CAPTCHA enhancement for Nuke... Date: Saturday, October 18 @ 16:33:30 CEST Topic: Security If you are wondering where the nice security code system came from well here is a little background, as well as some code to make the security code a bit harder for scripts to decipher. Background: CAPTCHA is A computer-generated test that humans can pass but computer programs cannot (taken from wordspy, http://www.wordspy.com/words/captcha.asp) Well there is a nice site on CAPTCHA's, http://www.captcha.net/ they have a few of the most common versions with samples of some of them. Well who has noticed that PHP-NUKE's version of this system is easily bypassed with computer scripts? (yes I have had my computer OCR read the screen and deciper the numbers) Well I have come up with a little harder to decipher version, it is basically just based on a (slightly larger image), along with no JPG to build the background but instead very light circles under the numbers which are printed twice with a slight offset & in different colors. While not too hard to read 90% of the images, it does offer a huge advantage in protecting the sites from script-kiddies. If you are wondering how I managed to beat the security code image, well you can do it by hand. (if you have an OCR program) Here is what you need to do to beat the code. Open a Login Page (with the code) Screen Capture the page (or use similiar web tools to save the image to the HD, but this way is for the people who don't want to use wget, or crazy tools..) Stick the image into photoshop (or similiar image program, such as GIMP) Chop the image area out of the rest of the image Do a color range selection (fro the hash image, not the numbers) Convert it to white. Save the resulting picture send it to your OCR software Wondering how to do it automatically? Use Macros & Windows Scripting. :) (only thing Microsoft ever did right, well for people looking to break things... lol) You can load a login page (using wget) Look for the security image IMG tag use Wget to grab the image now repeat using photoshop (or GIMP) run through OCR (any that supports OLE or scripting will be the best..) (which I believe there is a GPL program too..) Now you got the code, fake the login. See why there is a need for a stronger system? Well here is some modded code to make the login look like Yahoo!(tm) or other big sites... lol function gfx($random_num) { global $prefix, $db, $module_name; require("config.php"); $datekey = date("F j"); $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey)); $code = substr($rcode, 2, 6); # $image = ImageCreateFromJPEG("modules/$module_name/images/code_bg.jpg"); Header("Content-type: image/jpeg"); $image = ImageCreate(100,20); $white=ImageColorAllocate($image,255,255,255); ImageFilledRectangle($image,0,0,100,20,$white); for ($cnt=0; $cnt<12; $cnt++) { $text_color = ImageColorAllocate($image, intval(rand(200,255)), intval(rand(200,255)), intval(rand(200,255))); # Depending on your PHP use one of imageellipse or imagearc #ImageEllipse($image,($cnt*8),10,intval(rand(15,30)),intval(rand(15,30)), $text_color); ImageArc($image,($cnt*8),10,intval(rand(15,30)),intval(rand(15,30)),0,360, $text_color); } for ($idx=0; $idx $text_color = ImageColorAllocate($image, intval(rand(0,128)), intval(rand(0,128)), intval(rand(0,128))); $text_color1 = ImageColorAllocate($image, intval(rand(0,128)), intval(rand(0,128)), intval(rand(0,128))); ImageString ($image, intval(rand(1,5)), 12+($idx*14), 2, substr($code,$idx,1), $text_color); ImageString ($image, intval(rand(1,5)), 11+($idx*14), 2, substr($code,$idx,1), $text_color1); } ImageJPEG($image, '', 75); ImageDestroy($image); die(); } This article comes from NukeCops http://www.nukecops.com The URL for this story is: http://www.nukecops.com/modules.php?name=News&file=article&sid=836