Cracking the MySpace CAPTCHA

I'm playing around with the new myspace CAPTCHA trying to see if there is a way to not even need to enter it at all. Let's get a thread going and try to figure out how to bypass the signup CAPTCHA.

Turns out that the step after the CAPTCHA when creating a new account looks like this:

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=xntyb8N2d2%2FOMis2liF1G5shK3WUISonmDozNMd9OyCDPWd8xX53bNp%2BdXbHemdrz3Ryb818cHyK

Code (markup):

Even after I had gone and done something else, when I clicked that link, it instantly associated me with the account I had created for it, which tells me that somewhere in that ID variable is information such as the username.

xntyb8N2d2%2FOMis2liF1G5shK3WUISonmDozNMd9OyCDPWd8xX53bNp%2BdXbHemdrz3Ryb818cHyK

Since this is myspace, surely they made their own crappy encryption software. Anyone want to have a go at cracking it?

I have looked through the cookies and there isn't much to see. There is an "IID" cookie which is blank, though. Also of interest is NGUSERID which will look something like this (it isn't the same one as the code above):

a2825ec-8260-1170609850-1

Code (markup):

If this doesn't work, there is something interesting. A CAPTCHA cookie. I went directly to the ASP page for the CAPTCHA and refreshed a bunch of times, copying down what the CAPTCHA was and what the cookie was. You can see it here.

http://security.myspace.com/CAPTCHA/CAPTCHA.aspx?SecurityToken=4ABA7490F084489DAA496C7489DF2AAD

phibmxdk
1fabefe0-67dc-4d70-bb25-15b78c2e0477

hdhgnwwx
4dda110b-09f3-457f-82d3-9cb27e6d6059

skspgufk
c8e1d51b-f33d-4178-8a1f-45e11de0b5a5

fgsjxpfzc [notice this one is 9 characters rather than 8]
b92125d-eb00-4a07-9f1f-e0e68c0e7e03

[unable to read]

xwwkrcx
c4427a17-f517-4f1a-a9b0-d954016a3b68

esvimzhz
cd1fb25e-490d-435c-854f-927e8212bb1d

[missed]

svwdunix (LOL)
c24aada1-ae8f-4b4f-a448-6cce46f90cfc

Code (markup):

The best thing to do with the CAPTCHA would be to just avoid it altogether. So if we can find a way to do that, we're set. However, if not, we may have to look into cracking the CAPTCHA cookie.

UPDATE

I just spent way too much time creating 12 different profiles. On each one, I only changed one attribute (plus the email because that has to be unique), and then looked to see what the hash was so I can tell what changes what. Unfortunately I didn't think to write down the CAPTCHA until the 5th account, but you should be able to see where that is in the hash.

I haven't actually looked at the hashes yet, which are down at the bottom and also exploded for your convenience, but I'm going to take some time to do that now.

check@check123.com
tori vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb892dGnHMiQzki0sG5QmIjicf3Vo2S0oNot%2FdSuWPTQnjDo0e9B8d2vAY3dp2n5ze8Z%2FfWrEdHZs0DM%3D

---------
[change just email]
check1@check123.com
tori vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb893dG7BMiQzki0sarctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGeH1pxmk6
---------
[change email, first name]
check2@check123.com
jackie
vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb85%2BdG3HMiQzki0sabctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGd31pwWk6
----------

[change email, pass]
check3@check123.com
tori
vanderbilt
omgsecks
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb85%2FdWPBMiQzki0saLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHFfH1rz2k6

-----------

[change email, country]
check4@check123.com
tori
vanderbilt
12pass
Albania
12345
female
1/1/93
yes
english
vnhjkmyvy

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb855fmPBMiQzki0sb7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDf31vz2k6
----------

[change email, zip]
check5@check123.com
tori
vanderbilt
12pass
US
09876
female
1/1/93
yes
english
xycifsx

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd%2BdmrEMiQzki0sbrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDeX1uzmk6
-----------

[change email, gender]
check7@check123.com
tori
vanderbilt
12pass
US
12345
male
1/1/93
yes
english
exvydys

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd%2BfmnDMiQzki0sbLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCfn1qz2k6
------------

[change email, month]

check8@check123.com
tori
vanderbilt
12pass
US
12345
female
2/1/93
yes
english
ffcijupk

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd8c2%2FPMiQzki0sY7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCen1vxWk6
----------------

[change email, day]

check9@check123.com
tori
vanderbilt
12pass
US
12345
female
1/2/93
yes
english
spnsczn

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd9dW7OMiQzki0sYrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCeX1rxWk6
----------------

[change email, year]

check0@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/86
yes
english
twzvxsm

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd9fmrGMiQzki0sa7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCdn1vzmk6
------------
[change email, no birthday viewable]
check00@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/93
no
english
caczkxtdh

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd6c2jOMiQzki0sa8cOJDOSLSxqxX1pOJgjO2rFPiYohDI8L4RuYGnHfnB2x3xqa8NudmnNfndhxnxgJg%3D%3D
-------------
[change email, myspace - french (CA)]
check000@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/93
no
myspace french CA

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd7dGnOMiQzki0sa8d%2BBzifKyQwxnx0dZQhKifGfDc6hD07IIM9Z3zFfnds2n51dsd6Z2rFdHdpzXp0fIo%3D

---------------------
xntyb892dGnHMiQzki0sG5QmIjicf3Vo2S0oNot%2FdSuWPTQnjDo0e9B8d2vAY3dp2n5ze8Z%2FfWrEdHZs0DM%3D
xntyb893dG7BMiQzki0sarctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGeH1pxmk6
xntyb85%2BdG3HMiQzki0sabctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGd31pwWk6
xntyb85%2FdWPBMiQzki0saLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHFfH1rz2k6
xntyb855fmPBMiQzki0sb7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDf31vz2k6
xntybsd%2BdmrEMiQzki0sbrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDeX1uzmk6
xntybsd%2BfmnDMiQzki0sbLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCfn1qz2k6
xntybsd8c2%2FPMiQzki0sY7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCen1vxWk6
xntybsd9dW7OMiQzki0sYrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCeX1rxWk6
xntybsd9fmrGMiQzki0sa7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCdn1vzmk6
xntybsd6c2jOMiQzki0sa8cOJDOSLSxqxX1pOJgjO2rFPiYohDI8L4RuYGnHfnB2x3xqa8NudmnNfndhxnxgJg%3D%3D
xntybsd7dGnOMiQzki0sa8d%2BBzifKyQwxnx0dZQhKifGfDc6hD07IIM9Z3zFfnds2n51dsd6Z2rFdHdpzXp0fIo%3D

x n t y b 8 9 2 d G n H M i Q z k i 0 s G 5 Q m I j i c f 3 V o 2 S 0 o N o t % 2 F d S u W P T Q n j D o 0 e 9 B 8 d 2 v A Y 3 d p 2 n 5 z e 8 Z % 2 F f W r

E d H Z s 0 D M % 3 D

x n t y b 8 9 3 d G 7 B M i Q z k i 0 s a r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H G e

H 1 p x m k 6

x n t y b 8 5 % 2 B d G 3 H M i Q z k i 0 s a b c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H

G d 3 1 p w W k 6

x n t y b 8 5 % 2 F d W P B M i Q z k i 0 s a L c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H

F f H 1 r z 2 k 6


x n t y b 8 5 5 f m P B M i Q z k i 0 s b 7 c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H D f

3 1 v z 2 k 6


x n t y b s d % 2 B d m r E M i Q z k i 0 s b r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H

D e X 1 u z m k 6

x n t y b s d % 2 B f m n D M i Q z k i 0 s b L c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H

C f n 1 q z 2 k 6

x n t y b s d 8 c 2 % 2 F P  M i Q z k i 0 s Y  7 c t L z 6  U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d

m H C e n 1 v x W k 6

x n t y b s d 9 d W 7 O M i Q z k i 0 s Y r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H C e

X 1 r x W k 6

x n t y b s d 9 f m r G M i Q z k i 0 s a 7 c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H C d

n 1 v z m k 6

x n t y b s d 6 c 2 j O M i Q z k i 0 s a 8 c O J D O S L S x q x X 1 p O J g j O 2 r F P i Y o h D I 8 L 4 R u Y G n H f n B 2 x 3 x q a 8 N u d m n N f n d

h x n x g J g % 3 D % 3 D

x n t y b s d 7 d G n O M i Q z k i 0 s a 8 d % 2 B B z i f K y Q w x n x 0 d Z Q h K i f G f D c 6 h D 0 7 I I M 9 Z 3 z F f n d s 2 n 5 1 d s d 6 Z 2 r F d

H d p z X p 0 f I o % 3 D

Code (markup):

 

And your point is...???

 

that's what i'm asking as well lol

 

Sorry if I didn't get it across...

I'm trying to start a thread to figure out how to bypass the signup CAPTCHA. Above is all the info I have collected.

 

Its pretty hard to break CAPTCHA, unless they are using a stupid technique. Otherwise you will need to screen read the page with a screen reader program.

Peace,

 

Which is why I'm not trying to break it. I'm simply trying to skip to the page after the CAPTCHA.

 

Mission impossible 9

 

I don't know if bypassing the entire captcha can be done, but I know the captcha can be broken. Adderrobot can bypass captchas when sending mass messages.

You might want to try posting that over here. You will probably get a better response.

Good Luck!

 

only very poor quality captcha, images cannot be read by a program yet, if they could do you not think google images would be a little more organized than it is ....

 

Like I said I am not trying to crack the CAPTCHA, but rather simply bypass it.

 

post a link to a captcha system that's even possible to bypass.....

 

I have seen people who use CAPTCHA, with the word hidden in the post or the url.

Peace,

 

^^that's exactly what I meant when I said poor captcha, there won't be many sites that are still making that mistake now .....

 

It's one thing identifying a pattern from a set of 36 but another entirely to write a program that 'looks' at an image and can then identify that it is showing a house, waves breaking on a beach or some guy in a hat. The possible patterns are virtually limitless.

 

Images CAN be read by a program. I believe that you can lift the layers of an image via CGI and determine what it is. For example, if you try to upload a swastika as your MySpace picture, it doesn't allow it, and returns the error that photos must be 'appropriate and non offensive'.

Take a look here too: myfonts.com/WhatTheFont - Upload a picture, it lifts layers and finds letters

 

FriendBlasterPro just released a fully working CAPTCHA bypass two days ago!

This bypass will actually allow you to send out a full 500+ Friend Request and you NEVER have to enter in a CAPTCHA!

Check them out: addnewfriends.com

 

friendfrost.com adds friends like crazy and have been up for a while I think.

 

The easiest way to bypass the captcha would be this

Set up a porn page with one image on the page. Pull the myspace captcha and place it on the page with a box for the guy browsing the porn to enter the leters into. When he enters the letters, show him another porn image + captcha from myspace and use the data he provided in the MySpace field.

The only problem you'd run into is if people found out that the image advanced regardless.

 

I don't get it, what would I be able to do with a random CAPTCHA?

 

It's not a random captcha, it's the solution to the captcha you need. You serve the person on your site the myspace captcha and use their answer to submit the form.