Torrents Time bundles certificates and private keys
So, with all the news about how Torrents Time is insecure.. I figured I might as well reverse it.
It seems to have three components, one (on windows) is a native service (
TTService.exe) that runs as
SYSTEM, another (
TTPlayer.exe) runs under a lower privileged user. There's also a nodejs application,
The native service seems to set up a
localhost HTTPd, on either port
9400, using whichever is open.
So, I browsed to it, and was astonished to discover it was running with TLS, and gave the browser a valid certificate, signed by Thawte! (the cert was issued to
localhost.ttconfig.xyz, obviously to work around new CA rules. For the record, it currently resolves to
127.0.0.1 as you'd probably expect.)