Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Create Stronger Captcha
See original GitHub issueThe tier 5 captcha challenge (about making many requests ina few seconds) can currently be solved by simply executing cURL or Postman very quickly, because you can define the captchaId and answer to it yourself:
{"UserId":1,"captchaId":2,"captcha":"96","comment":"ur shop sux!!1","rating":1}
So why not move this challenge one or two levels down and make a more difficult Captcha? You could place it for example in the Recycling Form. It should not be simply replayable and would require utilizing an additional (self-written) tool.
Suggestion: making a clone of Google’s “reCaptcha” but with fruit-images. Then a hacker would need to use image recognition like in this tutorial for example: https://www.youtube.com/watch?v=jRkW5Uf58K4 https://github.com/crazzle/pydata_berlin_2018
<bountysource-plugin>Want to back this issue? Post a bounty on it! We accept bounties via Bountysource. </bountysource-plugin>
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:13 (8 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Sure 👍 @bkimminich. I will apply text2png for strong CAPTCHA on “Recycling” functionality.
@philly-vanilly Really nice suggestion about the solution. It would bring a new flavour of offensive machine learning to Juice-shop. In the past, me and my friend had done similar kind of thing on an engagement.
@bkimminich Check this out. It’s really fun.
“How I hacked 747 game 😎 || Built Cheat Bot using Deep Learning” by Shubham Sawant https://bit.ly/2Tnox6C