views:

51

answers:

1

Hi!

I'm trying to show programmers that some captchas are too weak, and i'm breaking them. Now i've got something like this:

Function:

<?php

function cbreak($image)
{

$info = getimagesize($image);
$width = $info[0];
$height = $info[1];

$img = imagecreatefromgif($image);

$map = array();
for($y=0; $y<$height; $y++)
{
  for($x=0; $x<$width; $x++)
  {
    $color = imagecolorsforindex($img, imagecolorat($img, $x, $y));

    $map[$x][$y] = ($color['red'] + $color['blue'] + $color['green'] > 750) ? TRUE : FALSE;  
  }  
}
echo '<pre>';
for($y=0; $y<$height; $y++)
{
  for($x=0; $x<$width; $x++)
  {
    echo ($map[$x][$y] == TRUE) ? 'X' : '-';  
  }
  echo '<br>';  
}
echo '</pre>';

$sum = '';
for($x=0; $x<$width; $x++)
{
  $count = 0;
  for($y=0; $y<$height; $y++)
  {
    if($map[$x][$y] == TRUE) $count++;  
  } 

  $sum .= ($count == 0) ? 'X' : $count;
}

$sum = preg_replace('#X+#', 'X', $sum);
$sum = trim($sum, 'X');
$letters = explode('X', $sum);

$patterns = array(
/* Still not here */
);

$token = '';
for($i=0; $i<count($letters); $i++)
{
  $token .= $patterns[$letters[$i]]; 
}

echo $token; 
}
?>

Action:

<?php

$cl = curl_init("http://www.takeagift.pl/rejestracja");

curl_setopt($cl, CURLOPT_RETURNTRANSFER, 1);

$r = curl_exec($cl);


$pattern = "/src=[\"'].*[\"']?/i";
preg_match_all($pattern, $r, $images);

$c = array();
for($i=0; $i<sizeof($images[0]); $i++)
{
    if(strstr($images[0][$i], 'captcha') !== false)
    {
        $c = $images[0][$i]; 
    }
}
$s1 = substr($c, 0, -8);
echo $s1."<br />";
$s = substr($s1, 5, -1);
echo $s."<br />";
curl_close($cl);

?>

<img src="http://www.takeagift.pl/includes/modules/captcha.php?1270900968" /><br />
<img src="http://www.takeagift.pl/includes/modules/captcha.php?1270900968" /><br />
<img src="http://www.takeagift.pl/includes/modules/captcha.php?1270900968" /><br />
<img src="http://www.takeagift.pl/includes/modules/captcha.php?1270900968" /><br />
<img src="http://www.takeagift.pl/includes/modules/captcha.php?1270900968" /><br />
<?php include('cb.php'); 
cbreak("http://www.takeagift.pl/includes/modules/captcha.php?1270900968");
?>

Don't look at preg_match i still haven't learned regexp.

So as You can see links are same: (captcha.php?1270900968), but the result - not.

Help me, please (i'm not doing it to spam this portal)

Edit:

Q - How to get one image from one link? Why imagecreatefromgif($image); doesn't return same image as normal link? How to get same image?

A: 

The only thing I can think of your results not being constant is because the source image changes for every request. If you want to test this script I suppose you should try to save one image to your local server and make sure that one is parsed correctly. If its working, you can swap the images with other generated and make sure they work as well.

I would use file_get_contents() to save the image to a local temp file or something, and work from there:

$ImageData = file_get_contents('http://www.takeagift.pl/includes/modules/captcha.php?1270900968');
file_put_contents('temp.gif', $ImageData);

cbreak('temp.gif');
Hans
Now i've got same images, now i'll check it with cURL.
Misiur