Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Find newTrackon's scanning server IP address based on request characteristics #219

Closed
renfei opened this issue Mar 24, 2023 · 5 comments
Closed

Find newTrackon's scanning server IP address based on request characteristics #219

renfei opened this issue Mar 24, 2023 · 5 comments

Comments

@renfei
Copy link

renfei commented Mar 24, 2023

On a whim, I thought I could identify who "newTrackon" was

Collect the characteristics of newTrackon:

  • "User-Agent": "qBittorrent/4.3.9"
  • port=6881
  • uploaded=0
  • downloaded=0
  • left=0
  • compact=1
  • None

newTrackon/newTrackon/scraper.py

Line 26 in da150c1

"User-Agent": "qBittorrent/4.3.9",

newTrackon/newTrackon/scraper.py

Lines 200 to 210 in da150c1

args_dict = {
"info_hash": thash,
"peer_id": pid,
"port": HTTP_PORT,
"uploaded": 0,
"downloaded": 0,
"left": 0,
"compact": 1,
"ipv6": my_ipv6,
"ipv4": my_ipv4,
}

View the html source code of https://newtrackon.com, get the following snippet:

<tr>
<td>http://tracker.renfei.net:8080/announce</td>
<td>100.00%</td>
<td data-sort="1679492551" class="up"><b>Working for 2 days</b></td>
<td><span data-livestamp="1679661252"></span></td>
<td>~30 min (1811 sec)</td>
<td>2a06:98c1:3121::3<br>2a06:98c1:3120::3<br>188.114.97.3<br>188.114.96.3<br></td>
<td><span class="flag-icon flag-icon-gb"></span> United Kingdom<br><span class="flag-icon flag-icon-gb"></span> United Kingdom<br><span class="flag-icon flag-icon-nl"></span> Netherlands<br><span class="flag-icon flag-icon-nl"></span> Netherlands<br>
</td><td>
CloudFLARENET-EU
<br>CloudFLARENET-EU<br>Cloudflare, Inc.<br>Cloudflare, Inc.<br></td>
<td class="right">180 ms</td>
<td class="right">22-3-2023</td>
</tr>

get<span data-livestamp="1679661252"></span>, this is the timestamp.

Scan my log files:

cat tracker.renfei.net.access.log |grep qBittorrent/4.3.9 |grep port=6881 |grep uploaded=0 |grep downloaded=0 |grep left=0 |grep compact=1 |grep None

83.96.25.133 - - [24/Mar/2023:12:33:56 +0000] "GET /announce?info_hash=%0AF%C80%00%CFAUb%7C%BB%B5%05%09%EB%D9A0%07%92&peer_id=-qB4390-wnL7jdcGiiq1&port=6881&uploaded=0&downloaded=0&left=0&compact=1&ipv6=None&ipv4=83.96.25.133 HTTP/1.1" 200 112 "-" "qBittorrent/4.3.9"
180.110.144.224 - - [24/Mar/2023:12:36:55 +0000] "GET /announce?info_hash=i%D4%EB%29%BF%C32%B7%02%EC%9C%08%EF%E4%1Cn+%02+%86&peer_id=-qB4390-Sf8ln1EEanyw&port=6881&uploaded=0&downloaded=0&left=0&compact=1&ipv6=None&ipv4=None HTTP/1.1" 200 112 "-" "qBittorrent/4.3.9"

convert timestamp:

date -d @1679661252

Fri Mar 24 12:34:12 UTC 2023

I caught you!

  • 83.96.25.133
  • 180.110.144.224

what can we do?

No idea, I'm just exploring.
@CorralPeltzer
Copy link
Owner

Hi! The owner of the tracker can initiate the request, so not much can be done to avoid revealing the IP that newTrackon uses to check trackers status.

I could use a pool of IPs in different ASN, but that would be more expensive and operationally complex, and would only make detection a bit harder, not impossible. I could use Tor, but that's blocked by default on many networks, so it would decrease the reliability of the checks.

I don't expect newTrackon's relationship with trackers to be adversarial. There's no financial incentive to run an open BitTorrent tracker, so I expect trackers operators to just be nice. Anyone can run newTrackon locally, https://newtrackon.com/ just a best-effort demonstration of the project.

@renfei
Copy link
Author

renfei commented Mar 26, 2023

Yes, I agree with you.

However, I was thinking that if I provide newTrackon with a dedicated tracker server to respond to the check, I can get a longer cumulative online time, a shorter response time, and thus a better ranking.

Many TrackersLists use newTrackon's data for reference.

By cheating, I can get better rankings and referrals.

@CorralPeltzer
Copy link
Owner

You're right, but I fail to see why anybody would do that. Running an open BitTorrent tracker is altruistic, nobody is going to profit from it, so I don't see the point in cheating.

Since I'm not willing to spend effort on preventing this, if I found evidence of widespread cheating, I'd probably just shut down https://newtrackon.com/ and keep maintaining the project without the website.

@renfei
Copy link
Author

renfei commented Mar 26, 2023

Agree with your point of view!

There really is no reason to cheat.

Thank you for your reply.

@renfei renfei closed this as completed Mar 26, 2023
@Simple-Tracker
Copy link

Therefore, this operation is based on the premise that there is an accurate time stamp, and secondly, it needs to be screened multiple times to determine the intersection. And this way actually becomes impossible in case of intentional blocking (eg: random timestamp)
(using Google Translate)

@josecelano josecelano mentioned this issue Dec 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@renfei @CorralPeltzer @Simple-Tracker