Google ReCaptcha system is bypassed, achieve around 90% accuracy overall captchas
Four researchers at the University of Maryland have announced an open source tool called UnCaptcha in 2017 that can crack Google’s verification code system, ReCaptcha, with an accuracy of 85%. Like many verification mechanisms, the early ReCaptcha system was identified by a digital verification code to ensure that the operator was a human rather than a robot. However, in 2012, a Google research team cracked its text verification code system almost 100%. So Google added image verification to the upgraded version.
Recently, the researchers from the University of Maryland continue to publish a new tool called “unCaptcha2” that “achieve around 90% accuracy overall captchas.”
“Since the changes to ReCaptcha prevent Selenium, a browser automation engine, unCaptcha2 uses a screen clicker to move to certain pixels on the screen and move around the page like a human. There is certainly work to be done here – the coordinates need to be updated for each new user and is not the most robust,” the security experts explain.
unCaptcha2’s approach is very simple:
- Navigate to Google’s ReCaptcha Demo site
- Navigate to audio challenge for ReCaptcha
- Download audio challenge
- Submit audio challenge to Speech To Text
- Parse response and type answer
- Press submit and check if successful
