Re: [WebDNA] Captcha question (and free code)

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103438
interpreted = N
texte = Good stuff. Hackers attempt to solve all types of CAPTCHAs. They use automated tools to read and solve problems (OCR) and can even pass through a CAPTCHA to their own users to solve and pass back the result. My view of CAPTCHA is like the story about two friends and the bear. The first friend looks at the other on spotting the bear and says "Do you think you can out run the bear?" The second friend replies, "No, but I only have to out run you." CAPTCHA is just a bit of deterrent to keep the bear on the slower friend. The problem is that there are enough hackers for all of us. Bill On Tue, Aug 25, 2009 at 10:43 AM, Kenneth Grome wrote: > Do hackers these days use scripts that: > > 1- read the content of a web page > 2- extract strings like "two hundred eighty three" > 3- convert them into numbers like "283" > 4- enter these values into blank form fields > > ... so they can get past text-based captcha systems designed to prevent > forms from being submitted by hackers? > > Sincerely, > Ken Grome > > > > P.S. I'm giving the code away free but I don't think file attachments are > allowed in this talk list so you'll have to get it from my website. Please > do not redistribute this file without my permission, thanks: > > http://kengrome.com/downloads/captcha.tpl.zip > > Here's my description so you can figure out if it's worth downloading > *before* you download: > > This captcha.tpl page creates a word-based captcha system entirely in webdna > with no cookies or database required. It displays a 6-digit number as words. > To answer the captcha challenge correctly the visitor must translate this > value into corresponding numeric digits. > > Here's how to use this file: > > 1- Place this captcha.tpl file somewhere inside your web folder hierarchy > > 2- Place an [include /path/to/captcha.tpl] tag at the top of the form page > you want to protect > > 3- Insert this hidden form field into the form: name=captchaLookup value=[captchaLookup]> > > 4- Insert this text input field into the form: name=captchaAnswer> > > 5- Place the [captchaWords] tag on the page wherever you want the > "number-as-words" text to appear > > The first part of the system is done, now let's proceed with the second > part. Use these showif's on the page that receives the form post to > determine whether or not the visitor typed the correct answer to the > captchaAnswer field, then change what's inside the showif's to show the > proper code based on the visitor's captcha answer: > > [code removed for clarity in this email] > > When you uncomment the following webdna comment section > you can test this captcha system entirely within this file > before installing it in your website: > > [code removed for clarity in this email] Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  2. Re: [WebDNA] Captcha question (and free code) (Donovan Brooke 2009)
  3. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  4. Re: [WebDNA] Captcha question (and free code) (Stuart Tremain 2009)
  5. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  6. Re: [WebDNA] Captcha question (and free code) (Clint Davis 2009)
  7. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  8. Re: [WebDNA] Captcha question (and free code) ("Dan Strong" 2009)
  9. Re: [WebDNA] Captcha question (and free code) (William DeVaul 2009)
  10. Re: [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
  11. Re: [WebDNA] Captcha question (and free code) ( 2009)
  12. [WebDNA] Captcha question (and free code) (Kenneth Grome 2009)
Good stuff. Hackers attempt to solve all types of CAPTCHAs. They use automated tools to read and solve problems (OCR) and can even pass through a CAPTCHA to their own users to solve and pass back the result. My view of CAPTCHA is like the story about two friends and the bear. The first friend looks at the other on spotting the bear and says "Do you think you can out run the bear?" The second friend replies, "No, but I only have to out run you." CAPTCHA is just a bit of deterrent to keep the bear on the slower friend. The problem is that there are enough hackers for all of us. Bill On Tue, Aug 25, 2009 at 10:43 AM, Kenneth Grome wrote: > Do hackers these days use scripts that: > > 1- read the content of a web page > 2- extract strings like "two hundred eighty three" > 3- convert them into numbers like "283" > 4- enter these values into blank form fields > > ... so they can get past text-based captcha systems designed to prevent > forms from being submitted by hackers? > > Sincerely, > Ken Grome > > > > P.S. I'm giving the code away free but I don't think file attachments are > allowed in this Talk List so you'll have to get it from my website. Please > do not redistribute this file without my permission, thanks: > > http://kengrome.com/downloads/captcha.tpl.zip > > Here's my description so you can figure out if it's worth downloading > *before* you download: > > This captcha.tpl page creates a word-based captcha system entirely in webdna > with no cookies or database required. It displays a 6-digit number as words. > To answer the captcha challenge correctly the visitor must translate this > value into corresponding numeric digits. > > Here's how to use this file: > > 1- Place this captcha.tpl file somewhere inside your web folder hierarchy > > 2- Place an [include /path/to/captcha.tpl] tag at the top of the form page > you want to protect > > 3- Insert this hidden form field into the form: name=captchaLookup value=[captchaLookup]> > > 4- Insert this text input field into the form: name=captchaAnswer> > > 5- Place the [captchaWords] tag on the page wherever you want the > "number-as-words" text to appear > > The first part of the system is done, now let's proceed with the second > part. Use these showif's on the page that receives the form post to > determine whether or not the visitor typed the correct answer to the > captchaAnswer field, then change what's inside the showif's to show the > proper code based on the visitor's captcha answer: > > [code removed for clarity in this email] > > When you uncomment the following webdna comment section > you can test this captcha system entirely within this file > before installing it in your website: > > [code removed for clarity in this email] William DeVaul

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Plugin or CGI or both (1997) Multiple cart additions (1997) WC2.0 Memory Requirements (1997) shownext not showing next...still r2 (1997) listfiles with large volume of files (2004) More on the email templates (1997) Re:FYI: Error message (1996) Copyright ? (1997) [WebDNA] How to valuate a domain name? (2010) searching with groups (1997) FTP upload TCP Connect (2003) [SearchString] usage (1997) Snake Bites (1997) 2.0Beta Command Ref (can't find this instruction) (1997) European Convention (2004) WebCatalog 4.0.2b5 available (2000) PIXO support (1997) WebCat2b15MacPlugin - showing [math] (1997) Running 2 two WebCatalog.acgi's (1996) ShowNext Context (2004)