- État Fermée
- Pourcentage achevé
- Type Anomalie
- Catégorie Non trié
- Assignée à Personne
- Système d'exploitation Tous
- Sévérité Basse
- Priorité Très Basse
- Basée sur la version 4.4.1
- Due pour la version Non décidée
-
Échéance
Non décidée
- Votes
- Privée
Ouverte par bugbuster - 04/09/2021
Dernière modification par mmakassikis - 21/09/2021
FS#35529 - Bittorrent: Invalid IPv6 addresses announced via PEX
Excusez-moi if I’ve put it in the wrong category, I didn’t find anything better.
I have found two different ‘Freebox BitTorrent 2.0’ clients in the wild sharing invalid IPv6 addresses via Peer Exchange (PEX). To find out that it was the Freebox peer exchanging wrong IPs, I’ve blocked all other clients and waited for PEX process to repeat.
For example, my own IPv6 is: 2001:0db8:abcd:ef01::1
Then the Freebox BT 2.0 peer will start sending INVALID IPv6 addresses where the FIRST HEXTET is completely random. The rest stays correct. Here’s a real selection:
- cc58:0db8:abcd:ef01::1
- db1a:0db8:abcd:ef01::1
- c47a:0db8:abcd:ef01::1
- df36:0db8:abcd:ef01::1
- c262:0db8:abcd:ef01::1
- e885:0db8:abcd:ef01::1
All of the above are invalid as they weren’t yet allocated! See:
https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml and https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
The client presents itself as Client: Freebox BitTorrent 2.0, Peer ID: -FX0200-<omitted>
I do not know the exact OS/software version. But this is no longer a single occurence (not a hardware bug/bad RAM).
Merci beaucoup for reading.
21.09.2021 09:20
Raison de la fermeture : Résolu
Commentaires de fermeture :
firmware 4.5.0
Chargement...
Activer les raccourcis clavier
- Alt + ⇧ Shift + l Se connecter/Se déconnecter
- Alt + ⇧ Shift + a Ouvrir une tâche
- Alt + ⇧ Shift + m Mes recherches
- Alt + ⇧ Shift + t Rechercher par ID de tâche
Liste des tâches
- o Ouvrir la tâche sélectionnée
- j Déplacer le curseur vers le bas
- k Déplacer le curseur vers le haut
Détails de la tâche
- n Tâche suivante
- p Tâche précédente
- Alt + ⇧ Shift + e ↵ Enter Modifier cette tâche
- Alt + ⇧ Shift + w Surveiller
- Alt + ⇧ Shift + y Fermer cette tâche
Édition de la tâche
- Alt + ⇧ Shift + s Enregistrer la tâche
PS: With these wrong addresses the port also becomes ZERO. E.g. [e885:0db8:abcd:ef01::1]:0, there’s something seriously going wrong in program’s memory.
Very interesting, thanks. Could you provide us with a pcap or tcpdump of the problem happening ? (privately if necessary) Are you sure the packets are coming from a Freebox ? The client ID is a good tip, but we’d be more certain if we had the source IPs for instance.
I can share the screenshots I’ve taken that show the “broken PEX IPv6” addresses and the IP addresses of the Freebox BitTorrent users from France (two different subnets for IPv4 and IPv6 pairs: AS12322). Again: I determined it was the Freebox peer by blocking connections to everybody else for a long time.
Additional notes: I have IPv4+IPv6 and this happened when I was a slow seeder and Freebox was a long-term leecher, connected for a very long time.
I do not have packet dumps: I will capture them the next time I find another Freebox user with a long-term connection to me. Encryption must be disabled correct? It can take me a long time because I’m not as active and in the past months I’ve only seen 2 Freebox peers. I had hoped you could test it since you have the hardware and software :)
How can I send you screenshots privately? You can send me instructions to the e-mail registered here. Yes, I understand Bittorrent (DHT) is a public network.
Hello,
The next firmware release will include a fix for this bug. Thanks for reporting it !