Torrents Time plugin, which allows you to watch movies directly on Thepiratebay and other trackers, is unsafe

The other day on Geektimes was published the news about the appearance of a browser plugin that allows you to watch videos from torrent trackers right in your browser. This Torrents Time plugin is called, and in a matter of days it became very popular. However, this plugin is dangerous for the user, according to some information security experts.

In particular, developer Andrew Sampson (Andrew Sampson) claims that the plugin is vulnerable to a wide range of hacker attacks, ranging from XSS and ending with MitM. According to Sempson, the plug-in incorrectly implements the CORS (Cross-Origin Resource Sharing) security mechanism, which prevents resources from being downloaded from intruder sites.

This means that an attacker can create a web page similar to the site of the plugin itself, and place here malware, which will work in the victim's browser with the Torrents Time plugin installed. On this fake page, you can place your own player, which will show the user those films that the victim is looking for. The video will be shown, but at the same time, malicious software will be installed on the user's PC.
')
In addition, the specialist found that the JavaScript code from the attacker's website would be able to contact the Node.js Torrents Time server for information about the user. This mechanism can be used not only by “black” hackers, but also by advertisers. The latter will easily receive a list of users with the Torrents Times plugin installed, and gather information about such users to display relevant ads. And the Torrents Time servers track user actions and collect information about them (IP, location, user agent, cookies, viewed torrents, etc.).



Mac users are vulnerable too

As it turned out, Mac users are also vulnerable to attack if they use the Torrents Time plugin. The fact is that the Torrents Time application runs with root rights, which opens up broad opportunities for attackers who plan to launch attacks against Mac users. In particular, there is the possibility of installing malware on Mac users with a plugin. The fact is that Torrents Time software allows an attacker to send a command to update browser plugins. This process can be modified by the attacker himself, and a file from the hacker’s server will be downloaded instead of the plug-in.

Also, attackers can use malicious JS script to increase the load on the processor of the machine, which will lead to a malfunction or failure of Torrents Time.

XSS on The Pirate Bay and Kickass Torrents

On top of that, attackers could use XSS exploits on The Pirate Bay side. And the tt.php file of the Torrents Time plugin works directly with the “pirates” domain. This means that attackers can receive victim cookies, if desired.


Page with Torrents Time player and exploit

Andrew Sempson believes that the plugin is very leaky, prone to a large number of attacks and vulnerabilities. Therefore, the specialist does not recommend using the plugin now, advising to wait until all the problems mentioned above are fixed by the developers.

His work, created during the study of the plugin, Sempson posted here .