Carter Cole LinkedInCarters Twitter PageCarter Cole on Facebook Carter Coles RSS

Sunday, March 28, 2010

An attack on a Flickr based photo Captcha

The other day i was minding my own business running around the internet and then i came across a blog with an awesome picture CAPTCHA... i wanted to know how it was done and took a peek at where the image was served from... Flickr!

So how would I have created this service? Tags on the images from the API... so if we can find the photo used then we can reverse the process and break the CAPTCHA...

Well lucky us theres an API that does exactly what we need... the urls for the images look like this...

first number is the picture id and the second is the secret... we pass these to the (documentation) and get back exactly what we need... the picture's info and tags associated with it...

ive wired this up so it will pull a random test from the CAPTCHA's server and boom we can not only break the system but we can bypass it... this will return the answer every time :)

so just to be clear this page is actually breaking a captcha each time it loads... its pulling the remote captcha, parsing the results and sending off requests to Flickr to pull the tags for each image detected (all in javascript)... the green borders represent the images it has detected as answers to captcha

The code that gets displayed must be viewed on the original post

I actually really liked using this captcha it went must faster than other ones but the problem is I was able to reverse the process of image selection and break the CAPTCHA... i knew this wasn't the first of the Flickr based system that I had heard of so i went out and found another one but it was protected... it proxies the image through a PHP script on the blog to hide the original Flickr url and prevent my attack from working...

This WordPress plugin has a few thousand users and i was able to bypass the test in just a couple minutes, this just further proves the idea that security is hard because you have to fix every hole in the system and the hacker only has to find one.

0 remarks:

Post a Comment

Link to this post if you found it usefull

An attack on a Flickr based photo Captcha