Skip to content

3 New Feature Requests


I would like to know if these requests could be added in GSA captcha breaker. I think they would be helpful:

1) Option of having the captcha image's original originating URL showing up in logs (when sent from GSA SER). It would be helpful to debug and rule out engine mismatches.

2) Option of bruteforce by using random (or better yet, incremental) settings in addition of bruteforce by using existing filter settings. For instance, try a filter using the existing, let's say, 5 image settings as resize, greyscale, etc, and allowing testing of, for instance, incremental "threshold" from 1 to 99 % to compare solve ratio.

3) Option of giving some captcha definitions priority over other overlapping engine definitions (when there are 2 or more engine matches).

Also, I would like to know a little more about the "shared captchas" listed in the receive_share.php file. For instance, in the last update (1.85) the changelog said that only the Twitter engine was improved (It was! Thanks!). However, as of today, I see a lot of new captcha definitions shared in receive_share.php and I don't know if I should download and use them or not. Furthermore, the solve ratio showing up next to the captcha definition name is exactly the same as the one already in the GSA CB, so I don't know if they are improvements at all. Are those new captcha definitions tested before going to the page, or anyone can post them? Do they make it to the official release? Are those solve ratios correct?



  • OzzOzz
    edited May 2013
    I like all of your suggestions but i don't know if its possible to add them.

    1) i believe the problem is that CB just receiving the pure image file. maybe Sven is able to add some more infos like "captcha source". whenever i see an unknown captcha in the log of CB its always a pain to find the source of it in the log file of SER.

    2) i think its better if there is a multiple filter testing option. lets say the captcha definition right now is:

    - shave 1x1
    - threshold 50%
    - median 3

    now we select the filter testing for threshold and median with all combinations of:

    - shave 1x1
    - threshold 20-70%
    - media 1-4

    of course the more combinations of different filters and ranges, the longer it takes. i guess this  could take a day or more to find optimal settings, but maybe its worth the time in some cases.

    regarding the "share captcha" i wouldn't care and just wait for the next release. sometimes it happens that a user uploads existing definitions because he's testing the buttons or was brute forcing against a small sample size which doesn't improve the captcha definition in reality. 
    just wait until Sven reviewed the uploaded definitions and added them to the next release.
  • SvenSven
    next version has the URL in CB log.
  • Hey @Ozz and @Sven, thanks for your answers.

    Ozz, I believe that your way would be better as long as you can output the best configuration(s) after the loop of those parameters' values.

    Thanks Sven for the URL addition, I think it will be much easier to identify new captchas and/or mismatches with that. Let's hope you can also add the other 2 suggestions in the future, if possible. Thanks!
  • Hey, I'm testing the new "test increase in parameters" feature, I didn't see it before... Thanks Sven, It works beautifully!
  • thst isn't new or did i miss something??!
  • I just saw it now, didn't noticed it before, but it does more or less what I asked (incremental filter tests), so I like it! ;)
Sign In or Register to comment.