#OpDarknet Official and Last Release — 11/2/2011
In the last three weeks of #OpDarknet, we gained much support from The World with our Operation Darknet. We would like to thank our supporters, in #OpDarknet’s cause. There also was a large amount of resistance from the pedophile community claiming that Tor was their safe haven with messages such as:
Hidden Wiki ‘Hard Candy’ section – October 20:
“To the vandals, you vandalize the page 1,000,000 times, we will correct it 1,000,001. It will just go back and forth. We are here to stay. People want to run DDoS attacks over tor and think it hurts us, it does. It is our GOD given right that we can choose to have our sexual preferences for youth. It is the same for the any other porn community. It is not what we choose to become, it is who we are. You Anonymous aka #OpDarknet do not have the right to censor us.”
Operation Darknet was never intended to bring down Tor or the “darknets”. The only purpose of Operation Darknet was to reveal that a service like the “Tor Project” has been ruined by the 1% using it for Child Pornography. The rest, 99% consists of Chinese/Iran journalists, Government intelligence fighting a secret war with Al-Qaeda, and us Anons who believe in the right to Free Speech.
However, Child Pornography is NOT FREE SPEECH. We proved beyond doubt, that 70% of users to The Hidden Wiki access the HARD CANDY section, “a secret directory” used by the pedophiles to access sites like Lolita City and The Hurt Site, a site dedicated to trade of child rape.
In that, We Anonymous planned and successfully executed an complex “Social Engineering” operation dubbed “Paw Printing”. This consisted of the following things:
1) One week prior to October 27th, 2011, We Anonymous performed OpSec, “Operations Security” against the developers of Tor. We quietly listened on irc.oftc.net channels #tor and #tor-dev to find when the next major release of Tor would be.
2) Form our OpSec, we determined that on October 27th 2011, a new Tor version would be released to recent “security” publications about Tor
3) We secretly contacted our friends at The Mozilla Foundation™, Developers of Firefox™, for them to authorize a developer signer certificate for “The Honey Pawt”, a TorButton that we Anon created to funnel all ORIGINATING traffic to our forensic logger.
4) On October 26th, 2011 we passed certification of a modified TorButton for Firefox™ called “The Honey Pawt” which would be used for the forensic logging of users accessing The “HARD CANDY” and “Lolita City” Tor Hidden Onion sites. Our TorButton aka “The Honey Pawt” did not contain any malware or virus. It was developed according to the Firefox/Mozilla Foundation guidelines.
5) We built a forensic data logger dubbed “Whiny da Pedo” that would capture the IP traffic, log that IP packet, and re-route it through our local Tor Bridge.
6) On October 27th, 2011 we launched Operation “Paw Printing”. What we did was stopped our #occupy Denial-of-Service on The Hidden Wiki and placed a Tor “security update” message on the “HARD CANDY” section of The Hidden Wiki.
7) No where else did we place that message except for the HARD CANDY page on The Hidden Wiki. The message contained a download link to our “The Honey Pawt”. To ensure no conflicts with the existing, TorButton our “The Honey Pawt” replaced the old TorButton Firefox extension.
8) The pedo who was on the “HARD CANDY” section would then restart Firefox™ and turn our TorButton and attempt to access websites such as The Hidden Wiki and Lolita City.
9) That traffic would then be forwarded to our special forensics server and log the incoming IP and destination. If an Tor Onion site matched a known Child Pornography Tor site, we would block the request. Otherwise, the traffic would then be redirected through the Tor network.
10) For only 24 hours, we ran Operation “Paw Printing”. On October 28th, 2011. We shut down the forensics and resumed #occupy The Hidden Wiki to prevent access to the Tor Hidden Wiki Site
Below are mirrors to “whiny_da_pedo_ip_honey_pot.zip”, the forensics archive to our operation. A total of 190 unique IP’s and users were identified in the 24HR time frame. The README.txt contains the method of IP capture and forensics used to determine the individuals accessing the HARD CANDY and Lolita City.
IP Log Backup 1:
IP Log Backup 2:
IP Log Backup 3:
An unique location mapping of these home IP addresses on Google Maps can be displayed here: http://i.imgur.com/ggfVG.png
Also in addition to Operation “Paw Printing”, we had an concurrent operation called “Media Storm”. We reconfigured our previous cluster used for timing analysis against Freedom Hosting, to run multiple instances of “Chris Hansen”.
During our gathering of evidence against FORMLESS NETWORKING LLC (see: http://pastebin.com/qWHDWCre). We ran multiple Denial-Of-Service attacks against the Tor services Freedom Hosting and Lolita City. As for a control to test our suspicions, we separately ran the high bandwidth Distributed Denial-Of-Service attacks against the Tor exit nodes owned by FORMLESS NETWORKING LLC a company affiliated with Mike Perry, the developer of the TorButton.
Each and every time, we were able to verify outages to Freedom Hosting. Those from our Tor network Denial-of-Service attacks directly against Lolita City / Freedom Host (See: http://pastebin.com/VsWnRM70); And those with clearnet/WWW Distributed Denial-Of-Service attacks against FORMLESS NETWORKING LLC Tor exit nodes (See: http://torstatus.blutmagie.de).
One Anon contacted Mike Perry on the Tor developer’s IRC server: irc.oftc.net, about Anonymous’ accusations about his association with FORMLESS NETWORKING LLC. His response is as follows:
[17:24] I helped create that model. my llc was the prototype for the 501c3
[17:26] you really have no idea what the fuck you’re doing, do you?
[17:26] and you’ve damaged my name, and damaged the tor network
[17:26] which you use
[17:26] you know why I didn’t reply to you for 2 days on irc?
[17:26] cause I was busting my ass working for a deadline today
[17:26] that you guys almost made me miss
[17:27] improving the load balancing of the network you used to DDoS my website
[17:28] you see this: https://trac.torproject.org/projects/tor/ticket/1778#comment:22
[17:28] your DDoS probably caused that
To the pedophile community, based on the evidence and forensics, that We Anonymous gathered. There is no need for you to troll anymore, mmmmkay? We have already ID’ed you despite “the myth” of Tor “Anonymity”. We “pwned” and “hacked” Freedom Hosting and Lolita City. If your names for your sick trade consist of “lolita” and “pedo bear”, pedophiles are called “Britney” and “squealer” in jail. If you still don’t believe that we hacked Freedom Hosting? Roger Dingledine, one of the original Tor developers said this on an irc chat, regarding our operations against Freedom Hosting:
[01:09] even if you learn the secret key for a hidden service, that doesn’t tell you who the hidden service is. it only allows you to impersonate the service.
[01:09] if they broke the key, my guess is they broke into the server and then just took it.
The purpose of #OpDarknet was to collect evidence and prove that %1 of Tor users who use Tor for CP are the ones causing the problems for the rest of the Tor community, the 99%. In celebration of November 5th 2011, #OpDarknet is officially sailing away for another Lulz. Bye bye pedo bear. We are Anonymous, a leaderless collective, fueled only by our ideas. We give you a last and farewell gift: http://i54.tinypic.com/120r1jc.jpg
Best, #occupywallstreet, #freeanons, #freetopiary, #antisec
We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
We “Anonymous are the hero The Internet deserves, but not the one it needs right now. So we’ll hunt them because they can take it. Because they are not our heros. Anonymous is a silent guardian, a watchful protector. A dark knight.”
* Also pedos you may want to read: http://gawker.com/5851459