On 6/12/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote:
On Tue, 2007-06-12 at 15:23 +0200, Tijnema wrote: > On 6/12/07, Stut <stuttle@xxxxxxxxx> wrote: > > tedd wrote: > > > At 7:38 PM +0200 6/11/07, Tijnema wrote: > > >>> > > >> > > >> Well, if you think this is the uncrackable* solution, create it and > > >> i'll see if I can crack it ;) > > >> > > >> Tijnema > > >> > > >> * I hope you don't mean the same uncrackable as AACS did: > > >> "HD-DVD is uncrackable" ;) > > > > > > > > > As I provided in another post, try cracking this: > > > > > > http://sperling.com/examples/dot-captcha/ > > > > I've not written code to do it but that seems pretty simple to me. You > > get the image from circle.php, detect where the circle is - pretty > > simple - and pass those coords through when posting the form. Or have I > > missed something? > > > > -Stut > > > Yup, it's as simpel like that, but I found an even simpler way,because > there is a bug in Tedd's code :P > You didn't check if the session variable is empty, so if i Pass an > empty variable Submit.x and Submit.y to your script, it generates 2 > warnings, but tells me, Congratulations, you made it... > > To see the result, go here: > http://86.86.80.41/dev/debug/tedd3.php > To see the source of the code, go here: > http://86.86.80.41/dev/debug/tedd3.phps Does it check specifically for Submit.x and Submit.y? or does my goof script work if I put in the full URL? *heheeh*. I noticed he had that bug too when I used wget to grab circle.php (the circle center was at the origin), but wasn't sure if his validation code checked it (this was after I sent my goof response :) Cheers, Rob.
Nope, it does actually check for Submit.x and Submit.y ;) Tijnema -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php