BugTraq
Defeating audio captcha systems Jan 15 2008 06:01AM
"Jos�é M. Palazón Romero" (josem palazon gmail com) (1 replies)
Hi all,

Some days ago I wrote an advisory which demonstrates how the Peter's
Math Antispam Spinoff plugin for wordpress
(http://www.theblog.ca/math-anti-spam) can be defeated by its audio file.

It's hard to summarize, you better read the advisory, but in a very
small nutshell, the flaw its about not using any kind of distortion on
the audio clip, which makes it easily identificable by a script.

Here is the link:

http://docs.google.com/View?docid=df36cd52_19xzmkwqcg

I'm sure you will find the advisory inspirational, as the approach is
applicable to many other capthas, and anti-script methods.

Regards

Jose

[ reply ]
Re: Defeating audio captcha systems Jan 15 2008 10:33PM
3APA3A (3APA3A SECURITY NNOV RU)


 

Privacy Statement
Copyright 2010, SecurityFocus