Giters

securelayer7 / Captch-Bypass-Vulnerable-Script

This script is developed for understanding the Captcha Bypass Vulnerabilties.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Captch-Bypass-Vulnerable-Script

This script is developed for understanding the Captcha Bypass Vulnerabilties by Saurabh Banawar.

TenRepeatedCAPTCHA

This is the demo of weak CAPTCHA design. The vulnerability exists because the application has limited dictionary of CAPTCHA puzzle. They keep on repeating, this makes an attacker carefully observe them and note down the answers manually and crack it the next time they repeat using automated tool. Its usage:

  1. Save the two files in a folder in your root directory
  2. Go to browser and load captcha.php

GooglereCAPTCHA/

This is a demo of weak CAPTCHA implementation. Here we see that how can a perfectly designed CAPTCHA be bypassed if it is not implemented properly. Its usage:

  1. Save all the files in a folder in root directory
  2. All of them are independent of each other.
  3. So you can load any file from browser.

Exploits/

These are exploits that target weak design and implementation. Its usage is:

  1. Have ruby installed on your PC
  2. Save these files in a folder and host a application from files given in this url: https://github.com/securelayer7/Captch-Bypass-Vulnerable-Script
  3. Open command prompt and navigate to that folder
  4. Type for example: ruby ArithmeticExploit.rb

ArithmeticCAPTCHA

  1. Save the two files in a folder in your root directory
  2. Go to browser and load captchaarith.php

Thank you!

If you have any question always shoot me email or twit at @securelayer7

About

This script is developed for understanding the Captcha Bypass Vulnerabilties.

Languages

Language:PHP 63.7%Language:Ruby 36.3%