Pubstro

A pubstro (or just stro) is a hacked computer or server with an installed FTP server. This FTP server is used to facilitate the transferring and spreading of warez, or copyrighted software.

Originally these 'stro' were used to overcome the limitation of home broadband speeds. At the height of their popularity ADSL1 and ADLS2 were the most prevalent - only offering some 5-20mbit per second download and even less on upload speeds. These speed limitations stifled the ability to easily share large copywrited material. These limitation were overcome with the move to HFC and Fibre networks with the arrival of faster home Internet connections Torrents became a viable alternative.

These 'stro' would be shared via FXP Boards. Bulletin Board websites that would share Warez releases and would also have "Scanners" & "Hackers" that would 'scan' for open ports and 'hack' (exploit) the vulnerabilities to then upload their FTP Server software to be filled by "FXPing" FXPing (See flashFXP software) (Having one FTP tranfer directly to another FTP - this would allow a home user with a relatively slow internet speed to be able to transfer files at the bandwidth limits of the two 'stros' in a number of cases being greater than 100Mbit or even 1GBit.

This is typically accomplished by scanning broad IP address ranges with port scanners in search of servers running open ports that are vulnerable to attack by various scripts (e.g. CGI, PHP, VNC, etc.). The scripts are utilized to gain entry into the server whereupon the cracker uploads server software and creates logins. Many crackers will then patch the server against the very vulnerabilities they utilized to compromise the system thereby protecting it from being hijacked by other FXP groups.

Hackers would also use methods of hiding their warez on the stro using folders not accessible by Windows like the "System Volume Information" which the FTP server would permit browsing too. They would put the FTP on non-standard ports. They would also use FTP login scripts to show the IP addresses, free disk space, current bandwidth and other specific details to help manage the FTP. Over time SFTP and FTPS was adoped to help secure the hackers 'stro'.

For a brief time this all occurred on Port 21 anonymous FTPs with basic port 21 scanning. Simply scan, login and upload. Though as IT Security pratices improved the need to scan and exploit became necessary as anonymous FTPs became harder to come by.

Although widely used among FXP boards, pubstros are frowned upon in the warez scene.

See also

• Cybercrime
• Topsite (warez)

References

• Braithwaite, Richard, "The ‘pubstro’ phenomenon: Robin Hoods of the Internet" (2003). ACIS 2003 Proceedings. 104.
• Jelver, P.: Pubstro-hacking – Systematic Establishment of Warez Servers on Windows Internet Servers, Verified: July 24 (2003), July 23 (2002)
• Stefan, Axelsson; Sands, David (2006). "Visualization for Intrusion Detection—Hooking the Worm". Understanding Intrusion Detection Through Visualization. Advances in Information Security. Vol. 24. Springer Verlag. pp. 111–127. CiteSeerX 10.1.1.2.3933. doi:10.1007/0-387-27636-X_7. ISBN 0-387-27634-3.
• Pubstro and pubbing explanations on aboutthescene.com.