Loading...

Cracking CAPTCHA with Padding Oracle attack

23,520 views

Loading...

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Uploaded on Feb 18, 2010

This video shows how to crack all CAPTCHA in a target website using only JavaScript hosted on a different machine. We do that by exploiting Padding Oracle and web browsers cross-domain information leakage vulnerabilities.

One can easily turns this exploit into a distributed attack. Please see our paper at http://www.netifera.com/research for more technical details.

Thank you and happy hacking!

--Juliano Rizzo and Thai Duong

Loading...

Advertisement
When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...