Imagine you're not at TL, for example, but a friend is. He could download a .torrent, start it, copy the peerlist, conceal his passkey from the metadata, and send both to you. You could add the torrent, remove the announce URL, add the peers manually and start it - i.e. leech without even having to be a tracker member. (This would be more secure in bigger swarms, since otherwise everyone can see your IP)

What you will need

A friend inside the tracker
uTorrent


What your friend will need

uTorrent (could be any client, but uT lets you copy the peerlist quickly)
HxD (hex-editor)


What to do

Ask your friend to add the torrent in uTorrent. After he finishes making the first announce and has connected to as much peers as possible, go to the Peers tab, right-click an entry and choose "Copy Peer List":


http://www.sb-innovation.de/attachment.php?attachmentid=3474

Tell him to paste it in Notepad and save the file as a .txt:


http://www.sb-innovation.de/attachment.php?attachmentid=8251

After that, tell him to open the .torrent in HxD and fill the tracker URL and passkey with X's:


http://www.sb-innovation.de/attachment.php?attachmentid=3477

Then save the file and have him send it and the peerlist to you.

When you receive it, add the torrent, but first go to Advanced, delete the tracker's URL, and if using a mod that ignores the private flag, also disable DHT and PEX:


http://www.sb-innovation.de/attachment.php?attachmentid=3472

Also untick "Start torrent" before adding it. It'll have been added as stopped:


http://www.sb-innovation.de/attachment.php?attachmentid=3478

Open the peerlist your friend sent you. In uTorrent, click the torrent, go to the Peers tab, right-click an empty space, and click "Add Peer":


http://www.sb-innovation.de/attachment.php?attachmentid=3471

In the dialog that will open, write a peer's address in IP:port format:


http://www.sb-innovation.de/attachment.php?attachmentid=3470

Repeat this for every peer in the list. (Yes, this part can get a bit tedious) When you've added enough, uTorrent will show something like "Peers: 0 (43)".

You may now start it. Watch uT connect to peers, and the speed rise at the same time you download a torrent from a tracker you may not even be a member of:


http://www.sb-innovation.de/attachment.php?attachmentid=5778

FAQ
Q: Do I need a modded client to do this?
A: Not for now (except on special cases, see below); using the official uTorrent should be enough.

Q: How is this possible?
A: BitTorrent wasn't meant to be a secure protocol. Anyone with the correct IP+port+info_hash combination can connect and transfer from/to you.

Q: Is there any chance BitTorrent clients can do something to "patch" this?
A: Yes; for example, BitTorrent Inc. could make uTorrent disable the "add peer" function for private torrents. This could be easily bypassed with a DHT-Patch mod.

The Peer Injector plugin for Vuze doesn't inject peers in private torrents. I have attached v0.3, the last official version that was able to do this, as well as a port of it for BiglyBT, which is not backwards-compatible with Vuze plugins.

Q: What if I do have access to the tracker, but want to leech the torrent without it knowing?
A: Load the torrent in the DHT-Patch mod from the Expansion leecher pack. Before adding it, click Advanced, and clear the tracker URL while keeping DHT and PEX enabled:


http://www.sb-innovation.de/attachment.php?attachmentid=3829

Click OK, then add the torrent. If there are other DHT-patched clients in the swarm, you'll eventually find them and begin the transfer. This works wonders on TL's popular torrents, for example, but won't on smaller trackers or swarms.


Please post feedback! :top:

Can't you just open the torrent in µtorrent and remove tracker-url there before you start the torrent? (I think your guide says to remove the tracker-url twice, doesn't it?)

Now, I added a torrent in which I removed the tracker url before starting the torrent. DHT and peer exchange are also disabled. I added 3 or 4 peers from the peerlist that I got via RM and now I'm suddenly connected to 19 peers. Can this be because the tracker sends my ip to the other peers when I'm using RM?

If so, you don't even need the peerlist actually. Is there something I'm not thinking about here that presents a high risk on being caught?

Can't you just open the torrent in µtorrent and remove tracker-url there before you start the torrent? (I think your guide says to remove the tracker-url twice, doesn't it?)

That's fine for normal ghostleeching. Here the procedure consists on passing someone else the .torrent metadata. Even if you have no problem with them knowing your passkey, if they forget to remove the URL before adding the torrent = announce from different IP = chance to get banned.


Now, I added a torrent ... Can this be because the tracker sends my ip to the other peers when I'm using RM?

Maybe, specially if you used the same port in the RM and uTorrent (having disabled the TCP listener in the former, of course), and have "snatched" the torrent.


If so, you don't even need the peerlist actually. Is there something I'm not thinking about here that presents a high risk on being caught?

This method consists in enabling someone else to download torrents via peerlists. You can't afford to pass them your .torrent with the passkey inside for them to fake in the RM and get you banned.

Is making at least 1 announce the only way to get peer's IP? Scrape only tell you the number of peers but not the IPs?

Is making at least 1 announce the only way to get peer's IP?

Yes, hence the "ask a friend to give you the list of IPs" step.

I'm now thinking of a simple way to make some peer activity just so you can cheat on some torrents on trackers like what.cd. This in combination with the waffles method might be a nice, clean way. I'll think it through and make a tut after I test it.

My concern on using this on trackers like What.cd is that you might get others banned for reporting upload to "no one".

By all means, I'm interested on reading anything you write, so go for it.

My concern on using this on trackers like What.cd is that you might get others banned for reporting upload to "no one".

By all means, I'm interested on reading anything you write, so go for it.

If their scripts work like that then it might even ban like 20-30 peers at once because of this.I'm actually very curious as to how their scripts work in this case, although, I'm pretty sure they got that covered somehow, knowing all the ghost leeching possibilities.

this should work on what.cd, but you should use vpn or proxy especially if you have fixed ip. because they count every byte there and if the numbers don't add up they will raise alert. after short investigation they'll find you from the ip.
but it's too much trouble for your friend. maybe we the leechers should make some mirror of what.cd torrents and peer list.

My concern on using this on trackers like What.cd is that you might get others banned for reporting upload to "no one".
you're right...i noticed this already on many trackers while playing with ghostleeching. what was one of them.

Even if you have no problem with them knowing your passkey, if they forget to remove the URL before adding the torrent = announce from different IP = chance to get banned.


I wonder how staff of trackers that allow you to leech/seed and browse the tracker web from different pcs (so different IPs) could know if you share a torrent with anyone else? They say in FAQs that they dont check IPs anymore, they track you with passkeys. I tried a little google on this but no luck so far yet, didn't search enoguh yet anyway.

And regarding "normal" ghostleeching, if you just remove tracker from your torrent after 1st announce they can see that you aren't reporting stats but you are still connected and leeching, right? Isn't this very risky? Removing tracker url = proxy to localhost?

I wonder how staff of trackers that allow you to leech/seed and browse the tracker web from different pcs (so different IPs) could know if you share a torrent with anyone else? They say in FAQs that they dont check IPs anymore, they track you with passkeys. I tried a little google on this but no luck so far yet, didn't search enoguh yet anyway.

The multiple IP rule never meant that if you're e.g. from Brazil and give a torrent to a friend from China, it's okay for him to download, because up to x IPs are allowed. And yes, they can see your address even if they use passkeys. Hence the safety measure in my tutorial.


And regarding "normal" ghostleeching, if you just remove tracker from your torrent after 1st announce they can see that you aren't reporting stats but you are still connected and leeching, right? Isn't this very risky?

They can see that you started the torrent, but never got back to the tracker again. Since this can happen to people whose computers crash or have a power failure too, trackers run a cleanup script to remove inactive peers. After the first or second time it runs, you should be removed from the peerlist and temporary snatchlists.


Removing tracker url = proxy to localhost?

Please elaborate.

The multiple IP rule never meant that if you're e.g. from Brazil and give a torrent to a friend from China, it's okay for him to download, because up to x IPs are allowed. And yes, they can see your address even if they use passkeys. Hence the safety measure in my tutorial.

So you can really share torrents from private trackers that allow multiIP (most of them I think?) with a couple of friends, and maybe combine this with ghostleeching so they dont mess up with your stats?



They can see that you started the torrent, but never got back to the tracker again. Since this can happen to people whose computers crash or have a power failure too, trackers run a cleanup script to remove inactive peers. After the first or second time it runs, you should be removed from the peerlist and temporary snatchlists.

But Staff people can see that you are still downloading, same IP as before, just no reporting, or am I wrong? If they see you suddenly stop reporting but the same IP keeps downloading...that should mean insta ban. Any way to know if a tracker runs that cleanup script without testing it (ghostleeching something)?




Please elaborate.

I mean, is removing tracker's url the same as using localhost as proxy?

So you can really share torrents from private trackers that allow multiIP (most of them I think?) with a couple of friends

I believe I said the rule doesn't mean you can share torrents. :unsure:


But Staff people can see that you are still downloading, same IP as before, just no reporting, or am I wrong? If they see you suddenly stop reporting but the same IP keeps downloading...that should mean insta ban.

If that were true, all ghostleechers would be banned.


Any way to know if a tracker runs that cleanup script

99% of them do.


I mean, is removing tracker's url the same as using localhost as proxy?

Yes, assuming you aren't running a proxy in your computer, of course. Someone thought (http://www.sb-innovation.de/f59/ghostleeching-without-extra-tool-9488/) of this, too.

I believe I said the rule doesn't mean you can share torrents. :unsure:


Yeah, the rule doesn't mean that. What I'm saying is that if they allow multiple IPs for 1 account you can share private torrents with some1 who hasn't an account there, and if that one uses ghostleeching your ratio wont be hurt or anything. All this is more easy and simple than copy pasting peers one by one, and with large torrents my client at least doesn't even keep the peers so I will have to re-paste them, again one by one. That was my point.



If that were true, all ghostleechers would be banned.

I dont know, most people in "cheating experiences" talk about RM, mR and WM. Neve seen much about ghostleeching. But yeah, I guess you are right.


Someone thought of this, too.

Yeah, I think I was asking because I have read that thread sometime in the past. Why would be better making fail announce with a fake proxy than just removing the tracker?


PS: By the way, what happens if you remove tracker's url but you dont complete the torrent? Would be safe to announce again later to get the peers and become ghostleecher again? I guess common sense should say NO?

Yeah, the rule doesn't mean that. What I'm saying is that if they allow multiple IPs for 1 account you can share private torrents with some1 who hasn't an account there, and if that one uses ghostleeching your ratio wont be hurt or anything.

You can do that if you accept the risk.


Why would be better making fail announce with a fake proxy than just removing the tracker?

If memory serves me right, there was a time when uTorrent would forget all peers if you removed the tracker URL for a private torrent, to deter ghostleeching. Hence requiring this fake proxy, a patched executable, or the usage of a older version. Since they've removed that behavior afterwards, now it's just another method.


PS: By the way, what happens if you remove tracker's url but you dont complete the torrent? Would be safe to announce again later to get the peers and become ghostleecher again? I guess common sense should say NO?

If you can already get away with initial ghostleeching on a certain tracker, chances are it's fine... it's better to finish your session in one go, though.

Thanks for your kind attention and for answering so many questions.

Let us clarify once for all:

You can do that if you accept the risk.

If the tracker allow multiple IPs, what would be exactly the risk doing so? Betrayal from your friend?? :rolling_eyes:



If you can already get away with initial ghostleeching on a certain tracker, chances are it's fine... it's better to finish your session in one go, though.

Do you think it would be less risky to announce normally after your first ghostleeching session and just complete your torrent "legally"? that way it would seem really like a crash or something right?

If the tracker allow multiple IPs, what would be exactly the risk doing so?


The multiple IP rule never meant that if you're e.g. from Brazil and give a torrent to a friend from China, it's okay for him to download, because up to x IPs are allowed. And yes, they can see your address even if they use passkeys.

Announcing from different countries will pass as account sharing, and might get you banned.

If your friend is from the same country as you, it's okay.

---------- Post Merged at 17:31 ---------- Previous Post was at 17:24 ----------


Do you think it would be less risky to announce normally after your first ghostleeching session and just complete your torrent "legally"? that way it would seem really like a crash or something right?

Could be a good point.

sry for the bump, but I;m trying to understand what I did right now:
I added a torrent from torrent leech, and after it started downloading, I completely removed the tracker (right click > properties, uTorrent)
all the peers I had gone but after few seconds, new peers started to show up and i'm downloading pretty fast...

I added a torrent from torrent leech, and after it started downloading, I completely removed the tracker (right click > properties, uTorrent)
all the peers I had gone but after few seconds, new peers started to show up and i'm downloading pretty fast...

uTorrent readded this protection, so removing trackers from a private torrent closes all connections and forget all peers. The ones that appeared later are incoming connections.

uTorrent readded this protection, so removing trackers from a private torrent closes all connections and forget all peers. The ones that appeared later are incoming connections.

Why did they do that anon? :frown:

Why did they do that anon? :frown:

For the same reason toilet paper in public restrooms is behind a lock :smilie4:

Can I use proxy for ghostleeching? I think having a proxy from another country is a good idea.
Which proxies then?

Which proxies then?

The ones that work for you. I'd just change my IP, though, it's much easier than finding a free proxy that's fast enough.

I'm worried about being banned because tracker doesn't have many "my country" users! Most vpns are bandwidth limited.
I tried Freegate but it doesn't work!

I tried Freegate but it doesn't work!

I'm pleased to hear that, as this usage isn't what FreeGate was meant for.

Find something that works, or wait some days before you leech.

I took the time to port the Peer Injector plugin to BiglyBT, it can be found on the first post. It should work with Java 9 and x86, but I haven't tested that.

I took the time to port the Peer Injector plugin to BiglyBT
thanks for your time but just to note, Peer Injector is already inside BiglyBT without plugin needed.
I have ever used this before, latest i used v1.5.0.0 released on 10 Apr 2018


https://www.sb-innovation.de/attachment.php?attachmentid=20230&d=1569336521
https://www.sb-innovation.de/attachment.php?attachmentid=20231&d=1569336541

I didn't know about that! But the plugin allows you to predefine a list of peers, inject them on multiple torrents at the same time and also automatically when they're started, so it's still very useful.

Is this "Add Peer" thing supported anywhere that's not Utorrent? Like Transmission, Qbitorrent or something similiar? I know this is super old but i have like a few ip's on TorrentLeech that i'd like to try it on but my system doesn't work with the latest utorrent app XD.

Is this "Add Peer" thing supported anywhere that's not Utorrent? Like Transmission, Qbitorrent or something similiar?

Only one way to know. :wwink:


I know this is super old but i have like a few ip's on TorrentLeech that i'd like to try it on but my system doesn't work with the latest utorrent app XD.

You need to think bigger, nya. Build a list of IP ranges containing potential seedboxes, based on the prefixes announced by the AS numbers of the most popular hosting providers. Then use Zmap to scan TCP ports above 1024 on all of them. You will end up with thousands of results, which are impossible to add by hand, or even through the Peer Injector plugin; at this point you can write a local HTTP server that reads them from a file and serves them as a regular bencoded tracker response... hint: clients will accept a non-compact peers/peers6 even when they asked otherwise. Repeat the scanning procedure periodically and/or whenever your current list dries up. (There's another argument in favor of IPv6: the vast immensity of its address space makes port scanning effectively infeasible.)

Note that even if you had the IP and port of every BitTorrent peer in the world, that won't do much for you without the info_hash for the torrent(s) you want to download. Obtaining such information in a way that can't be traced by tracker staff is a complex task, but I can think of at least two workarounds, and one way to abuse server-side logging to frame an innocent account for facilitating ghostleeching, but that's beyond the scope of this discussion.

It's also noteworthy that BiglyBT's Fast Resume feature will cache known peers on a per-torrent basis, up to 512 by default (can be set to unlimited), and with no expiration date. This would allow building peer lists for ghostleeching as part of regular client usage.

After typing all this I almost want to start writing the "local peer injector tracker", but I'm not sure there's a lot of demand for that. I think most people either use the "remove tracker URL" method or manually build customized peer lists for the trackers they belong to.

Well... I looked and didn't find anything except utorrent
Well... that sucks XD
anyways... What u said is rather confusing yes
but I find the finding info hash thing without alerting staff particularly interesting
I'm sure stuff like this isn't going to fly on anything other than mostly general trackers but I'd like to know and possibly also help
Since afaik info hash is only gathered from the .torrent file
And in some trackers downloading the .torrent file counts as a snatch
So that could be a bit troublesome.
as for building an ip swarm....
I guess one of the best options would be to get the ip's of the most proficient uploaders could help
for example a person with 500 ebook uploads is sure likely to seed most of his stuff...
and grabbing his ip from 4-5 of his common releases would most probably grant you access for downloading the rest of the remaining 390 something files.
the issue is still... downloading the .torrent file for the info hash and it ending up as being seen by tracker staff of anyone else who's probably paying attention
https://wiki.installgentoo.com/wiki/Ghostleech
this says something about making a magnet link out of the info hash...
there's also still the issue of manually adding peers which doesn't seem to be possible from anything other than utorrent as of this moment.
or perhaps I'm not paying enough attention.
Anyhoo... any further insight is appreciated
Cause that tech talk above fried my puny brain XD
Good day

but I find the finding info hash thing without alerting staff particularly interesting
I'm sure stuff like this isn't going to fly on anything other than mostly general trackers but I'd like to know and possibly also help
Since afaik info hash is only gathered from the .torrent file


the issue is still... downloading the .torrent file for the info hash and it ending up as being seen by tracker staff of anyone else who's probably paying attention
https://wiki.installgentoo.com/wiki/Ghostleech
this says something about making a magnet link out of the info hash...

Looks like you understand the chicken-or-egg scenario we have here. For very active torrents, you can work in collusion with an existing member, and indeed this is the method described in the first post. The swarm's sheer size will protect you, and if they notice the ghostleeching at all, it will be virtually impossible to know who the "supplier" is by checking server logs. However, for smaller swarms neither thing will hold true anymore, making the risk much bigger. It won't be hard to notice a few seeders uploading to no one just around the time someone grabbed the .torrent file.


there's also still the issue of manually adding peers which doesn't seem to be possible from anything other than utorrent as of this moment.

Are you sure? =]

well I tried qbitorrent and transmission and they don't seem to work
That utorrent serenity works yeah but it's a rather old application. And ig someone could end up noticing this if they know what utorrent version it runs on.
However working in collusion with an existing member is interesting. Unless you don't have a friend to help with that XD
My basic idea was to use it on a tracker that would actually have some stuff worth collecting... Maybe red? idk
but I feel like that would be a tad too risky XD
so I guess it's best to stick with simple stuff and trackers for this lmfao

My basic idea was to use it on a tracker that would actually have some stuff worth collecting... Maybe red? idk

Well, in RED's case you can just wait until they hand out 100 freeleech tokens to celebrate the invention of the metric system (or some other similarly vague reason), which largely negates the need for cheating.

Anyway, other options include being your own supplier with a dupe (but on some trackers it's already hard enough to obtain one account), or simply going kamikaze by grabbing all the torrents you're interested on, injecting peers and never looking back (but the amount of daily .torrent grabs may be capped). Fortunately for trackers, the need for the info_hash prevents this trick from turning their swarms into a free-for-all.