Capture the Captcha – It’s now Online !
A Captcha is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. It is a contrived acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart.”
The process usually involves one computer asking a user to complete a simple test (Captcha)
which the computer is able to generate and grade. Because other computers are unable to solve the Captcha, any user entering a correct solution is presumed to be Human.
There are a lot of Captcha implementations out there, written in JSP, PHP, ASP, .NET which are very poorly implemented and introduce serious bugs in Web applications they are supposed to protect. We designed this CTC contest to serve as an educational exercise to give participants experience in securing Web Applications from automated attacks, as well as conducting and reacting to the sort of Captchas found in the wild.
Teams are scored on their success in breaking the security behind 10 different captcha implementations, using automation and hacking techniques with the objective of bypassing the human verification process. The winner of the game will be the user/team who bypasses the highest amount of captchas in less time in order to receive the major prize: a 50USD Amazon Gift Card.
The CTC game starts at 2011-05-13 21:00:00 GMT 0 and ends at 2011-07-15 21:00:00 GMT 0 or if any participant breaks ALL captchas.
Happy Captcha Killing !
Follow @bonsai_sec on Twitter for Tips, Tricks & More