[WEB SECURITY] my website captcha broken??

Luis Matus matus.investiga at gmail.com
Sat Jan 31 01:11:42 EST 2009


I need some advice. I work for a company that provides sms service on line
from our web  site. The websites uses captcha but some how hackers have
been able to break the captcha or work around it, because they (hackers)
have created a web capable to send sms through  our website.

I've know they're using our web site  because  whe can see their website
server IP in our database logs.


Do you have any pointers of how could the problem be adressed?

Perhaps you might have some similar stories that may give me a clue of how
they did it?

Greetings.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090131/73689a36/attachment.html>


More information about the websecurity mailing list