Logical Exploits Of Captcha 2023

By XiaoXin
A Bit Randomly

Here is a general overview of how to create a custom form using Gravity Forms:To create custom forms in WordPress, you can use a plugin such as Gravity Forms or Ninja Forms. These plugins allow you to create custom forms a... Read How to Use Gravity Forms in Wordpress

Main Contents

Logical Exploits Of Captcha

Universal verification code:

When developing the verification code module, in order to facilitate calling the verification code to verify whether the function is perfect, the programmer deliberately set several universal verification codes as test data. Due to the programmer's negligence after the development, the test verification code data was not deleted, which led to the vulnerability.

Verification code return:

By capturing the packet, you can see that the content of the verification code is echoed in the data packet; or by viewing the source code of the web page, you can see the content of the verification code, so that the correct verification code can be directly read and used.

Remove captcha bypass:

Delete the value of the verification code or directly delete the verification code parameter by capturing the packet, and then replay the modified data packet so that the verification code verification is bypassed.

Verification code blasting:

Verification code blasting here usually refers to the method of mobile phone SMS verification, because there is no limit to the number of times to enter the same verification code, and the content of the verification code is too simple, such as 4 or 6 pure numbers. The content of the verification code can be blasted through Burp's Intruder module until the correct verification code is matched.

Captcha replay:

First, enter the wrong verification code, capture and replay once, observe the content of the returned data packet after verification, and then use the correct verification code to capture and replay, compare the differences between the two data packets, and then verify based on these differences code is invalid.

Then send the correct verification code to Burp's Intruder module for continuous replay, and compare whether these data packets have the same content returned when the correct verification code is returned. If the content of the data packets is the same, it means that there is a loophole in the verification code replay.

The verification code does not match the mobile phone number uniformly:

First, use your own mobile phone to receive the correct verification code. When you click Register, intercept the packet and change the mobile phone number to another mobile phone number. If it succeeds, you will register someone else’s mobile phone number. This is because the backend only verifies whether the verification code is correct. without verifying that the verification code matches the phone.

Please Share This Article Thank You!

Parts of E-Commerce System Security Checklist
Logical Exploits Of SMS Bombing

Go to replay the data packet sending the verification code to check whether the mobile phone has received multiple text messages in a short period of time. If yes, there is a message bombing vulnerability, because the back...

Ecommerce Security Checklist: Third-Party System, Captcha

Third-Party System - Unauthorized access to third-party systems- Third-party account information traversal- Unauthorized access to third-party accounts- Third-party account information leakage- Third-party application vers...