this post was submitted on 24 Jul 2023
43 points (95.7% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54500 readers
328 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Most of you are familiar with iknowwhatyoudownload, the site in which by knowing someone's IP address you can see what were they downloading. Unfortunately it only shows torrents which were added to its database.

I have a peer with static IP address, is there any tools to extract what he/she was downloading?

I wanna do it for good purposes, the peer has very valuable files I want to help being seeded, but unfortunately it is the original creator which decided to delete some of them, because their size is too big (200gb+), I want to track his activity, so maybe he could leave a comment in a tracker where I could contact him.

you are viewing a single comment's thread
view the rest of the comments
[–] nevalem 15 points 1 year ago

I don't believe this is possible and actively protected against in the dht protocol implementation.

The return value for a query for peers includes an opaque value known as the "token." For a node to announce that its controlling peer is downloading a torrent, it must present the token received from the same queried node in a recent query for peers. When a node attempts to "announce" a torrent, the queried node checks the token against the querying node's IP address. This is to prevent malicious hosts from signing up other hosts for torrents. Since the token is merely returned by the querying node to the same node it received the token from, the implementation is not defined. Tokens must be accepted for a reasonable amount of time after they have been distributed. The BitTorrent implementation uses the SHA1 hash of the IP address concatenated onto a secret that changes every five minutes and tokens up to ten minutes old are accepted.

I believe you would have to know the torrent first, then you could discover other nodes. This is probably why that tool can't tell you anything outside of it's known list of torrents.

Source: http://bittorrent.org/beps/bep_0005.html