numero = 103438
interpreted = N
texte = Good stuff. Hackers attempt to solve all types of CAPTCHAs. They useautomated tools to read and solve problems (OCR) and can even passthrough a CAPTCHA to their own users to solve and pass back theresult.My view of CAPTCHA is like the story about two friends and the bear.The first friend looks at the other on spotting the bear and says "Doyou think you can out run the bear?" The second friend replies, "No,but I only have to out run you." CAPTCHA is just a bit of deterrentto keep the bear on the slower friend. The problem is that there areenough hackers for all of us.BillOn Tue, Aug 25, 2009 at 10:43 AM, Kenneth Grome wrote:> Do hackers these days use scripts that:>> 1- read the content of a web page> 2- extract strings like "two hundred eighty three"> 3- convert them into numbers like "283"> 4- enter these values into blank form fields>> ... so they can get past text-based captcha systems designed to prevent> forms from being submitted by hackers?>> Sincerely,> Ken Grome>>>> P.S. I'm giving the code away free but I don't think file attachments are> allowed in this talk list so you'll have to get it from my website. Please> do not redistribute this file without my permission, thanks:>> http://kengrome.com/downloads/captcha.tpl.zip>> Here's my description so you can figure out if it's worth downloading> *before* you download:>> This captcha.tpl page creates a word-based captcha system entirely in webdna> with no cookies or database required. It displays a 6-digit number as words.> To answer the captcha challenge correctly the visitor must translate this> value into corresponding numeric digits.>> Here's how to use this file:>> 1- Place this captcha.tpl file somewhere inside your web folder hierarchy>> 2- Place an [include /path/to/captcha.tpl] tag at the top of the form page> you want to protect>> 3- Insert this hidden form field into the form: name=captchaLookup value=[captchaLookup]>>> 4- Insert this text input field into the form: name=captchaAnswer>>> 5- Place the [captchaWords] tag on the page wherever you want the> "number-as-words" text to appear>> The first part of the system is done, now let's proceed with the second> part. Use these showif's on the page that receives the form post to> determine whether or not the visitor typed the correct answer to the> captchaAnswer field, then change what's inside the showif's to show the> proper code based on the visitor's captcha answer:>> [code removed for clarity in this email]>> When you uncomment the following webdna comment section> you can test this captcha system entirely within this file> before installing it in your website:>> [code removed for clarity in this email]
Associated Messages, from the most recent to the oldest:
Good stuff. Hackers attempt to solve all types of CAPTCHAs. They useautomated tools to read and solve problems (OCR) and can even passthrough a CAPTCHA to their own users to solve and pass back theresult.My view of CAPTCHA is like the story about two friends and the bear.The first friend looks at the other on spotting the bear and says "Doyou think you can out run the bear?" The second friend replies, "No,but I only have to out run you." CAPTCHA is just a bit of deterrentto keep the bear on the slower friend. The problem is that there areenough hackers for all of us.BillOn Tue, Aug 25, 2009 at 10:43 AM, Kenneth Grome wrote:> Do hackers these days use scripts that:>> 1- read the content of a web page> 2- extract strings like "two hundred eighty three"> 3- convert them into numbers like "283"> 4- enter these values into blank form fields>> ... so they can get past text-based captcha systems designed to prevent> forms from being submitted by hackers?>> Sincerely,> Ken Grome>>>> P.S. I'm giving the code away free but I don't think file attachments are> allowed in this Talk List so you'll have to get it from my website. Please> do not redistribute this file without my permission, thanks:>> http://kengrome.com/downloads/captcha.tpl.zip>> Here's my description so you can figure out if it's worth downloading> *before* you download:>> This captcha.tpl page creates a word-based captcha system entirely in webdna> with no cookies or database required. It displays a 6-digit number as words.> To answer the captcha challenge correctly the visitor must translate this> value into corresponding numeric digits.>> Here's how to use this file:>> 1- Place this captcha.tpl file somewhere inside your web folder hierarchy>> 2- Place an [include /path/to/captcha.tpl] tag at the top of the form page> you want to protect>> 3- Insert this hidden form field into the form: name=captchaLookup value=[captchaLookup]>>> 4- Insert this text input field into the form: name=captchaAnswer>>> 5- Place the [captchaWords] tag on the page wherever you want the> "number-as-words" text to appear>> The first part of the system is done, now let's proceed with the second> part. Use these showif's on the page that receives the form post to> determine whether or not the visitor typed the correct answer to the> captchaAnswer field, then change what's inside the showif's to show the> proper code based on the visitor's captcha answer:>> [code removed for clarity in this email]>> When you uncomment the following webdna comment section> you can test this captcha system entirely within this file> before installing it in your website:>> [code removed for clarity in this email]
William DeVaul
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...