alot of times the trackers will only allow some kind of clients and then you get a message saying that your client is banned bla bla..
now what we gonna do here is make one client (tixati in this case) act as a different client when contacting the tracker and other peers.. you might already know about this when using mRatio you get a various kind of clients id's to choose from.. that's really good for cheating a tracker but today we wanna use the fake id to be able to download.

so how it works ?

download tixati
http://dlmirror1.tixati.com/download/

open the torrent you wanna add, you will get a window press trackers and add one of those lines right after the tracker url

for utorrentMac 1.6.4 use
:header:%0D%0AUser-Agent: uTorrentMac/1640(27255):peerid:-UM1640-

for utorrent 2.2.1 use
:header:%0D%0AUser-Agent: uTorrent/2210(25110):peerid:-UT2210-

for Transmission 2.11 use
:header:%0E%0AUser-Agent: Transmission/2.11:peerid:-TR2110-

for Deluge 1.3.5 use
:header:%0D%0AUser-Agent: Deluge/1350:peerid:-DE1350-

those are some popular clients and atleast one of them should be allowed on the tracker..

Example of the whole thing:
http://torrenttracker.com:9999/df65g45fd4g5d4f65g56dfg/announce:header:%0D%0AUser-Agent: uTorrent/2210(25110):peerid:-UT2210-

don't press start instead press stop

select the new added torrent and press options tab then peers

you will see a local peerid, uncheck the default tixati id and change it like this

TIX0188-b4a2h9a9f5c4

you need to replace the red part with the last id from the lines we added to the tracker before, choose only from the line you added you can't mixup different id's and user agents

EX:
-UT2210-b4a2h9a9f5c4

its done the tracker as well as the other peers now see you as a utorrent 2.2.1 user

Go try this on What.cd. I'll wait here. :happy:

What.cd is banned in my country.. will waffles do ? because even smart peers checkers like asiatorrents didn't get the end of it

because even smart peers checkers like asiatorrents didn't get the end of it

It's detectable, though. Just compare the announces of this against the real thing. It will only fool the low-level trackers.

ghostfucker's spoof is the only way to completely and flawlessly pass yourself as using another client.

its similar.. even the same client announcing gets different each time .. i dare you to try it and get banned because of it, there is just no way to have a value to base a filter on especially with so many clients and so many sub versions of the clients..

asiatorrents/AvistaZ is a super high level peer detector btw, you can still cheat there but there is a real smart filter when it comes to clients that only worked there no other tracker that i know of check for the header as well as the agent and id, so what.cd should be no different otherwise they wouldn't choose to ban so many countries because its hard to easly identify which people are cheating and which ones are not

i dare you to try it and get banned because of it

I dared you first :happy:

I dared you first :happy:

lol ok :)

http://image.torrent-invites.com/images/646bar.jpg

which one ?

what about the reversed bytes that your client send during the downloading process :) .. for sure it will differ between uTorrent and tixati !! it's nice idea but i think it's so easy to detect :( .

Tixati's reversed bytes :
00 00 00 00 00 10 00 01
Vuze 4.7.2.0 :
80 00 00 00 00 13 00 04
uTorrent 3 :
00 00 00 00 00 10 00 05

That's a simple example how this method is detectable :) .

there will always be a difference whether that or the packet tos value but not the obvious parameters that the trackers can capitalize on with little efforts, for example whatcd haven't got the end of this.

so what.cd should be no different
no offence, but what.cd (and any other good tracker) will ban you within seconds...


there are two simple rules on how to verify your emulation.
1:
- open a torrent with the original client and sniff three announces (event=started, regular update, event=stopped)
- save them to a text file
- do the same with the emulation
- compare the announces
=> if they aren't 100% equal (except of the (random) id/key and uploaded/downloaded/left fields) your're fucked.

2:
- open a torrent with the original client and sniff three handshakes with other clients (btlp (e.g. bittornado), ltep (e.g. transmission), azmp (vuze))
- save them to a text file
- do the same with the emulation
- compare the handshakes
=> if there aren't 100% equal, well then you're not necessarily fucked, but other clients would know, that you're faking the client.


and a general hint:
don't even bother with utorrent, if you dont have some good disassembling skills. they use an encrypted id and a customized protocol, which will show your emulation as FAKE:
http://www.sb-innovation.de/members/ghostfucker-albums-forum-pics-picture4478-unbenannt.png

no offence, but what.cd (and any other good tracker) will ban you within seconds...

no offence, but what.cd haven't

maybe it's true and you were lucky, maybe it's not. to be or not to be, i can't tell you...it's the internet ;)

i don't know what this is about,but the facts are stated here waffles didn't detect it i don't know why but scripts don't deal with luck, second fact is we already talked about that it is detectable but not as easy as you would think

@n4overclock:

GF trying to tell you that it's not perfect so you can be fucked any time and he has told you what you need to make any emulation perfect .. maybe the tracker didn't catch you (and that's good by the way xD) but when you talk to GF he has to tell you that if the emulation is not perfect so you don't have to use it at all because he has the bigger view and the enough information and facts which help him judge the method .

nice thinking by the way ;)

@Tattah
well, i don't care what you think =). only you seem to think that someone think it is perfect, we don't need that i already know that with more efforts from the tracker side it should be detectable (especially for utorrent) and why it is(no luck involved) but its always good to take a step to clear that up for other people that are viewing the thread
still if you wanna spoof a certain tracker with whatever clientid you want this is a way to go for; and it still work as per good trackers like what and AvistaZ

no need to repeat the same thing over and over

@n4overclock:
I won't argue with you more than that, regardless of your judging on me ..

but its always good to take a step to clear that up for other people that are viewing the thread
if you didn't notice that's what we trying to do, we clear everything up for other people that's why we said and proofed how this method is detectable! if we want to hide any information we could say "Hey, thanks for the great and perfect method!"

my last words here .. don't ever think that everything related to the clientID .. no it's more than that and i won't repeat my words again because i think everything is now cleared up .. and you and other people can choose whatever you want.

its always good to take a step to clear that up for other people that are viewing the thread
thats the point. i've seen people getting banned with way better emulations than this one, therefore we shouldn't tell them that something is good if it's not.

Security through obscurity doesn't work. If I posted a spoofing method that is detectable but works anyway, I'd expect people to point out the former.

@Tattah
your latest post never was about "good to take a step to clear that up for other people that are viewing the thread " more like repeated words to make the method sound more weak when in fact it is but after we talked about the fact that it works on suggested trackers
do ctrl F " PERFECT" first page so unless u think that whatcd or Avistaz are perfect no need to repeat the obvious

@ghostfucker
this one is definitely good and customizable and vunurable
better or not they are different and you have control of what your doing on this one. depending on the users knowledge this one give more control instead of idclient files that has been analyzed by the trackers, you have made your point, but we're still waiting .. im not gonna put a big red "use at your own risk as a first line"

you have control of what your doing on this one
that is what you call "control"?. you can change some fields with this method, but it's just the tip of the iceberg. with mods like vuze you can change every single field and make the emulation perfect. i could even create clientfiles, which would emulate your buggy client spoofing. that's what i would call "control".

idclient files that has been analyzed by the trackers
mods like vuze and tools like mratio are well tested (on trackers like scenetorrents) and there isn't any weakness they could find. that's why we call these emulations 'bulletproof'. your method has definitely a detection ratio. if i know it, trackers will know it too.

but we're still waiting
for what? for people losing their accounts just to proof you're wrong?

that is what you call "control"?. you can change some fields with this method, but it's just the tip of the iceberg. with mods like vuze you can change every single field and make the emulation perfect. i could even create clientfiles, which would emulate your buggy client spoofing. that's what i would call "control".
no you only change the iceberg and presets on the other methods (except for mratio with memory reader for utorrent) this method has complete control of the entire header but obviously someone who doesn't know what to send like you would make it so easy "detectable"
come beg for the "bulletproof" client files and have control over only peerid is that it ?


mods like vuze and tools like mratio are well tested (on trackers like scenetorrents) and there isn't any weakness they could find. that's why we call these emulations 'bulletproof'. your method has definitely a detection ratio. if i know it, trackers will know it too.
don't generalize trackers definitely got adapted and read those client id files maybe some didn't take full action but that would explain everything

"bulletproof'" is not perfect :)


for what? for people losing their accounts just to proof you're wrong?

or maybe they didn't and only you still whining here

no you only change the iceberg and presets on the other methods
so i guess you never checked the other methods...? you can build the entire request of your own with vuze.

this method has complete control of the entire header
ok, how can i change the encoding exceptions? or how can i force upper/lower case encoding? how can i change the parameter order? (just three examples, which caused bans on some trackers)

don't generalize trackers definitely got adapted and read those client id files
but they wouldn't check your method and write scripts against it, right?

maybe some didn't take full action but that would explain everything
take the latest vuze, show me just one bug and i'll pay you one million bucks. would you do the same deal? ;-)

or maybe they didn't and only you still whining here
it's not whining., i'm just sad because you obviously don't care about the people you're actually trying to help with this...

so i guess you never checked the other methods...? you can build the entire request of your own with vuze.
i have checked them and you can do that trought the client files wich the users don't wanna spend time in while you can just past a line and replace what matters to the tracker to filter



ok, how can i change the encoding exceptions? or how can i force upper/lower case encoding? how can i change the parameter order? (just three examples, which caused bans on some trackers)
that's not the header that's the request and you can't change the parameter order with this method wich makes it detectable but trackers don't really use this for all the clients


but they wouldn't check your method and write scripts against it, right?
well at least not yet


take the latest vuze, show me just one bug and i'll pay you one million bucks. would you do the same deal? ;-)
i would make you a deal if you make a "perfect clientfile" for every torrent client since the start and post it for users to use :) then i would bother looking for script bugs



it's not whining., i'm just sad because you obviously don't care about the people you're actually trying to help with this...
no you haven't got a glue what this thread is about since the start and you kept using trackers some as benchmark.. then go ahead do your research it shouldn't be hard for you to have so many accounts since you're always "testing and caring for the viewers right" ? noob :D dnb is on the white list to btw

i have checked them and you can do that trought the client files wich the users don't wanna spend time in while you can just past a line and replace what matters to the tracker to filter
they could also paste a file and replace what matters ;-)

trackers don't really use this for all the clients
check out some good trackers and the reality will prove you the difference...

i would make you a deal if you make a "perfect clientfile" for every torrent client since the start and post it for users to use :) then i would bother looking for script bugs
the day you will offer a "perfect line" for every torrent client since the start, i will start writing the client files...

no you haven't got a glue what this thread is about since the start
then help me.
i guess it's all about passing by the client restriction and losing my account at the same time. well, they cannot restrict my client, if i don't have an account there. so at least it does what it says on the tin :biggrin:

and you kept using trackers some as benchmark..
what else could be the benchmark? the faith?

"testing and caring for the viewers right"
if not the viewers, who else? what is your intension with this thread? let me guess, you're the what.cd staff hunting for new victims, right? ;-)

they could also paste a file and replace what matters ;-)
they can't they have to follow your order and get familiar with it and go trough unnecessary parameters


check out some good trackers and the reality will prove you the difference...
that's your job tester do that and also make more more long boring non perfect tutorials instead of whining on other thread; just goes to show that you're insecure about what you do


the day you will offer a "perfect line" for every torrent client since the start, i will start writing the client files...
so waiting for other people to push you huh
i don't care , you failed as a troll 1/10

then help me.
i guess it's all about passing by the client restriction and loosing my account at the same time. well, they cannot restrict my client, if i don't have an account there. so at least it does what it says on the tin :biggrin:
you're assuming that you lost your account before you even try, well you already lost your accounts so many times because your're so random and now you have too many "suspicions" about all methods


what else could be the benchmark? the faith?
doesn't matter we already passed them


if not the viewers, who else? what is your intension with this thread? let me guess, you're the what.cd staff hunting for new victims, right? ;-)
because i was the one to bring whatcd up in the first place.. you have no brain :D.. go make more tutorials for your non perfect method instead of trolling and giving bad reputation points

appreciate you getting my post count up though

there are two simple rules on how to verify your emulation
Thanks for your post. I'm not interested in cheating, I would like to use Tixati on a private tracker where it isn't whitelisted. I tried built in function, it isn't working there but at least I don't get banned ;) . I'll try to use Python http.server and http.client to set up local "proxy" so I will be able to modify announce any way I like. Obviously this will cover only 1. from your post but I think it will be sufficient. I'm an amateur coder so I'll for sure have to read a lot and spend many hours on tests and I don't even know if it's possible to do this way. So before I waste my time I would like to ask if something I could use with Tixati is already available?

So before I waste my time I would like to ask if something I could use with Tixati is already available?

If we're talking about full and safe emulation of white listed client so the answer will be for sure No .. It's not about announces only or just the peed ID it's about full protocol using a lot and a lot of data sent between clients and the tracker which can exposes you easily .
I think If we're talking about an open source like vuze so any coder can modify the code so It can emulate - full emulation - another client just like VEM It's a modified version of vuze which gives you the chance to emulate another client easily and effectively .

How can I use Tixati for private trackers? How can I spoof it securely ? Can I use ghostfucker's perfect spoof ? How?

Just use something else like qbittorrent or utorrent. Why do you want to use tixati?

Hi,

you can create your own spoof client and use it, for example, with Vuze SB-I MOD (aka VEM). I think VEM uses GF's perfectspoof.

Being a complete noob (i.e. I never heard of the term "announce" before starting to create a spoof file); I found it difficult to create one, but after some perseverance and (invaluable) help from this forum I manage to create one for Qbitorrent.

In my own experience, these are the steps I followed:

download latest VEM (http://www.sb-innovation.de/f41/)
once installed, go to the clientfiles folder under Vuze install directory
in there, you will find examples for other bittorent clients. Get to know them.
go to the PerfectSpoof2_Docs folder under Vuze install directory
in there you will find guides to set up your own spoof file. This is the main place to learn the settings.
read this thread (http://www.sb-innovation.de/f59/tutorial-about-vuze-extreme-mod-all-settings-explained-13781/), which has some useful information regarding spoofing with VEM.
once you've done your first spoof file, you must test it. Use this tool (http://www.sb-innovation.de/f59/tutorial-how-use-smartsniff-capture-announces-bittorrent-32021/) to test your spoof file.
you will need to leech a torrent file to test. use one of these (http://torrent.ubuntu.com/edubuntu/releases/trusty/release/dvd/)


smartsniff is the most important part of the process. you must aim for an absolute 100% match between your fake announce and the legit announce.

you can also spoof with ratiomaster. You can find its settings in this thread (http://www.sb-innovation.de/f59/tutorial-about-ratiomaster-all-settings-explained-18270/).

If you have the "member" badge/title (and I don't know how to see if you have it), I believe there is a "member-only" section in the SBI forum where one can download ready-made spoof files, maybe there is one for Tixali.

Good luck.