Skip to content

This script is developed for understanding the Captcha Bypass Vulnerabilties.

Notifications You must be signed in to change notification settings

securelayer7/Captch-Bypass-Vulnerable-Script

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Captch-Bypass-Vulnerable-Script

This script is developed for understanding the Captcha Bypass Vulnerabilties by Saurabh Banawar.

TenRepeatedCAPTCHA

This is the demo of weak CAPTCHA design. The vulnerability exists because the application has limited dictionary of CAPTCHA puzzle. They keep on repeating, this makes an attacker carefully observe them and note down the answers manually and crack it the next time they repeat using automated tool. Its usage:

  1. Save the two files in a folder in your root directory
  2. Go to browser and load captcha.php


GooglereCAPTCHA/

This is a demo of weak CAPTCHA implementation. Here we see that how can a perfectly designed CAPTCHA be bypassed if it is not implemented properly. Its usage:

  1. Save all the files in a folder in root directory
  2. All of them are independent of each other.
  3. So you can load any file from browser.


Exploits/

These are exploits that target weak design and implementation. Its usage is:

  1. Have ruby installed on your PC
  2. Save these files in a folder and host a application from files given in this url: https://github.com/securelayer7/Captch-Bypass-Vulnerable-Script
  3. Open command prompt and navigate to that folder
  4. Type for example: ruby ArithmeticExploit.rb


ArithmeticCAPTCHA

  1. Save the two files in a folder in your root directory
  2. Go to browser and load captchaarith.php

Thank you!

If you have any question always shoot me email or twit at @securelayer7

About

This script is developed for understanding the Captcha Bypass Vulnerabilties.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published