CAPTCHA Bots


Author: Dave
Date: 11.17.11 - 7:29am



I hate captchas, they can be so convoluted that I cant even make them out.

I understand the problem, bots that are equally pointless posting random bullshit to blogs as comments. I was using a standard captcha php script to try to keep some of the junk out of the blog comments. (I have to manually approve everything anyway so spam never makes it visible anyway but still I hate the administration)

So every once in a while, I get a swarm of bots hit the site and start posting random shit. Ip addresses are from all over the world and the spam messages are these short one liner compliments hard to distinguish from a legit comment. Since these comments have no monetary value, my guess is these are feelers used to see if the bot can generate a successful submission, and if that submission will be displayed publically on the site.

The latest volly of these messages happened last night which prompted me to rework the captcha mechanism. Since so many people use standard image based captchas, thats what the spammers bots are adept at. For now I have just changed it around to be a simple text based math problem. I know any 7th grader could write a bot to parse it, but that would only be any good on my puny little site of no advertising value.

The only real anticaptcha i can think of is for everyone to make their own setup. Even if its lame, its obscurity will probably be enough to block spam better than an off the shelf common implementation which it pays spammers to crack.

Thats the theory anyway..time will tell

Fail 1 ok that took about half an hour apparently they can automatically cover the case of a simple a+b math question when the text immediately precedes a textbox element named captcha. I am surprised they handle that kind of auto parsing, but it was a very simple and probably the most common home brew case. For the next test of their capabilities..I have removed the text captcha and changed the textbox name, I also added instructions to append a letter displayed.

Actually this could be fun to enumerate their capabilities.




Comments: (0)

 
Leave Comment:
Name:
Email: (not shown)
Message: (Required)
Math Question: 10 + 74 = ? followed by the letter: Q 



About Me
More Blogs
Main Site
Posts: (All)
2020 ( 2 )
2019 ( 5 )
2018 ( 6 )
2017 ( 6 )
2016 ( 22 )
2015 ( 16 )
2014 ( 25 )
2013 ( 4 )
2012 ( 10 )
2011 (7)
     C# Process Injection
     CAPTCHA Bots
     C# PE Offset Calculator
     VB6 Async Download
     Show Desktop
     coding philosophy
     Code release
2010 ( 11 )
2009 ( 3 )