BitTorrent Ratio Exploit Software on the Increase

Despite over a year for site administrators to deal with the exploit, tools for falsely increasing ratios at private BitTorrent sites are becoming increasingly easy to use.


Tools for exploiting the weak system used by private BitTorrent trackers to monitor user ratios are becoming increasingly user-friendly and available. Despite being a widely publicised problem for nearly a year, there are still no obvious solutions.


The exploit was first publicly highlighted in September last year, at Xyflar.


RatioMaster, who develops cheating software, explained to Zeropaid. “Private trackers keep statistics about how much you’re uploading and downloading. Those stats reported by each client. There are many ways to report wrong statistics.”

Private BitTorrent trackers rely on individual clients for information on how much the client has uploaded. Due to the decentralised nature of a BitTorrent swarm, trackers are unable to monitor the actual uploaded and downloaded data, so have to rely on the each client being honest.


By interrupting messages to the tracker, cheaters can change the reported upload and download statistics.


Xyflar explained how to exploit this weakness last year. By using freely available software, the site demonstrated how to increase the amount of uploaded data reported, hence giving a better ratio.


Despite being reported by major technology and file sharing websites, the exploit’s publication did not cause the predicted flood of leechers. Arguably this is because the exploit requires unfamiliar software and lots of time to execute. Each time a user wants to fake their upload, they must “catch” and then edit a packet sent to the tracker. Falsify the upload by too much, and anti-leeching scripts will catch the exploiter. Falsify by too little and the exploiter would need to catch and edit too many packets to make the exploit feasible.


This process has been automated by groups of cheaters, mostly in small communities who require a minimum number of forum posts to access the files. Steadily these cheats are becoming more readily available from a new wave of developers.


Theoretically, since the exploit does not require any abnormal code to be sent to trackers, the exploit is virtually impossible to detect.


Seba14 develops freely available hacked versions of uTorrent to help people with slow or restricted upload. Using his software is no different to using the standard version of uTorrent, making it shockingly easy to use. The software cheats by multiplying any upload by a factor of ten. He told Zeropaid, “If you use leecher mods carefully, the admin's of tracker sites have no chance to detect you at this time, because the tracker scripts don't know if the sending data of mods is real or fake, they see only a number.”


Another developer called RatioMaster creates ratio cheating software of the same name. Unlike the uTorrent hack by Seba14, his software is free standing and does not actually download or upload any data. Instead, a randomized speed within user defined parameters is reported to the tracker. RatioMaster automatically cuts off if the number of leechers on the torrent falls below a given figure.


RatioMaster is more cautious than Seba14 about the possibility of being caught.


“Some trackers have some anti-cheating scripts, which work on some cases of particularly suspicious reporting, like for example someone uploading too many too fast. If an anti-cheating script is good, I believe it can catch 90% of cheaters,” he told Zeropaid, before conceding, “Most of the time they ban people who don’t even cheat.”


Zeropaid tested both pieces of software at Torrentleech.org, Ilovetorrents.com, Filelist.org, Bitsoup.org and Oink. RatioMaster was set to spoof as Azureus. All testing was done at semi-realistic upload speeds.


Despite reaching a ratio of nearly 15 on some sites, the only ban came from Oink. This came after RatioMaster was left running for a long period of time, without the minimum leech safety catch enabled.


“It's impossible for all users to have ratio above 1. In reality 99% of users can barely stay above 0.5 by seeding 24/7,” said RatioMaster.


“Good tracker scripts can calculate the average upload speed between the tracker updates and so find ‘heavy’ cheating. Scripts exist which show the admin which users have an upload speed more than specifically value,” Seba14 explained. “So the admin can ask the user, ‘what's your connection?’, if the user lies, then the admin can do nothing.”


Feelings about the availability of this software run strong, as people feel that any leeching is anti-P2P. In an extreme case, one post on the RatioMaster forums compares the developers to child molesters.


However, Seba14 is defensive of releasing his software publicly. “Because the mods on my blog are free for all, the tracker administrators can test them and search for a way to detect them. Maybe they will find something,” he said.


RatioMaster agrees that increased availability of the software will lead to more solutions. “Some of the private trackers will employ anti-cheating measures that will catch most cheaters, it’s not that hard,” he justified.


However, no adequate solutions to stop people leeching have been implemented yet, despite the exploit being publicly known for nearly a year now.


Since the exploit relies on standard protocol code, the only solution may be to change the BitTorrent protocol to force clients to inform the tracker how much it has downloaded from each peer. Although the large private tracker sites could easily afford this, for many bandwidth is at a premium. Furthermore, that would leave users vulnerable to hacks developed to deliberately get other users banned.


“The only way to protect private trackers is by banning all clients which have modifications. Another way is the programming of an own client for each tracker,” Seba14 suggests. However, many sites already ban a long list of clients and are reluctant to ban popular clients like Azureus and uTorrent.


RatioMaster feels that stopping leeching is the wrong focus. Administrators should instead focus on encouraging seeding.


“Tools like mine and other cheating utilities and modifications will hopefully make torrent trackers consider applying things that encourage people to share,” he rationalized. “Lately torrent sites that really care about users more than about money have started to apply mods that encourage actual sharing. Like a mod that improves your ratio regardless of how much you upload, just by seeding (even if nobody leeching from you), so it encourage people to seed. Otherwise you can seed for days, but if nobody is downloading from you, your ratio will be the same.”


In the short term it does not look like there is going to be the doomsday scenario of leechers flooding and destroying private trackers. Like the rest of file sharing, the site owners will need to rely on good human nature for the sharing.


Zeropaid spoke to a contact close to the administrators of large private trackers, but the administrators refused comment.