can't trust to anything that he provides us with. So the only way to check the user, would be something totally external of his macine or anything related, or in real world as much as possible, and i don't think it's possible anyway. The way i am thinking is very close to trojan like device, "you want to get in, okey, but first you let me in, and allow to do the checking". Eventhough somebody would let this to perform this kind of check-up, it would give 100% guarantee.

You can always hack anything, that runs on your machine.

As an example. When somebody succeded with deploying a trojan horse on your machine and you found it; you can hack it, and send to this funny folk any data, like fake directory structure, fake pictures of your desktop, and when he would like to steal one fo your file, you could send him a trojan in revenge

All is just a matter of skill and human's will. Some would limit it to human's will only.

[splintax]

Its ironic we as bt'ers are outraged at someone who stole and modified utorrent when the most prevalent use of bt is to steal.

Maybe for you, and yes, the most prevalent use of BT probably is to "steal" as you put it, but lots of people don't use it for that at all (syndicating podcasts, linux, legal torrents) there are all sorts of legal uses for BitTorrent even if there is a lot more illegal use.

[vega480]

Since the clients can be hacked to report whatever they want to the trackers and disable the private tag. I have noticed that uTorrent can see when the client is spoofing, is there a way to add a feature in the client itself that when it sees a FAKE whatever it autobans the IP, also a way to see on a private tracker if the other clients have the private tag disabled and autoban the IP, it won't stop the non uTorrent clients from doing this, but it will help slow down how fast they can leech it

[cjard]

and you know.. at the end of it all, someone can just write a proxy that modifies the response from the tracker so it looks like it's the tracker saying that DHT is allowed.. Dont put a load of wasted effort into making the exe self protecting, if the data returned from the tracker can be easily modifed..

It's sad, but true...

[luk32]

... also banning ip isn't good method of solving the problem, actually it's just poor work-around. Today many isp uses pppoe, adsl, etc. etc. non-persistent ways to provide internet services along with dynamic ip. Some even reconnects clients every certain amount of time. I belive it's due to make sever-like services or non-typical user behaviour a little harder to perform. By non-typical user behaviour i mean like downloading torrents 24/7 I think that most of users just download mail, surf the you know. Kind office alike acctions.

Anyway, it's easy to bypass ip ban nowadays.

And it could occur with limitation on honest torrent users, e.g. if you were given a banned ip. That's a mess.

In my opinion IP-based banning is the worse method of limitating access, though it's the only way sometimes.

But what would you do with such dynamic IP case, ban entire network ? That'd be mean

[Switeck]

How about an advanced feature:

Temp ban (like ban for bad hash) on fake id clients.