MoBiC-01: learnwpf.com CAPTCHA bypass
Month of Bugs in Captchas has started
The first participant of the project is captcha at learnwpf.com. Captcha bypassing is Insufficient Anti-automation type of vulnerabilities and they are widespread as I’ll show you this month
This captcha is vulnerable for two methods of bypassing. These Insufficient Anti-automation holes I found 15.10.2007
1. Guessing from URL bypass method
This captcha use very simple algorithm for generating text on image – it’s use GET variable for the script. So in content of the page program automatically can find correct answer for captcha
Image: http://learnwpf.com/Captcha.ashx?txt=3XSWC
Answer: 3XSWC
I find such captchas periodically. It’s very not serious type of captchas
2. MustLive CAPTCHA bypass method
I’ll make article about this method. In a word, you can use the same captcha’s code many times. This site use ASP.NET, so you need to bypass (bult-in) CSRF protection also. For this you can use the same __VIEWSTATE and __EVENTVALIDATION values. This is Advanced MustLive CAPTCHA bypass method (when using main method with bypassing additional CSRF protection ).
In this case no need for guessing, just use my advanced method to hack this captcha
Insufficient Anti-automation:
learnwpf.com CAPTCHA bypass.html
Guys not overdo with this Captcha bypass test. Not post too much at this site. This exploit for educational purposes only
Moral: never make such captchas.
