Project CrackIT
Today I was notified by a guy who goes by the name of Daniel (Nickname: Helldot) that there was a method upon cracking the Habbo Captcha. Just to publicize the find – i’m posting it here!
Daniel says:
-
Today, I was bored (I mean I was really really bored). So I took a look at the captcha of Habbo, after that I let my brains work for me and devise a method for cracking it.
1. Get all the blackest pixels from the middle.
2. The line should be filtered out (line 4px – text 6px).
3. Then I get the outline of the text.
4. OCR regonize the captcha characters.
5. Some routine into the captcha give me the chance to put in some corrections.
This all gives a succes rate of 50%-60%. Not bad, but way to low.
Then a friend of me gave me a greek algorithm, I tried it and this was a very strong algorithm. It had a succes rate of 98% with the uncracked captcha of me. So I put my own algorithm over it, voila, a succes rate of 100%.
I haven’t fixed all the problems in the algorithm (way to much problems for releasing it). So hold on! Just wait!
- Helldot (Daniël)
Credits to [Basz, Lorenzo]
-
Video: http://www.vimeo.com/11720476
Things just keep coming and coming eh? :’)
- Mike
Yaay, DOB bruters
It’s not that hard to filter the text out of a captcha image with paint, add it to a C# form, add a button, sleep the thread for a while, and then put the text in a text box. Oh, forgot to mention the capturing part.
Meh.
If you knew the theory, it’d make perfect sense as to why it would work. Infact, if you look closely the text isn’t “filtered” out – the dash is still going through the captcha and the letters are still pretty wide – making the dash more effective. If you were to match some rgb() colours around the border of the dash, cracking the captcha is much simpler.
Stop being so negative.
Hehe. I allways thought that captcha was a little too easy to read
I guess the scripting communities are back. Well done guys.
Hardly scripting, more as cracking. And most of the new scripts/cracks/hacks have come from new people that not many have heard of now, e.g. -Secret-, angelboy and Helldot.
You original said it’s more cracking and then you went on to say he was a scripter.
Anyone heard if this Daniel character has a working DLL example? I’m not trying to call fraud, I’d just like to see it in action, and with permission embed it into h4v0ck.
I doubt that this is real, you can’t just *magically* make something that ‘cracks’ captchas. Infact, this looks like a quickly whipped up C# Windows Forms app to me.
To be honest Nillus, that thought crossed my mind as well. Now, if Helldot / Daniel (whatever he prefers) were to provide a working example, I might be slightly less hesitant.
Off topic;
I don’t suppose you have any Proof-of-Concept examples for the SQL Injection exploits you posted on your blog? I’m pretty sure Carlos does anyways, I’m just curious.
Awesome, a lot of interesting stuff happening this year.
Nice new theme
I doubt this is real, it would take fare longer if it was possible to crack it and i just don’t think this is real what so ever, and could you next time in your next fake sleep it for longer lol, it seemed to quick.
Above ^^ at Daniel, not Mike.
Wait, has anybody tried this:
I assume you have the CAPTCHA problem with all types of brutes.
It would work for a regular name and password brute, but not a DOB brute.
Find out how many guesses it takes to display the CAPTCHA, let’s say it’s 5. After 4 guesses, the brute would input a correct username and password to cool the fucker off. Then the brute would log back out and begin guessing again.
Might be easier than Helldot’s method, but it would take longer.