Cracking the MySpace CAPTCHA

Status
Not open for further replies.
chatmasta

chatmasta

Well-known member
Jan 7, 2007
2,611
68
48
NYC
I'm playing around with the new myspace CAPTCHA trying to see if there is a way to not even need to enter it at all. Let's try to get a thread going to figure out how to bypass the signup CAPTCHA...

Turns out that the step after the CAPTCHA when creating a new account looks like this:

Code: 
http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=xntyb8N2d2%2FOMis2liF1G5shK3WUISonmDozNMd9OyCDPWd8xX53bNp%2BdXbHemdrz3Ryb818cHyK
Even after I had gone and done something else, when I clicked that link, it instantly associated me with the account I had created for it, which tells me that somewhere in that ID variable is information such as the username.

xntyb8N2d2%2FOMis2liF1G5shK3WUISonmDozNMd9OyCDPWd8xX53bNp%2BdXbHemdrz3Ryb818cHyK

Since this is myspace, surely they made their own crappy encryption software. Anyone want to have a go at cracking it?

I have looked through the cookies and there isn't much to see. There is an "IID" cookie which is blank, though. Also of interest is NGUSERID which will look something like this (it isn't the same one as the code above):

Code: 
a2825ec-8260-1170609850-1
If this doesn't work, there is something interesting. A CAPTCHA cookie. I went directly to the ASP page for the CAPTCHA and refreshed a bunch of times, copying down what the CAPTCHA was and what the cookie was. You can see it here.

Code: 
http://security.myspace.com/CAPTCHA/CAPTCHA.aspx?SecurityToken=4ABA7490F084489DAA496C7489DF2AAD

phibmxdk
1fabefe0-67dc-4d70-bb25-15b78c2e0477

hdhgnwwx
4dda110b-09f3-457f-82d3-9cb27e6d6059

skspgufk
c8e1d51b-f33d-4178-8a1f-45e11de0b5a5

fgsjxpfzc [notice this one is 9 characters rather than 8]
b92125d-eb00-4a07-9f1f-e0e68c0e7e03

[unable to read]

xwwkrcx
c4427a17-f517-4f1a-a9b0-d954016a3b68

esvimzhz
cd1fb25e-490d-435c-854f-927e8212bb1d

[missed]

svwdunix (LOL)
c24aada1-ae8f-4b4f-a448-6cce46f90cfc
The best thing to do with the CAPTCHA would be to just avoid it altogether. So if we can find a way to do that, we're set. However, if not, we may have to look into cracking the CAPTCHA cookie.
 
Last edited:


UPDATE

I just spent way too much time creating 12 different profiles. On each one, I only changed one attribute (plus the email because that has to be unique), and then looked to see what the hash was so I can tell what changes what. Unfortunately I didn't think to write down the CAPTCHA until the 5th account, but you should be able to see where that is in the hash.

I haven't actually looked at the hashes yet, but I'm going to take some time to do that now.

Code: 
check@check123.com
tori vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb892dGnHMiQzki0sG5QmIjicf3Vo2S0oNot%2FdSuWPTQnjDo0e9B8d2vAY3dp2n5ze8Z%2FfWrEdHZs0DM%3D

---------
[change just email]
check1@check123.com
tori vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb893dG7BMiQzki0sarctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGeH1pxmk6
---------
[change email, first name]
check2@check123.com
jackie
vanderbilt
12pass
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb85%2BdG3HMiQzki0sabctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGd31pwWk6
----------

[change email, pass]
check3@check123.com
tori
vanderbilt
omgsecks
US
12345
female
1/1/93
yes
english

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb85%2FdWPBMiQzki0saLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHFfH1rz2k6

-----------

[change email, country]
check4@check123.com
tori
vanderbilt
12pass
Albania
12345
female
1/1/93
yes
english
vnhjkmyvy

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntyb855fmPBMiQzki0sb7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDf31vz2k6
----------

[change email, zip]
check5@check123.com
tori
vanderbilt
12pass
US
09876
female
1/1/93
yes
english
xycifsx

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd%2BdmrEMiQzki0sbrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDeX1uzmk6
-----------

[change email, gender]
check7@check123.com
tori
vanderbilt
12pass
US
12345
male
1/1/93
yes
english
exvydys

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd%2BfmnDMiQzki0sbLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCfn1qz2k6
------------

[change email, month]

check8@check123.com
tori
vanderbilt
12pass
US
12345
female
2/1/93
yes
english
ffcijupk

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd8c2%2FPMiQzki0sY7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCen1vxWk6
----------------

[change email, day]

check9@check123.com
tori
vanderbilt
12pass
US
12345
female
1/2/93
yes
english
spnsczn

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd9dW7OMiQzki0sYrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCeX1rxWk6
----------------

[change email, year]

check0@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/86
yes
english
twzvxsm

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd9fmrGMiQzki0sa7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCdn1vzmk6
------------
[change email, no birthday viewable]
check00@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/93
no
english
caczkxtdh

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd6c2jOMiQzki0sa8cOJDOSLSxqxX1pOJgjO2rFPiYohDI8L4RuYGnHfnB2x3xqa8NudmnNfndhxnxgJg%3D%3D
-------------
[change email, myspace - french (CA)]
check000@check123.com
tori
vanderbilt
12pass
US
12345
female
1/1/93
no
myspace french CA

http://signup.myspace.com/index.cfm?fuseaction=join.step2&lID=
xntybsd7dGnOMiQzki0sa8d%2BBzifKyQwxnx0dZQhKifGfDc6hD07IIM9Z3zFfnds2n51dsd6Z2rFdHdpzXp0fIo%3D

---------------------
xntyb892dGnHMiQzki0sG5QmIjicf3Vo2S0oNot%2FdSuWPTQnjDo0e9B8d2vAY3dp2n5ze8Z%2FfWrEdHZs0DM%3D
xntyb893dG7BMiQzki0sarctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGeH1pxmk6
xntyb85%2BdG3HMiQzki0sabctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHGd31pwWk6
xntyb85%2FdWPBMiQzki0saLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHFfH1rz2k6
xntyb855fmPBMiQzki0sb7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDf31vz2k6
xntybsd%2BdmrEMiQzki0sbrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHDeX1uzmk6
xntybsd%2BfmnDMiQzki0sbLctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCfn1qz2k6
xntybsd8c2%2FPMiQzki0sY7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCen1vxWk6
xntybsd9dW7OMiQzki0sYrctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCeX1rxWk6
xntybsd9fmrGMiQzki0sa7ctLz6UJXZpxGAkNJoydmmHLzQoizUzKNdpdWvHeWprxWN3b9d%2FdmHCdn1vzmk6
xntybsd6c2jOMiQzki0sa8cOJDOSLSxqxX1pOJgjO2rFPiYohDI8L4RuYGnHfnB2x3xqa8NudmnNfndhxnxgJg%3D%3D
xntybsd7dGnOMiQzki0sa8d%2BBzifKyQwxnx0dZQhKifGfDc6hD07IIM9Z3zFfnds2n51dsd6Z2rFdHdpzXp0fIo%3D

x n t y b 8 9 2 d G n H M i Q z k i 0 s G 5 Q m I j i c f 3 V o 2 S 0 o N o t % 2 F d S u W P T Q n j D o 0 e 9 B 8 d 2 v A Y 3 d p 2 n 5 z e 8 Z % 2 F f W r 

E d H Z s 0 D M % 3 D

x n t y b 8 9 3 d G 7 B M i Q z k i 0 s a r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H G e 

H 1 p x m k 6

x n t y b 8 5 % 2 B d G 3 H M i Q z k i 0 s a b c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H 

G d 3 1 p w W k 6

x n t y b 8 5 % 2 F d W P B M i Q z k i 0 s a L c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H 

F f H 1 r z 2 k 6


x n t y b 8 5 5 f m P B M i Q z k i 0 s b 7 c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H D f 

3 1 v z 2 k 6


x n t y b s d % 2 B d m r E M i Q z k i 0 s b r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H 

D e X 1 u z m k 6

x n t y b s d % 2 B f m n D M i Q z k i 0 s b L c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H 

C f n 1 q z 2 k 6

x n t y b s d 8 c 2 % 2 F P  M i Q z k i 0 s Y  7 c t L z 6  U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d 

m H C e n 1 v x W k 6

x n t y b s d 9 d W 7 O M i Q z k i 0 s Y r c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H C e 

X 1 r x W k 6

x n t y b s d 9 f m r G M i Q z k i 0 s a 7 c t L z 6 U J X Z p x G A k N J o y d m m H L z Q o i z U z K N d p d W v H e W p r x W N 3 b 9 d % 2 F d m H C d 

n 1 v z m k 6

x n t y b s d 6 c 2 j O M i Q z k i 0 s a 8 c O J D O S L S x q x X 1 p O J g j O 2 r F P i Y o h D I 8 L 4 R u Y G n H f n B 2 x 3 x q a 8 N u d m n N f n d 

h x n x g J g % 3 D % 3 D

x n t y b s d 7 d G n O M i Q z k i 0 s a 8 d % 2 B B z i f K y Q w x n x 0 d Z Q h K i f G f D c 6 h D 0 7 I I M 9 Z 3 z F f n d s 2 n 5 1 d s d 6 Z 2 r F d 

H d p z X p 0 f I o % 3 D
 
Status
Not open for further replies.
Top Bottom