Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "captcha"
-
Dad: why do these forms ask me to fill those random characters(captcha)
Me: to verify that you are human
Dad: as if animals can use computers
Me: 😅7 -
These "math question" captchas are really stupid.
It's not even an image that has to be OCR-ed, it's just plaintext. Why can't these people understand a captcha is supposed to be something only a person can do? This is math. Computers are amazing at math.23 -
Google: "Please prove you're a human."
Me: "Hello Google, I'm human!"
Google: "Prove you're a human..."
Me: *Stabbing my finger and dripping blood on the computer*
Google "Prove you're a human!!"
Me: *Crying, laughing, expressing feelings*
Google: "Prove you're a human I said!!!"
Me: "4527"
Google:" Thank you."4 -
Big client, sells products in 30+ countries.
Tries to generate newsletter subscribers, so asks for a system to send a coupon upon subscription.
2 days later, client calls in panic. “We have too many subscribers, our marketeers say it’s a bot issue, can you do something?”.
Checked the data, checked analytics, turns out there’s a lot of referral traffic from freebie-sites, no sign from a bot issue.
Called the client back, “sorry, but there’s nothing you can do about that, you wanted your newsletter to become popular. Not you’re the victim of your own success”.
Client: “can we add captcha?”
Me: “why would you want to do that? You don’t even have a bot issue”
Client: “to make it harder for people to subscribe”
I tried to talk som sense in their heads, but after 3 times I gave up and implemented the damn captcha. It’s still there, doing nothing but annoying thousands of people, including me...7 -
My CS college has its portal's login page secured with captcha.
But the captcha is set on autocomplete.
I shit you not.5 -
Okay, time to delete my old Skype account
1. Enter Skype name
2. Reset password
3. Captcha
4. Complete email
5. Enter email code
6. You are logged in now, please complete your profile first
7. Enter birth date
8. Add your phone number or second email address
9. Create new outlook mail
10. Got access to profile settings
11. Click on delete profile
12. Stop please first verify your email again
13. Enter code
14. Check all checkboxes that I am really sure to want it deleted
15. Click delete button
Fuck hell and that all again for my second account7 -
I was signing up on Twitch...
I was in a hurry...
Goddamn that CAPTCHA...
After fucktillion attempts...
I came to terms with the fact that I am a robot...7 -
reverse turing test in which you have to convince machine that you are a human... oh wait we already have captcha2
-
Friend: Hey did you saw this neural network which can solve captchas?
Me: No, does that even exist?
Friend: Yes, its awesome, isn't it?
Me: Yeah, awesome...
Inner Me: Now machines are already better at solving captchas than me :/3 -
I don't care how secure google captcha is. It sucks.
* select street signs *
* select bus images *
* select again *
* still error *
Every single time17 -
found this gem today.
P.S.
captcha - Completely Automated Public Turing test to tell Computers and Humans Apart.
ahh, seems promising!!3 -
Am i the only one that hates Google reCAPTCHA from the body down to the soul ?
- Click the Car
- The Blue Car
- The Truck
- The Truck Bus
- The Bus Truck
- With Blue Light
- Select the Bicycles
- Skip the house
- Find the sign
- With the blue bat
- Purple pink hat
- Click Traffic light
- We mean all Traffic lights
- Select Stores
- With Zebra Crossing
- ...
WTF!!! Just kill me already.11 -
If you're going to add a fucking CAPTCHA to your already poorly-designed website, MAKE SURE IT FUCKING WORKS YOU FUCKING IDIOTS.5
-
I once ran into a CAPTCHA that was hard coded with a simple math problem. Every time it asked what 5 + 1 is.4
-
What if CAPTCHA isn't there to keep robots out, but to identify humans for the coming robot uprising?4
-
I worked at a startup. They wanted to "save" money. So they hired a relative of "Fred" named "Bubba". Bubba made a custom website. Like hand built gifs and who knows how hand crafted html. It was fine for a time. Then somebody was wondering why nobody was calling us at the company. No customers. Another relative named "George" (who was actually a business major) looked at the website. It had been hacked and replaced with Jedis fighting Sith Lords. Me and another engineer named "Zeus" said "fuck this shit" and said "we are redoing this shit".
So I logged into godaddy (I know, shitty) and installed Wordpress (kinda shitty). I proceeded to turn wordpress into a half decent page. Wiped out the shit that was there, reused images as it made sense. Created more images. Reduced images to 80% quality to take loading size from 10MB to <1MB. Then I also proceeded to do SEO work and get the website listed properly within about a month. Customers started calling all the time. I had a simple contact form that barely gets any shit on it due to captcha. The was 5 years ago. I left 3 years ago (still help them on weekends) and nobody has done shit with the website. They are still getting calls and it hasn't been hacked.
We don't talk to Bubba. He didn't know what the fuck he was doing. I wonder if he still does websites for his relatives. I honestly had no clue what I was doing, but my take on the approach was easier to maintain and even George and Zeus and the new manager "Ralph" can maintain it, kinda. Went from shitty static website to full on dynamic and interactive. Yeah, I know, "dynamic". But the manager was happy.
Sometimes you just do what you gotta do in addition to doing all the electrical and software engineering for a company.6 -
I was entering all the characters in the captcha textbox, out of force of habit, and couldn't realize why it was being marked as invalid. Then I realized...8
-
(!dev)
Fuck Twitter.
I get sucked in for 10 minutes through some news article, and my blood is boiling.
I think the platform does not even deserve to exist.
And I didn't think I would ever say that.
I used to be a staunch defender of the free & open internet, even with it's ugly and extreme sides, because I was convinced the good would outshine the evil.
I displayed the Pirate flag with pride on the mast outside of my house, I was intimately involved in the founding of their political party in my country. I was convinced of the power of the internet, I believed it would empower democracy and debate.
So why do simple tweets, even just the ones about technology, incite an endless stream of vile ultranationalist & misogynist hate?
How is it that those who are reasonable get drowned out?
That fucking character limit is a cancer.
The orator's wings are clipped. The richness of language is wilting before our eyes. All that remains are a bunch of caged chickens pecking every argument to death.
I will defend the right to free speech, even when it comes to the most disagreeable and controversial opinions.
But Twitter does not promote free speech. It's poison to free speech.
It's an endless torrent of non sequiturs, which constricts all reason and intellect. It replaces free speech by pretending to have equal value.
I really don't care if you are left or right, socialist or libertarian, globalist or nationalist.
You can argue to me that we should close all borders for immigrants, that Apple makes great products, that genocide has its pros, you could try to convince me that Heineken tastes acceptable (sorry AlexDeLarge), that Linux should be outlawed or that we should really try to bring this Eugenics thing back again.
Just be fucking rational -- and "Rationality implies the conformity of one's beliefs with one's reasons to believe"
You can NOT fit both your beliefs and their supporting reasons in 140 or even 280 characters.
So what's left is just your beliefs.
Stripped of all reason.
Repeat it often enough, keep spewing, keep throwing out incomplete arguments, and you'll train yourself to forego ratio in your convictions completely.
All social platforms should get a forced captcha for every spelling/grammar error, and a 1000 character minimum.
The world would be a slightly better place.6 -
Fucking precious fragile snowflake dick heads.
Some bot beats a contact form captcha and an email with "offensive" content gets into a mailbox, and they're immediately shouting to HR that we're not protecting them from it.
Bitch, we'll NEVER be able to shield your super special self from all the big nasty bad men on the net - GET THICKER SKIN YOU THUNDERCUNT
One more fucking whine like that, and I'm gonna get far more offensive than your fucking inbox8 -
"Click all squares with vehicle"
I'm pretty sure there is no vehicle!
Is this what captchas have evolved too?20 -
Did you know reCAPTCHA v1 will no longer work from now on? Would be interesting to know how many sites are still using it...3
-
CAPTCHA meaning: "Completely Automated Public Turing test to tell Computers and Humans Apart".
Proof the the CS community is bad at creating acronyms.4 -
Getting real fucking sick of shitty websites excessive security measures!
1. Username
2. Password
3. Captcha
4. Mandatory 2FA
We don't recognize your IP, please log into your email, click the link, get redirected and complete steps 1-4 again! Also the site will time out in 10 minutes if you aren't actively using it. Have a nice day!
Go fuck yourself.7 -
We are on a roll here people (side note, if You are joining the site, thank you but if you are using disposable email accounts at least wait for the verification code to arrive to said account):
So our most well know and belowed CMS that brings lots of love and feels to those that have to (still) deal with it, had some interesting going on:
Oh Joy! "Backdoor in Captcha Plugin Affects 300K WordPress Sites", well arent You a really naughty little boy, eh?
https://wordfence.com/blog/2017/...
Remember that "little" miner thingy that some users here has thought about using for their site? Even Yours truly that does make use of Ads Networks (fuck you bandwidth is not free) even I have fully condenmed the Miner type ads for alot of reasons, like your computer being used as a literal node for DDoSing, well... how about your "Antivirus" Android phone apps being literally loaded with miner trojans too?
https://securelist.com/jack-of-all-...
"When You literally stopped giving any resembles of a fuck what people think about Your massive conglomerate since You still literally dominate the market since alot of people give zero fucks of how Orwellian We are becoming at neck-breaking speed" aka Google doesnt want other webbrowsers to get into market, Its happy with having MemeFox as its competitor:
https://theregister.co.uk/2017/12/...
Talking about MemeFox fucking up again:
https://theregister.co.uk/2017/12/...
And of course here at Legion Front we cant make finish a report without our shitting at Amazon news report:
"French gov files €10m complaint: Claims Amazon abused dominance
Probe found unfair contracts for sellers"
More News at:
https://legionfront.me/page/news
And for what you may actually came and not me reporting stuff at Legion's Orwell Hour News™ ... the free games, right?:
Oxenfree is free in GoG, its a good game, I played like 2 months after its release and I think I heard they wanted to make a Live Action movie or some sort of thing after it:
https://www.gog.com/game/oxenfree
Kingdom Classic is also free:
http://store.steampowered.com/app/...
Close Order Steam Key: HWRMI-2V3PQ-ZQX8B
More Free Keys at:
https://legionfront.me/ccgr4 -
Fucking bruteforce man. Was supposed to go sleep when got few messages from my gameserver players that their accounts have been hacked.
Checked their logs, all of their accounts have been accessed from Russia. Told them to change their passwords and they told me their previous passwords which were easy af to guess.
Digged deeper and found hundreds of thousands failed logins in the last few hours and all of them from different ips.
Since I cant modify gamefiles on client side, the solution for now was to disable in-game registration and force player registration through the website form with captcha and also where each players login name gets appended with a random suffix chosen by player from a random list..
Fuck you bruteforce scriptkiddies, good luck guessing accounts now. At least I can sleep now.18 -
Best part about the covid19 manufactured crisis?
Liquor stores deliver. Worst part about liquor stores delivering? Needing to use their shoddy websites.
I've been using a particular store (Total Wines) since they're cheaper than the rest and have better selection; it's quite literally a large warehouse made to look like a store.
Their website tries really hard to look professional, too, but it's just not. It took me two days to order, and not just from lack of time -- though from working 14 hour days, that's a factor.
Signing up was difficult. Your username is an email address, but you can't use comments because the server 500s, making the ajax call produce a wonderfully ambiguous error message. It also fades the page out like it's waiting on something, but that fade is on top of the error modal too. Similar error with the password field, though I don't remember how I triggered it.
Signing up also requires agreeing to subscribe to their newsletter. it's technically an opt-in, but not opting-in doesn't allow you to proceed. Same with opting-in to receiving a text notification when your order is ready for pickup -- you also opt-in to reciving SMS spam.
Another issue: After signing up, you start to navigate through the paginated product list. Every page change scrolls you to the exact middle of the next page. Not deliberatly; the UI loads first, and the browser gets as close as it can to your previous position -- which was below that as the pagination is at the bottom -- and then the products populate after. But regardless of why, there is no worse place to start because now you must scroll in both directions to view the products. If it stayed at the very bottom, it would at least mean you only need to scroll upwards to look at everything on the page. Minor, but increasingly irritating.
Also, they have like 198 pages of spirits alone because each size is unique entry. A 50ml, 350ml, 500ml, 750ml, 1000ml, and 1750ml bottle of e.g. Tito's vodka isn't one product, it's six. and they're sorted seemingly randomly. I think it's by available stock, looking back.
If you fancy a product, you can click on it for a detail page. Said detail page lists the various sizes in a dropdown, but they're not sorted correctly either, and changing sizes triggers a page reload, which leads to another problem:
if you navigate to more than a few pages within a 10 or so second window, the site accuses you of using browser automation. No captcha here, just a "click me for five seconds" button. However, it (usually) also triggers the check on every other tab you have open after its next nagivation.
That product page also randomly doesn't work. I haven't narrowed it down, but it will randomly decide to start failing, and won't stop failing for hours. It renders the page just fine, then immediately replaces it with a blank page. When it's failing, the only way to interact with the page is a perfectly-timed [esc], which can (and usually does) break all other page functionality, too. Absolutely great when you need to re-add everything from a stale copy of your signed-out cart living in another tab. More on that later. And don't forget to slow down to bypass the "browser automation" check, too!
Oh, and if you're using container tabs, make sure to open new tabs in the SAME container, as any request from the same IP without the login cookie will usually trigger that "browser automation" response, too.
The site also randomly signs you out, but allows you to continue amassing your cart. You'd think this is a good thing until you choose to sign in again... which empties your cart. It's like they don't want to make a sale at all.
The site also randomly forgets your name, replacing it with "null." My screen currently says "Hello, null". Hello, cruft!
It took me two days to order.
Mostly from lack of time, as i've been pulling 14 hour shifts lately trying to get everything done. but the sheer number of bugs certainly wasted most of what little time i had left. Now I definitely need a drink.
But maybe putting up with all of this is worthwhile because of their loyalty program? Apparently if you spend $500, you can take $5 off your next purchase! Yay! 1%! And your points expire! There are three levels; maybe it gets better. Level zero is for everyone; $0 requirement. There are also levels at $500 and $2500. That last one is seriously 5x more than the first paid level. and what does it earn you? A 'free' magazine subscription, 'free' classes (they're usually like $20-$50 iirc), and a 'free' grab bag (a $2.99 value!) twice per month. All for spending $2500. What a steal. It reminds me of Candy Crush's 3-star system where the first two stars are trivial, and the third is usually a difficult stretch goal. But here it's just thinly-veiled manipulation with no benefit.
I can tell they're employing some "smarketing" people with big ideas (read: stolen mistakes), but it's just such a fail.
The whole thing is a fail.8 -
FUCK OFF, YOU FUCKING USELESS PILES OF CRAP
WHY THE FUCK CAN'T COMPANIES JUST TEST THEIR FUCKING APPS FOR ONCE?!?
LINKEDIN GOES INTO A FUCKING CAPTCHA LOOP
SNAPCHAT/INSTAGRAM ARE AS SLOW AND ATTRACTIVE AS A SLIGHTLY RUNNY SHIT
ROCKSTAR IS FULL OF MONGS WHO DON'T KNOW HOW TO MAKE A WORKING FUCKING GAME
GOOGLE IS FULL OF PERVERTED FUCKERS WHO TRACK YOU EVERYTIME YOU LOOK UP A FUCKING RECIPE.
FUCK THIS WORLD, WHY THE FUCK CAN'T BIG COMPANIES JUST MAKE SOFTWARE WITH THE USERS IN FUCKING MIND?!?!?
FUCK ME, I'M ANGRY10 -
Today I learned how to break captcha using tensorflow !
Wondering what is the use of captcha while it can be broken so easily?4 -
Switched to DuckDuckGo, because Google thought it would be nice, to ban the Proxy IP of our company (because you know, many requests) from searching and putting us behind these captcha monstrosities. I don't want to captcha myself out of every query I have for goddamn 2 minutes with slow ass fading images.
Turns out, I like their service even more.9 -
Please google, stop the recaptcha madness...I'm sitting here for 30 minutes, clicking on road signs10
-
ffs take it easy with those fucking Captchas. If I have to solve a fucking Captcha every fucking time I click on a fucking link I want to slap your face3
-
I just tried to sign up to Instagram. I made a big mistake.
First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.
So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.
Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.
Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.
So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.
I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.
I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.
Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.
And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.
Facebook and especially Instagram. Both of them are fucking retarded.6 -
We should disable the “verify that you are a human” captcha for a day and see if aliens try to contact us via internet.3
-
Soo.. Google is using ReCaptcha to improve their AI... They are verifying the answers by having multiple users solve the same image...
Couldn't we break their AI by just having enough users answer the same Captcha in the same wrong way?6 -
I been seeing spam on devrant lately. It is usually a new account which only have 1 rant (a spam)
Maybe devrant should include some kind of "Are you a developer captcha" which make you fix a bug before creating an account.17 -
Discord and captchas can go get fucked in the ass by a rusty, tetanus ridden 2m pole....
I changed my discord-password yesterday and, naturally it prompted me for a login today. So I enter my new password and that motherfucking spawn from satans anus himself with the name of captcha threw itself at me... I seriously had to select fucking street signs for about 5min before Discord let me know that I apparently logged in from a new IP (thanks VPN) and therefore needed to confirm my e-Mail address. Alright, so off to my inbox I go.
SURPRISE, I also changed my password there yesterday (LastPass Security Challenge, I changed like 30 passwords yesterday) and guess what was waiting for me?... If you guessed a captcha, you just got full fucking marks. So I was busy selecting busses and streets for the next 3min again before I could finally log into that piece of trash and autorize my IP-address and log into Discord6 -
Wow, the India Post's official website has a captcha while tracking a package.
The funny thing is, the captcha is in a text format, meaning it can be copied (yes, ctrl + c works) and be pasted in the text field.
COMPLETELY DEFEATS THE WHOLE PURPOSE.
cheers to its developer.6 -
So I've been working on this website now for a while and I'm finally near the end.
The client suddenly writes to me to ask me why there is captcha on some of the forms (register, post). He asks me to remove all captchas.
I explained to him why captchas are important and I even told him one old story of mine (basically I was noob and made that fatal mistake and suffered).
His response is to remove them anyway he didn't like them.
My response?
I keep this conversation in text form and screenshots, and I keep backups of it.
I have a feeling I'll need them.6 -
Wow the security by captcha!
Guess what? IIT Kharagpur is considered one of the best institute in India to study Computer Science and its major in research include image processing4 -
I am scared.
Google detected unusual traffic from my home network?
When I search anything in incognito mode, this page appears.
No incognito mode -> Google search works.
Feels like an attempt to force me to use my google account.13 -
Any alternative to Googles reCAPTCHA?
Backstory we have a contact form, in a bootstrap modal, loading the form as an ajax request. The form has (as of today) a captcha, as we where getting a lot of spam.
Guess what it does on safari? Right... It renders outside the modal and since there's no need for scrolling, bootstraps modal adds an overflow hidden to the body. Results in non submitable forms on some resolutions.
Any idea on how to fix this, or other captcha systems we could use (it's a Symfony app).4 -
bet you can't beat us now, dumb machine
also,
modern problems require modern solutions
#savedtheearth1 -
our university results are out
the webpage to check the results has only 3 input fields
roll number
date of birth
captcha
after checking the source code turnsout it doesn't need the date of birth and the most FUCKEDUP part is the captcha it uses is generated using javascript on the client side and literary checked using string1 == string2
I captured the post request its sending..
it only sends the roll number with some headers to the url
I wrote a quick python script to emulate the post request and got back the results of my entire college
note - the university I'm referring to has literally more than hundred thousand students under it, each and every student uses that interface to get his results4 -
Boss"So, we need to get some data about the users using the APIs from this list of sites."
Me"Alright, sounds feasible enough"
Navigating to first site.
M"Hold on, where's the API?"
B"What do you mean? You're looking at it."
M"This is a website with a search bar, not an API"
B"Same thing. Get to scrapping that data."
M"I-It's written in a JS framework to be reactive in a half-assed way."
B"We need that data"
M"The data is not even consistent!"
B"That's why we need to join it with all these different sources."
The API was a lie. None of the sites had anything remotely similar to an API.
Having to use bloody selenium with chrome driver to scrap all the information because of course, it has to be done programatically every week from now on.
I just hope no captcha of any kind is installed before I finish this project.4 -
That was the first time an image didn't contain the searched for term, so I never read the text "press skip [...]" and really tired me, tried to find a bridge for too long2
-
Trying to reserve a tour guide at Auschwitz in Birkenau. Google captcha wants me to prove I'm not a roboot. Pops up a collection of images where I should select only those with a TRAIN station..
well played google.3 -
It is increasingly difficult to believe that Google CAPTCHAs are not deliberately made unsolvable.
Everyone hates CAPTCHA, that is nothing new. As most people know, CAPTCHA frequently whines "please try again" after the user provides the correct answer. Sometimes it shows "Please select all matching images." when no new images with the named subject exist. However, now Google is taking it to a new level.
After clicking, the pictures take five seconds to fade to white and the new pictures take another five seconds to fade in. And CAPTCHA challenges have an expiry duration of two minutes. This causes CAPTCHAs to expire before it is possible to solve them.
Does Google think I am not a human because I don't have the time to waste whack-a-moling random StreetView pictures?
I have a feeling that Google is laughing at us for wasting efforts solving CAPTCHAs that are not meant to be solved.17 -
Fuck Captcha. Seriously. Am I blind to that shit or are you supposed to fail entering that goddamn letter soup like 5 times before getting it right? Of course you have to re-enter your form fields every time you fail because you don't deserve better, you illiterate fuck.5
-
The company that I work for has recently recruited a team for Web Development, so they don't have to pay a monthly fee to the previous team who designed their website.
They have over 3000+ products in the old website, and no logical way to import them to the new website. The old team was asking for 300$ to give them an API which would return the product details in an XML format.
Obviously, paying that amount of money wasn't logical for a dying website, so the manager decided to hire someone to manually copy the content from the old admin panel to the new one, that is until I stopped him.
My solution? Write a simple web scraper to login to the old panel and collect data. Boom! 300$ saved from going to waste.
Now, the old team found about this and as much as my manager was happy, they were quite angry. So they implanted a Google reCaptcha to prevent my bot from scraping the old panel.
I spent about 20 minutes, and found out once you're logged in to the old panel, the session is saved in a cookie and you are no longer greeted by a Captcha.
So I re-written a small portion of my bot, and Boom! Instant karma from manager. We finished publishing the new site, and notified the old team, only to see the precious look on their face. Poor guy, he thought I was a wizard or something 😂😂
That's what you get for overcharging people!
TL;DR: Company's old website team wanted to overcharge us writing an API to fetch 3000+ records.
Written a basic web scraper to do the same job in less than an hour.3 -
moterfucking google stop wasting my time with your endless captcha bullshit.
You know exactly my fucking home IP, I don't have time to select your fucking bicycles, hydrants and buses.
And all you motherfuckers who use google captcha go fuck yourself because you are dumb as fuck6 -
javascript generated captcha and javascript captcha validation in my university website... over hundred thousand students use this website to check results
function ValidCaptcha(){
var string1 = removeSpaces(document.getElementById("AVCODE").value);
var string2 = removeSpaces(document.getElementById("UVCODE").value);
if (string1 == string2){
return true;
}
else{
alert("invalid captcha");
return false;
}
}
function removeSpaces(string){
return string.split(' ').join('');
}1 -
!dev && rant
Looking for a song's lyrics... A very complicated task apparently. Blinding Lights by The Weeknd for whoever's interested.
Firefox: just one small thing to keep going, sorry we just updated our CA certs again. Screw you, close the browser. I will not restart it for you but I will tell you that I would. When you restart the browser, you will lose whatever search you were just doing. Sucks for you bastard! Enjoy the update.
Go to Genius Lyrics, please turn on JavaScript to run this "app". Done that? Okay now solve this CAPTCHA please. Um.. let me just leave that ingenious site.
Next one, AZ Lyrics: Yeah sorry your IP is from a hosting provider, but we will not tell you that is the reason. You've just been denied access to the site. See you next time! Everyone using a VPS to make a VPN connection with is obviously an abuser after all.
Finally found the lyrics on lyrics.com after a long journey that was way more complicated than it should've been. It's a good song.
Oh and Firefox consumed well over a GB for just a single tab of course...
I want Gopher, BBS, IRC and the likes back.4 -
Thought I'd share another one with you. Last year I saw a turorial posted on LinkedIn about how to create a captcha in ASP.NET. The turorial itself wasn't that bad but it made me laugh so hard because the writer thought of a neat way to input the desired captcha code to the handler that generated the image. Guess how? In the query string. That totally defeats its purpose. How on earth did he come up with that. So much for securing your form submission through captcha. Of course when I commented about it he didn't reply. I hope no one actually used that tutorial.2
-
So, this incident happened with me around 2 years ago. I was pentesting one of my client's web application. They were new into the Financial Tech Industry, and wanted me to pentest their website as per couple of standards mentioned by them.
One of the most hilarious bug that I found was at the login page, when a user tries logging into an account and forgets the password, a Captcha image is shown where the user needs to prove that he is indeed a human and not a robot, which was fair enough to be implemented at the login screen.
But, here's the catch. When I checked the "view source" option of the web page, I saw that the alt attribute of the Captcha image file had the contents of the Captcha. Making it easy for an attacker to easily bruteforce the shit outta the login page.
You don't need hackers to hack you when your internal dev team itself is self destructive.4 -
In highschool we went through something like a malware/phishing prevention course.
It was pretty cool tbh, we spend the whole hour in a virtual environment where you'd see common malware and phishing attempts, but the really fun you could also "hack" other students.
Hacking them means you could cause some things to happen on their "PC". One of those was showing in a captcha on their screen and they had to type a the string of your choosing, before they could access the rest of the "virtual computer" again.
You can probably guess where this is going.
I was the first who had the idea to mix big i and small L and tested it on our teacher, who was also part of this environment and screenshared to the projector.
Thanks to sitting next projection I could see the pixels and I can confirm: same character, Pixel perfect!
I will forever cherish the memory of my the teacher begging me to undo the "hack" and the chaos that followed amongst my peers 😈
Also one of the excersizes was stupid. Click on a phishing mail and enter your credentials in the form. I asked the teacher WTF kind of credentials they even want me to enter to microsooft.cum and they just said "the credentials obviously" so I think they got their karma🖕 -
So CyberCoders automatically added me to a mailing list and kept emailing me spam about resumes of developers. Not being in a recruitment position, I decided to "opt out".
I had to fucking prove I'm human... to opt out of an email some machine added me to.
Allow me to add a poorly done image to express my feelings on this matter. -
TL;DR - Mining coins to solve captchas
I was puzzled when I clicked to download something and this little captcha thingy appeared. I clicked, as usual, to solve it, but was amazed to look just a progess bar going and going... then I saw a little legend that says "what's this?", click and this is the link
https://coinhive.com/info/...
Practically, you're mining Monero instead of watching ads and solving regular captchas...
What are your thoughts on this?4 -
Took a web accessibility course somewhat recently. Here’s the list of typical accessibility problems according to those who use assistive technologies, from the most common to the least common:
1. CAPTCHA
2. Buttons and links that don’t work
3. Lacking/incorrect alt attribute
4. No input labels
5. Sudden layout shifts/content changes
6. Lacking/wrong headings
7. No keyboard access
8. Too many links
9. No skip link in header (https://en.wikipedia.org/wiki/...)
10. Lacking/broken search
11. Complicated and/or long forms
12. No closed captions for videos
13. Bad grammar
14. Bad contrast
15. Custom checkboxes
16. Custom dropdowns
17. Font size
I never knew CAPTCHA was THE worst offender. I also never knew that font size was perhaps the least problematic aspect.11 -
We hired someone to make the new front site because I was too busy.
The guy had a plain text password system to show, mispronounced "FontAwesome", and used WordPress.
He was not an instructor but was supposed to be the "senior option" for when I couldn't do something for any reason.
I later asked him for some opinion on how to translate the site, and he disabled the Captcha plugin. I. Don't. Know. Why. I figured because of all the spam I got suspiciously after he "took a look" at the admin panel.
Luckily I could get him out of the contacts and now we are looking for more devs. -
I just want to thank Steam for making steam guard key in all caps. So I dont need to fucking think about if its uppercase i or lowercase L. It would be much better if they do it on all captcha services or just fucking dont use i l o and 0 characters. These are pisses me off. They are so fucking annoying.1
-
A rant about fucking google!
I search for a page, but my internet is pretty slow (not on wifi), so while waiting I think of somwthing else to search. And now I have 4 tabs open on my phone.
After a little while, I get the following error (see attached image). I get a little frustrated, but I'm a calm person, I decide to solve the (still loading) CAPTCHA and continue browsing.
After a little while, I get an error that my browser (Edge) is not supported and I can't open the CAPTHCA. On other websites, it has always worked just fine, but they want me to switch to their Chrome, to steal my data.
It is quite a clever trick if you think about it. Either that, or I've been hacked and there's a bot on my phone.6 -
OMG!!! Stop with the image captchas, Shopify and other sites that do this! Good grief! Is this my life now? Budgeting extra time with my clients just to log into websites? That last login took a full 5 minutes of clicking on traffic lights, buses, cars, crosswalks, and parking meters. I swear, when the Singularity apocalypse happens, we'll be attacked by traffic lights, buses, cars, crosswalks, and parking meters.2
-
We have a system at work with captcha....
I may have renamed a few thousand images and people have been getting pissed...
Of course I remember the shift in filename so I just correct them and they look at me like "how the fuck is that a 6" and im like "well I think it's a 6, the computer thinks it's a 6... Have you had your eyes tested recently"
Half the office are wearing new glasses, the other half have decided that Google has "gone too far" and that "I bet their algorithm has fucked this up"
I'll change it back in a few more days with a note in the changelog about how a "particularly aggressive AI got out of hand and was being too selective"1 -
so now that ai and all that machine learning can differentiate between images n stuff, what could be the new captcha‽ 🤔5
-
Is it just me or is the 'storefront' test for CAPTCHA much harder than the schoolbus or traffic light? Could be my diminishing eyesight, or bourbon too.4
-
Google bloody captcha.
It works fine, until you have more than one form on a page then the complexity increases by 100000%.
Finally my colleague gets it working then I read an article that says bots use Google own speech recognition service to defeat it. Fun times.3 -
I wonder, are captchas in captcha solving service sign-up forms - connected to the service? so you're for free solving a captcha inside the pool?1
-
I just noticed that whenever I get a captcha to prove I'm human, it's always images from the street.. cars, crosswalks, traffic lights, trucks, bikes, tractors etc etc...
I just want to know... Who's ML model I've been helping to train for the last i don't know how many years?!? 😤
I should've realized something smelled funny the moment i understood that a bot is asking me to prove my humanity to it, by doing something that a bot should be able to do by now.6 -
Have any of you noticed how bad the new Google login page is? They invented reCAPTCHA, yet they use the old one. Considering how easy it is to make a mistake in the captcha and have to retype the password, people could start making shorter passwords (<16 characters) and seriously lower the security level of their accounts.4
-
Which smartass frontend dev thought it would be a good idea to put a cancel button just over the captcha button? Or the website just isn't responsive...4
-
How to protect API endpoints from unauthorized usage by bots?
If the API end points are meant to be used by any incoming to CSR frontend user without prior registration?
So far, my the only idea is going from pure CSR React to something with partial SSR at least in Node.js, Django or any other backend framework. I would be able restricting some API endpoints usage to specific allowed server ip.
Next.js allows dynamically both things as well.
As alternative I have a guess to invent some scheme with temporally issued tokens... But all my scheme ideas I can break really easily so far.
Any options? If SSR is my only choice, what would you recommend as best option in already chosen Django and not decided fully front-end framework?
I have the most crazy idea to put some CSR frontend framework literally into my django backend and making initial SSR from it. The only thing its missing... my lack of skills how to use React, but perhaps I have enough time to get a hang of it.
SSRed frontend can be protected with captcha means at least.16 -
Just bumped into this service called hCaptcha which looks very similar to Google's reCaptcha.
Anybody used it before? what's the difference in terms of benefits?
if it is not a google service, then where does it fetches its captcha images from?
I'm just a bit curious.4 -
One day in a near but comfortably not too near future, I will start a webdevelopment 3-letter-abbreviation dictionary page, with self-taken photos of Belgian car license plates, and use the alphabetic part for each definition. It's insane how many PSD's, JSX's, PHP's and other technologies and file formats I've seen driving around and can no longer keep it for myself.
To qualify the tech/ format must 1) have been spotted and photographed by me and, 2) be about something related to webdev
If it doesn't take off, I can still create a unique custom CAPTCHA service with the photos :D -
Today I went to a website, and it forces every visitor to do CAPTCHA to get access to the website content. It takes me 5 times doing CAPTCHA just to get access to the website. The same happened in the morning.
Am I stupid?11 -
FUCK YOU MARKETING
Sys Admin : *turns on cpanel captcha on every fucking page*
Marketing: what the fuck we are not getting any organic leads?
Me (Developer): ¯\_(ತل͜ತ)_/¯ -
Most spam attempts sent to my contact form scripts are so cryptic and useless; it looks like there`s just a bot sending garbage to persuade webmasters that they need recaptcha.1
-
!rant; question = true;
Switched to non-google for every device I own, however:
When I accidently go to Google and try to search, it tells me that I am blocked for suspicious activity and need to solve a captcha - If I do, the current search works.. Shortly after tho, it gives me the same thing again.
Any idea how to get more detailed info about the issue, e.g. Ensure none of my systems is quietly participating in a botnet?
PS: why should I care? Just don't use Google! That's right, yes, it still bugs me tho7 -
I think i came up with the ultimate captcha. A gif that displays four numbers, one by one in current position. There's always one number displayed. I do not think that AI can recognize it without some nasty adjustments while it's very clear for humans. A while ago I had to do a captcha with six questions and failed it a few times. Wtf.
The site I'm working on will have this captcha soon. I make a microservice in C that will create a captcha equal to the last url parameter, the four digit number. By giving the number yourself as parameter you know what to validate with later at post. I probably include the answer hashed with some salt in a hidden field to compare answer with so it works if you have two tabs open20 -
Fuck spam, email harvesters and fuck moderators too.
I got tired of getting spam in my email inbox from an email address that I published on my website.
The bots and email harvesters were scraping / harvesting my email address from my website and sending me tons of unwanted spam.
I decided to create a free tool to protect peoples email address behind a form captcha so that it knows the person reading it, is indeed human and not a bot or spammer.
Decided to post to reddit to get the word out and the post gets flagged. Really? What gives?
Its a free tool to stop spam for chrikes sake. I am not trying to make money.
Anyhoo wiill post the link here. Hope you guys and gaals are more friendly and will share the link.
the link is Veilmail.io ( can someone post the link please)
RANT OVER4 -
Ok so, i wanted to make python script that creates 100 accounts on some website via proxy(1acc on 1 proxy). Proxy part should be easy, but how do i solve captcha of trees and street signs? I saw there is some python module captcha-solver but havent tried it. What do you think, can this work?14
-
After not using cars for almost 5 years now, I think my computer would be faster and more accurate at recognizing street signs for the captcha
-
Microsoft Teams login says password is incorrect then and for a captcha
I type it again but fails...
I'm like wtf... Could it be the captcha...
Which I entered in all lowercase
It doesn't say the captcha is case sensitive though..
Next few times it gives me captchas with k... Teehee me like 5 tries to login
Are we trying to verify passwords/humanness or whether I can somehow tell the difference between K and k?1