EvilZone
Hacking and Security => Hacking and Security => : m0l0ko June 15, 2012, 09:20:43 PM
-
Often when I go to download a torrent, I see its not a .torrent file, its a .exe. Then I look down at the comments expecting to see the uploader getting flamed but instead all I see are people thanking him. Heres an example:
http://1337x.org/torrent/354814/0/ (http://1337x.org/torrent/354814/0/)
The .torrent file must be binded to the .exe file. Am I right in assuming there is no legitimate reason for someone to upload a .exe instead of a .torrent? What amazes me is how so many people seem to run the .exe file. I hear torrent sites are a popular medium for spreading RATs so I'm guessing thats what this is. I'm on linux so I'd have to run the thing on WINE but there is no default torrent client installed in WINE so it probably wouldn't even load the torrent. I'm not really worried about my WINE directory getting infected by a RAT though so I'm going to install WINE and test this out.
EDIT: It ran some shitty program called 1-click downloader:
(http://img855.imageshack.us/img855/3084/screenshotat20120615202.png)
this is a pain in the ass, these torrent sites shouldn't allow people to upload files with extensions other than .torrent.
-
Yeah I've seen those myself once or twice... people are pretty stupid to run those.
Those thankful posts might be just the same guy spamming his torrent so that it looks legitimate...
-
You might find the .torrent inside the .exe by opening it with an archiving program like 7zip.
-
Use more trusted places, with a close community, and try to download from the trusted people ;)
-
Join IPTorrents, it has a nice conmunity. My friend can give out invites.