Reverse Engineering Salting

  • jibbius

    (@jibbius)


    12 years ago

    Hi,
    Thanks for the great plugin.

    I’m looking to write some browser-automation test scripts to test my site.
    One issue I have, is that I need to test:

    • The CAPTCHA is working
    • The process behind the CAPTCHA is working

    I’ve noticed that the CAPTCHA code is determined by:

    securimage_show.php?si_form_id=reg&prefix=RandomNumbersAndLetters

    Obviously, I get a different CAPTCHA code, based on the prefix (presumably the algorithm is salted also?).

    Two questions:
    – Is it possible for me to figure out what the CAPTCHA is, based on RandomNumbersAndLetters and a known Salt?
    – How do I change the Salt? Does this plugin use one of the values in wp-config?

    (You could probably list these on the FAQ)

    Thanks in advance.

    https://www.ads-software.com/extend/plugins/si-captcha-for-wordpress/

Viewing 1 replies (of 1 total)
  • Thread Starter jibbius

    (@jibbius)

    I realise I’m making assumptions with the above.

    My real question(s) –

    • Is it possible to reverse engineer this, somehow, for the purpose of testing my own site?
    • Alternatively, perhaps I can force the CAPTCHA to have a known value (by adding a new action somewhere)?

    Any ideas/background on how the code works would be awesome.
    Thanks ??

Viewing 1 replies (of 1 total)
  • The topic ‘Reverse Engineering Salting’ is closed to new replies.