“Solving” reCaptcha 1.0

reCaptcha is an interesting captcha created by the School of Computer Science at Carnegie Mellon University. It was pretty challenging to solve this one.

Watch this…..with JavaScript enabled…

recaptcha with JavaScript enabled

recaptcha with JavaScript enabled

and now….with JavaScript disabled….

recaptcha with JavaScript disabled

recaptcha with JavaScript disabled

What happens is that when JavaScript is disabled, the reCaptcha is rendered in an IFRAME.
http://api.recaptcha.net/noscript?nocookie=1&k=AAAAAAUAAAAAAHD1aRKPPPPPanq65eHHYHYHYH_1

Advertisements

“Solving” Captchas

CAPTCHAs are used on websites to make sure it is a human and not a bot/rogue program on the page or entering the postal/site. There are sites that bypass the captcha using character resolution using neural networks. This is NOT one of those solutions. This solution shows how you can “capture” the captcha and display it on your site (or feed it to a service like Amazon’s Mechanical Turk, if you like šŸ˜‰ ).

The idea is to do the following:

1> GET the page’s source,
2> Save the form action of the FORM containing the captcha along with hidden fields (and their values).
3> Know which IMG tag would be the captcha, capture it.
4> Request that image & save it.
5> Have all the data for the form (assuming it is a for that the captcha is set up for), including all hidden fields.
6> Pass the image onto your site/service site where a human being will answer the CAPTCHA (remember this is an on-the-fly solution)
7> Get the word(s) in the captcha from your site/service site.
8> POST the entire form to the form action along with all the data and the captcha word(s) provided by the human in the fieldĀ designated for it.
9> Collect the response and make sure the submission was successful (by looking for text that would be seen on success).

This way you can get service a page with a formĀ containingĀ a captcha!

But…what about reCaptcha?…..coming soon šŸ˜€