Cracking CAPTCHA with Padding Oracle attack




Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Feb 18, 2010

This video shows how to crack all CAPTCHA in a target website using only JavaScript hosted on a different machine. We do that by exploiting Padding Oracle and web browsers cross-domain information leakage vulnerabilities.

One can easily turns this exploit into a distributed attack. Please see our paper at http://www.netifera.com/research for more technical details.

Thank you and happy hacking!

--Juliano Rizzo and Thai Duong

  • Category

  • Song

  • Artist

  • Album

    • potential remstered version
  • Licensed to YouTube by

    • UMG (on behalf of Wind-up Records); SOLAR Music Rights Management, ASCAP, LatinAutor, LatinAutor - UMPG, Sony ATV Publishing, LatinAutor - SonyATV, Reservoir Media (Publishing), Abramus Digital, CMRRA, UBEM, Broma 16, and 18 Music Rights Societies


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...