Captcha bypass

1- Proof of Concept

  1. Create a new request by entering right captcha value.

  2. Intercept the request in a proxy tool.

  3. The request will look like this:

  4. Now change the method from POST to PUT and right submit the request.

  5. The request will look like:

  6. Repeat the request for any number of times and observe that every time instead of checking for a new captcha value, the old value or ANY VALUE from captcha is accepted.

-------------------------------------------------------------

2- Proof of Concept

  1. https://www.coinbase.com/signup

  2. Fill the input field and Validate the captcha.

  3. Trun on Brurp submit form and capture the request.

  4. Remove the g-recaptcha-response( response value) and foreword it.

Impact:

Fake accounts can be created. Also username enumeration can be performed because no application will allow two email to choose same email.

-------------------------------------------------------------

3- Proof of Concept

  1. https://www.website.com/login

  2. Fill the input field and Validate the captcha.

  3. Trun on Brurp submit form and capture the request.

  4. Remove the recaptcha-response( response value with Header) and foreword it.

-------------------------------------------------------------

PreviousNO RATE LIMITNextHTML Injection (CWE-79)

Last updated