Dark SEO Programming » Blog Archive » PHPBB3 Captcha is super easy

PHPBB3 Captcha is super easy

A while back I presented a long-winded algorithm that would crack phpBB3 captchas. However I cracked it a while back and it’s even simpler than I said before. My floodfill routine returns the size of the area it colours in. Soooo… I flood fill background coloured pixels and if it’s a small area we assume it must be part of a letter and keep it. That gives us lots of small segments to join together.

Incidentally we find the background colour by reading the pixels along the top and finding the most regularly occuring colour.

Now we have some small segments we make them touch each other by blurring them and then we force the picture into only two colours. Then using the average density of vertical lines in each letter we rotate them to an approximately correct position. It may throw a few upside down but as long as that letter always comes out that way up the computer doesn’t care.

Now just train Gocr or a neural network or <<insert cunning program here>> to read those letters. Simple. And surprisingly accurate too. We could further improve it with colour checking routines etc but hey, it works.

This entry was posted on Monday, May 12th, 2008 at 9:42 am and is filed under captcha. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Joe Splogs Says:
May 12th, 2008 at 5:53 pm

I have spent today porting your phpBB2 captcha code into my ‘web content creation framework’ ;). The accuracy is excellent and I had never thought of using a dual human and machine approach to captcha cracking. I noticed a lot of phpBB sites are using alternative captchas, so the human side is very useful to get these out of the way.

One thing I found that was useful to add to your code is something that selects the first option of all select elements (I use a wrapper of the XML DOM and XPath functions to do this). There are quite a lot of mods to phpBB that add extra required fields to the registration form. Using the above solution you can still sign up to these site

Right now I am just getting the registration confirmation text in every language so I can get confirmation. I guess a smart guy would have instantly realised this is probably all in the phpBB distro

Right now I have a few terminal windows ripping up phpBB2 dorks (gotta love those open source programmers) from Yahoo. DB already has 3,589 confirmeed installs :>. Thanks for sharing your phpBB2 code. Is the 3 code going to be made available?

Harry Says:
May 13th, 2008 at 4:29 am

I plan to release it eventually in a GTK wrapper as a desktop application.

Anyway it sounds like you’ve added quite a few things I haven’t thought about. And the whole part of failing a captcha and then showing it to the user idea (At least that what I assume you mean). I didn’t plan it to be used like that , but that idea kinda rocks except I bore easily typing in captchas. I did wonder if in Linux you could background run a process that pops the captcha up in some image preview program so that you can still see it from the command line.

Next thing is to avoid detection.

Kredite ohne Schufa Says:
May 13th, 2008 at 3:54 pm

Thanks for sharing super easy PHPBB3 Captcha.I think captcha is essential for a blog to protect spam.

nogenius Says:
May 13th, 2008 at 11:18 pm

Really good stuff - keep up the good work on posting.

I have to say no one else talks about this kind of material, and it’s refreshing to be able to read about it, think about it, and code it.

seo Says:
May 18th, 2008 at 3:49 am

Well, I never thought that this can be this easy. Thanks.

reise forum Says:
May 18th, 2008 at 3:25 pm

Thanks a lot for providing this PHPBB3 Captcha.I will check it.

Jobs in South Yorkshire Says:
May 20th, 2008 at 3:13 am

This is really looks easy.I never thought that it is so easy.

Delivery Codes Says:
May 20th, 2008 at 3:14 am

I had never thought deeply about this thing.This is really looks easy.Thanks for the post.

Promotional Codes Says:
May 21st, 2008 at 1:59 am

I thought this is a tough job.But this time it looks like vey easy.Thanks.

Coupons Says:
May 21st, 2008 at 2:00 am

I always thought how they make this things.Thanks for sharing.

Kredite Says:
May 21st, 2008 at 2:47 am

thats really easy
thank you 4 this tip

Liberty Leasing Services Says:
May 23rd, 2008 at 11:11 am

Good work man… these are the great things you are putting here and helping folk

thanks

acne Says:
May 28th, 2008 at 5:32 am

I havent had ANY yet and all my pages are in google and linked via many sites, I think the capatcha is doing great!

Startlogic Review Says:
May 28th, 2008 at 7:32 am

The reason of using a captcha didn’t even work. no matter how hard or easy they are. So I quit thinking about that.

New York Document Scanning Says:
June 3rd, 2008 at 4:12 am

think captcha is essential for a blog to protect spam.

Testttyq Says:
June 16th, 2008 at 11:28 am

Hello

G’night

Voucher Codes Says:
September 10th, 2008 at 10:53 am

I always wondered how they did this

Discount Codes Says:
October 3rd, 2008 at 5:40 am

That is great info, well written and interesting. Very useful, so thanks. Top man!

Current Voucher Codes Says:
October 22nd, 2008 at 3:05 pm

Interesting information. I’ve always wondered how these things get cracked.

Essay Says:
October 28th, 2008 at 3:19 pm

I think this captcha is very good to see. but it is very good stuff and easy work. it is a very good concept too.

SA Flights Says:
October 31st, 2008 at 5:39 am

Thanks for the great article. very useful

Security Door Says:
November 17th, 2008 at 11:16 am

Brilliant

I’m going to give it a whirl when I’m at home and the doors are locked.

Keep up the great work

Voucher Codes Says:
December 12th, 2008 at 6:36 am

I was looking a similar system to recognise terrain on mapping systems

Cad Conversion Says:
December 25th, 2008 at 9:33 am

That’s very clever to blur the words by have the segments touch each other.

Steel Building Today Says:
December 25th, 2008 at 9:41 am

No playing around with that phpBB3 captcha.

acne Says:
January 1st, 2009 at 11:53 pm

That’s definitely very easy to do. Great Catch.

earth4energy Says:
January 19th, 2009 at 1:33 pm

Nintendo dsi Says:
February 2nd, 2009 at 3:49 am

Thanks for the article. Really useful info.

ivan Says:
February 6th, 2009 at 4:05 am

Thanks for the article.
I’ve a website which is based on phpBB3. I’m using this captcha to protect website against spam bots.

Which captcha should I use if phpBB3 captcha is easy to hack, ( reCAPTCHA or something else ) ?

home desktop computers Says:
February 16th, 2009 at 9:12 pm

thanks for this post.

It is really good especially in determining if the user is really human or just computer-generated since these are images.

Great post! Thumbs up for this. I hope to read more informative articles during my next visit. I hope next time you’ll feature home desktop computers.

buy custom essays Says:
March 31st, 2009 at 4:23 pm

Thanks for this great post, nice info wil help anyone, please keep up this great work

voucher codes Says:
April 7th, 2009 at 7:37 am

This is a never ending battle, I have to admit to not knowing where it will stop.

Josh

Earth 4 Energy Says:
April 10th, 2009 at 2:47 pm

Just one more thing for forum owners to worry about!?

ekcol Says:
April 14th, 2009 at 3:12 pm

Heh, poetic justice that this comment thread is full of spam.

wow power leveling Says:
April 17th, 2009 at 5:20 am

Well, to soon to say if it’s good, but at least it’s well designed

wow power leveling Says:
April 23rd, 2009 at 9:48 pm