A captcha (an acronym for "completely automated public Turing test to tell computers and humans apart") is a type of challenge-response test used in computing to determine whether or not the user is human.If you are planning on implementing a CAPTCHA system (wikipedia.org)
If you plan on using a CAPTCHA system, you must be aware of the numerous ways to defeat such a system. Apparently one of the guys that are constantly defeating CAPTCHA is Sam Hocevar . His PWNtcha website presents a huge collection of CAPTCHA systems which have been or are in the process of being defeated.
Sam designed a tool (closed source for good reasons) which is able to analyze and decode even the trickiest images.
PWNtcha is simply a toolkit of image manipulation functions, and a list of known CAPTCHAs with the associated list of image operations to apply in order to decode each of them. If I have never seen your CAPTCHA, then PWNtcha does not know about it, and there is absolutely no way it could decode it.
Update May 29:
A vulnerability has been reported in the CAPTCHA plugin for Geeklog, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Secunia has the details.
Are you aware of any CAPTCHA system which is not listed on this site ?
Thank you for reading this post. You can now Read Comments (3) or Leave A Trackback. Print This Post
Post InfoThis entry was posted on Wednesday, April 25th, 2007 . Tagged with:
Previous Post: Web Application Security Risk Report »
Next Post: Content Filtering Consolidation: Websense acquires SurfControl »
Read MoreRelated Reading:
- How to Protect Your Business Network from Phishing Attacks
- Animated Presentation on Sony PSN Hack
- ArcSight Tip #1 – arcsight managersetup notification test
- I’m a CISSP
- Operation:Payback or Social Vendetta is Here
- I got owned by Malware Destructor 2011 Virus
- New Downtime Cost Calculator by Storagepipe.com. What if ?
- Securing Your Network from Web Threats
- My Twitter Notes on 2010-07-25
- New NetWitness Visualize : Welcome To The Future!