[WEB SECURITY] my website captcha broken??
r at fuckthespam.com
r at fuckthespam.com
Sat Jan 31 11:21:05 EST 2009
I believe that what you first need to do is using a better CAPTCHA. Ever
heard of reCAPTCHA?
I'm really not sure what you can do against them... nothing I bet.
--Romain
http://rgaucher.info
> I need some advice. I work for a company that provides sms service on line
> from our web site. The websites uses captcha but some how hackers have
> been able to break the captcha or work around it, because they (hackers)
> have created a web capable to send sms through our website.
>
> I've know they're using our web site because whe can see their website
> server IP in our database logs.
>
>
> Do you have any pointers of how could the problem be adressed?
>
> Perhaps you might have some similar stories that may give me a clue of how
> they did it?
>
> Greetings.
>
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list