Now, let’s look at how easily those captchas can be bypassed. Both captchas use AJAX to send the solution, so we can simulate human activity with a couple of simple web requests.
This captcha presents us a nice iphone-like unlock model. But it can be bypassed by two simple POST-requests:
- qaptcha_crack=&<other form fields>
AJAX FANCY CAPTCHA
Though this captcha is also very nice and fancy, it still can be bypassed by another two simple requests:
- Request /fancy-captcha/captcha.php and it will return you a secret number
- Send this secret number in a POST parameter named “captcha” on the form submission