|
|
|
| Breaking CAPTCHA |
|
Anonymous
Member #3,724
July 2003
|
I'm trying to break a rather advanced CAPTCHA (don't ask why -- I don't ask YOU questions, do I? Basically, I want to call this program with a path to an image (if it can handle URLs, it'll be even better, but it's not an absolute requirement), make the program do the actual work, and output/send back the text found in this image. Anyone experienced in this? (The CAPTCHA isn't THAT hard -- I imagine it should have a pretty good correct guess rate if run in a good OCR program.) |
|
Billybob
Member #3,136
January 2003
|
There was a recent website I saw about this. In summary, his program performs various image filters on the CAPTCHAs, and then runs the decent recognition program (which after the filters I imagine doesn't have to be that great). That's as much information as I know, sorry it's not much. I'm sure wikipedia has a nice page on image recognition and defeating CAPTCHAs. And there's bound to be a few defeating programs out there.
|
|
Anonymous
Member #3,724
July 2003
|
Yeah... I read that site today. (Tried to contact the person also, but he doesn't reply on IRC.) I am testing out GOCR/JOCR as we speak. It SEEMS to do exactly what I want, but since I never am that lucky, it's probably gonna turn out to not work. |
|
Kirr
Member #5,060
September 2004
 |
Quote:
I'm trying to break a rather advanced CAPTCHA (don't ask why -- I don't ask YOU questions, do I?
Your purpose can't be good now, can it? If I knew I would not tell you. -- |
|
Anonymous
Member #3,724
July 2003
|
Quote: If I knew I would not tell you.
That's how a big meanie speaks. Quote: I am testing out GOCR/JOCR as we speak. It SEEMS to do exactly what I want, but since I never am that lucky, it's probably gonna turn out to not work. I was right: http://www.kimmoa.se/tmp/fggffg.gif |
|
Kirr
Member #5,060
September 2004
|
I simply don't want my forums spammed, or anyone's. It seems you are looking into one more way to make money on the web. Better stick with gaming site.. -- |
|
Anonymous
Member #3,724
July 2003
|
This is not a way of making money. I assure you that. |
|
Derezo
Member #1,666
April 2001
 |
Well, like he said, it's extremely unlikely that you have a good reason for doing this. Especially given that you're so secretive about it. "He who controls the stuffing controls the Universe" |
|
Anonymous
Member #3,724
July 2003
|
So what? Why can't we focus on the problem instead of complaining about what evil things I could do with a solution? |
|
Derezo
Member #1,666
April 2001
|
I think the answer to that is painfully obvious: We don't want to help you do evil things. While we're at it, does anyone have any keygens? hacks? serials? cracks? smack? meth? "He who controls the stuffing controls the Universe" |
|
Krzysztof Kluczek
Member #4,191
January 2004
 |
Quote:
While we're at it, does anyone have any keygens? hacks? serials? cracks? smack? meth?
I didn't know today is "talk like a pirate" day. ________ |
|
Derezo
Member #1,666
April 2001
|
I can't believe how long it took me to get that. That was sad, heh. "Huh? I didn't talk like a pirate.. hmm.. ... ... Ohhhhhhh, heheheheh.." "He who controls the stuffing controls the Universe" |
|
BAF
Member #2,981
December 2002
 |
[quopte] You are asking us questions But seriously, what are you going to do with this? Something sounds fishy here |
|
Felipe Maia
Member #6,190
September 2005
 |
Quote: [quopte] Whom's password are you trying to steal Kimmo? Or from which site are you stealing information from? |
|
LennyLen
Member #5,313
December 2004
 |
Quote: Whom's password are you trying to steal Kimmo? Or from which site are you stealing information from? Finding a way around a CAPTCHA would not help you to steal a password or information - since that password/information could therefore be gained by any human looking at the image. The most frequent use of CAPTCHAs is to stop bots from signing up with email/forum accounts to prevent spamming.
|
|
Derezo
Member #1,666
April 2001
|
It could be used for a number of things. For example, if you wanted to create a script to download every driver from driverguide.com and then create your own site where people can download drivers. "He who controls the stuffing controls the Universe" |
|
Jakub Wasilewski
Member #3,653
June 2003
 |
Quote: Finding a way around a CAPTCHA would not help you to steal a password or information - since that password/information could therefore be gained by any human looking at the image. I've seen CAPTCHAs used on login pages together with the password, presumably to prevent dictionary and brute force attacks. Not on casual sites though. --------------------------- |
|
Felipe Maia
Member #6,190
September 2005
|
Quote: Finding a way around a CAPTCHA would not help you to steal a password or information - since that password/information could therefore be gained by any human looking at the image. The most frequent use of CAPTCHAs is to stop bots from signing up with email/forum accounts to prevent spamming. You could write a bot to force breaking a password. Most sites after some time make a CAPTCHA if you misstype passwords too much. You could write another bot to steal people information. Some government sites have as for example your voting information there for you or anyone else to see. So you could download all your country information and make a terrorist attack? Heh... |
|
Derezo
Member #1,666
April 2001
|
Lets try to come up with some good reasons. I certainly cannot think of any. "He who controls the stuffing controls the Universe" |
|
Felipe Maia
Member #6,190
September 2005
|
Not a good reason, but it would explain. Maybe he is trying to steal his girlfriend password to see wheter those comments about her are true or not? Jk. |
|
LennyLen
Member #5,313
December 2004
|
Quote: I've seen CAPTCHAs used on login pages together with the password, presumably to prevent dictionary and brute force attacks. Not on casual sites though. That still doesn't explain how having a way to solve the CAPTCHA would help you steal other people's passwords though. It would be 'easier' to trick them into using a mirror site that gets them to read the CAPTCHA (obtained from the original site) and then pass their result along with their password back to the original site.
|
|
Derezo
Member #1,666
April 2001
|
Quote: That still doesn't explain how having a way to solve the CAPTCHA would help you steal other people's passwords though. He explained that. 'Brute Force' means trying different passwords over and over and over until you get the right one. If they use CAPTCHAs after 3 tries, then you can't brute force them unless you could break it. "He who controls the stuffing controls the Universe" |
|
LennyLen
Member #5,313
December 2004
|
Quote: 'Brute Force' means trying different passwords over and over and over until you get the right one.
Yeah, I'm aware of its meaning Quote: If they use CAPTCHAs after 3 tries, then you can't brute force them unless you could break it. I was originally meaning that breaking CAPTCHAs on its own is not a sufficient way to steal passwords. But yes, I agree that used in conjunction with other password-stealing techniques it would certainly be viable. I missed this the firast time around: Quote: Lets try to come up with some good reasons. I certainly cannot think of any. A university paper? Though, from the way the request was worded, I doubt it.
|
|
Torbjörn Josefsson
Member #1,048
September 2000
 |
There is a secret to solving all CAPTCHA's - just make your bot post something about your intentions to bomb all american politicians! Start trying it out at FBI's site! When 'pretend police' show up at your doorstep, pretend that you are going to shoot them with a realistic replica handgun, while wearing a turban. there.. maybe one spammer less in the world
-- |
|
Kitty Cat
Member #2,815
October 2002
 |
There is something to be said about trying to break encryption methods, regardless of the encryption's use. Trying to get people to break your code is a good way to fix it, as it could turn up problems you never realized. -- |
|
|
|
) and now I'm basically wondering if there is any good OCR software out there for Unix.
