Is this CAPTCHA breakable?

[Scito]

Hi guys,

I'm stumbled on a problem to automate some things. A CAPTCHA that isn't an image, but it's using some weird CSS & HTML tags mix.

Have a look here: anonym.to - free dereferer service (it's a Dutch site).

Now look at "Controle code". Looks like an image right? Now check the source and search for "lynkx-captcha" and you'll see what I mean. I've been trying to figure it out, it has to do something with the color codes, but well.. Getting to a dead end. Anyone who has some ideas?

 

[tainted]

That's pretty cool. Anyways, in WatiN you can generate an image of the rendered page. From there you could crop it to get the captcha, and the rest is history.

 

[dchuk]

tainted nailed it on the head. that's about as good as you can get with that situation. I like that captcha, they're trying

 

[Insomniac]

Eh looks pretty simple to me. The b tag is set to be a 1x1 pixel. There are 23 <br/> and 70 b's, so that's a 70 x 23 pixel image. From there you'd just isolate the characters and do a straight array comparison to find your match. Uber easy.

 

[phrench]

nice find

 

[dchuk]

Eh looks pretty simple to me. The b tag is set to be a 1x1 pixel. There are 23 <br/> and 70 b's, so that's a 70 x 23 pixel image. From there you'd just isolate the characters and do a straight array comparison to find your match. Uber easy.

that's a good point...pretty simple grid now that I look at it more closely

 

[(O_o)]

breakin captchas itt

 

[SeoHoist.com]

First time i saw something like this...very interesting...I wonder if these type of captcha's are going to start having an effect on captcha services like decapcha etc..

 

[gutterseo]

Nice find

 

[dchuk]

someone crack this bitch and toss the code in here, people don't talk about this stuff enough here. If I have some time this weekend I'll try it in ruby and post it up

 

[gutterseo]

someone crack this bitch and toss the code in here, people don't talk about this stuff enough here. If I have some time this weekend I'll try it in ruby and post it up

First scrape the code that contains the captcha and the inline css style and save to file lynxcaptcha.html:

<style>.lynkx-captcha { line-height: 0; margin: 0; padding: 0; font-size: 1px; } .lynkx-captcha b { display: inline-block; width: 1px; height: 1px; background: #ffffff; overflow:hidden; }</style>
<div class='lynkx-captcha'><b></b>......snip.......<b></b><br/></div>

I couldn't find a way to directly convert html to an image, so first I used a program called wkhtmltopdf to convert it to pdf, then used imagemagick to convert that to png then gocr to get the captcha.

wkhtmltopdf lynxcaptcha.html captcha.pdf
convert captcha.pdf captcha.png
gocr captcha.png

It works well but wouldn't be the quickest, a straight html to png software would be the best bet.

 

[dchuk]

epic. super epic.

Now, I'll carve out some time to do the grid array style crack today

 

[Scito]

Eh looks pretty simple to me. The b tag is set to be a 1x1 pixel. There are 23 <br/> and 70 b's, so that's a 70 x 23 pixel image. From there you'd just isolate the characters and do a straight array comparison to find your match. Uber easy.

Good find, this seems like a decent solution to me since I want to try to break it with PHP.

Will keep you updated how far I get here. dchuk, how are you going to crack it? Command line stuff?

 

[gutterseo]

You can use my crack from php on linux. If you using ubuntu just install the programs you need using apt-get install then use shell_exec from within php to solve the captcha.

If you want the challenge of breaking it using purely PHP (why?) be my guest but I guarantee you my way is easier.

 

[Scito]

You can use my crack from php on linux. If you using ubuntu just install the programs you need using apt-get install then use shell_exec from within php to solve the captcha.

If you want the challenge of breaking it using purely PHP (why?) be my guest but I guarantee you my way is easier.

Hmm, problem is I'm a complete Linux noob. My server is running on FreeBSD, is your program compatible with that OS as well?

Really appreciate the help though!

 

[Insomniac]

Good find, this seems like a decent solution to me since I want to try to break it with PHP.

Will keep you updated how far I get here. dchuk, how are you going to crack it? Command line stuff?

Chuck me some coin and I'll code and post a solution here for you. Pure PHP.

 

[gutterseo]

Should be possible but I have never used BSD. First you'll need to google how to install imagemagick, wkhtmltopdf and gocr. I'm pretty sure they are all available for your platform. Then in PHP use something like this to crack the captcha:

<?php

# Code for scraping the page and saving the html snippet to file

shell_exec('wkhtmltopdf lynxcaptcha.html captcha.pdf');
shell_exec('convert captcha.pdf captcha.png');
$solved_captcha = shell_exec('gocr captcha.png');

#code to send solved captcha back to server

?>

Just checked and the three programs you need are available for freebsd don't ask me how to install them though.

 

[Insomniac]

Should be possible but I have never used BSD. First you'll need to google how to install imagemagick, wkhtmltopdf and gocr. I'm pretty sure they are all available for your platform. Then in PHP use something like this to crack the captcha:



Just checked and the three programs you need are available for freebsd don't ask me how to install them though.

Lazy man does it like this.

<?php


# Code for scraping the page and saving the html snippet to file

`wkhtmltopdf lynxcaptcha.html captcha.pdf; convert captcha.pdf captcha.png`;
$solved_captcha = `gocr captcha.png`;

#code to send solved captcha back to server

?>

 

[gutterseo]

Lazy man does it like this.

Well if you want to spend all your time coding and less time making money go ahead and crack it the grid way. My way took 5 minutes your way you would have to map every character that is used. My time = money, I try not too waste it when there is an alternative available.

I gave the op a perfectly good way to solve his problem for free, I think your just pissed off because your contribution to this thread ie. offering to do it for money is unneeded.

-rep

 

[Insomniac]

Well if you want to spend all your time coding and less time making money go ahead and crack it the grid way. My way took 5 minutes your way you would have to map every character that is used. My time = money, I try not too waste it when there is an alternative available.

I gave the op a perfectly good way to solve his problem for free, I think your just pissed off because your contribution to this thread ie. offering to do it for money is unneeded.

-rep

Did you even look at my response dickhead? I just showed you a shortcut to cut all the shell_exec out of your script by using the ` character. If your time is money, then turning shell_exec('ls'); into `ls` is a saving of 12 characters of time.