Is it possible to grab hidden code in ClientForm?

Discussion in 'Python' started by Muddy Coder, Mar 1, 2009.

  1. Muddy Coder

    Muddy Coder Guest

    Hi Folks,

    Nowadays some websites let users to fill in some so-called
    verification code, and the tricky thing is that the CODE is delivered
    from server with an image. For example:

    <img src="/jobsearch/captcha.jpg" name="CAPTCHA_IMAGE" border="1" /
    >&nbsp;&nbsp;<a href="#" onClick="changeSource();">Refresh Image</a>


    When click Refresh Image, the CODE on the image changes. I wonder:
    does the server really send a new image over to browser, or just send
    a hidden code over? Is it possible to parse out such hidden code?

    The other example is:

    <img src="/images/verify.png;jsessionid=ahZsBmwyLGuf" alt="Digital
    Signature Code" />
    <input name="jsessionid" type="hidden" value="ahZsBmwyLGuf" />

    I did a few REFRESH on browser, and noticed the CODE changed. But,
    when I viewed the HTML source code, the value "ahZsBmwyLGuf" remained
    the same. What is the trick around here? That is why I am wondering
    whether the server really keeps sending new images over, or just
    sending new hidden codes over. If the trick is just keep sending
    hidden codes over, there might be a chance of capturing the codes. Can
    somebody help me out? Thanks a lot!


    Muddy Coder
    Muddy Coder, Mar 1, 2009
    #1
    1. Advertising

  2. En Sun, 01 Mar 2009 12:23:20 -0200, Muddy Coder <>
    escribió:

    > Nowadays some websites let users to fill in some so-called
    > verification code, and the tricky thing is that the CODE is delivered
    > from server with an image. For example:
    >
    > <img src="/jobsearch/captcha.jpg" name="CAPTCHA_IMAGE" border="1" /
    >> &nbsp;&nbsp;<a href="#" onClick="changeSource();">Refresh Image</a>

    >
    > When click Refresh Image, the CODE on the image changes. I wonder:
    > does the server really send a new image over to browser, or just send
    > a hidden code over? Is it possible to parse out such hidden code?


    The server may asociate the expected value (CODE) to some session ID.
    Delivering a new image means a new value associated. No other changes are
    needed in the client side.

    --
    Gabriel Genellina
    Gabriel Genellina, Mar 1, 2009
    #2
    1. Advertising

  3. Muddy Coder

    Guest

    Muddy Coder <> wrote:
    > Nowadays some websites let users to fill in some so-called
    > verification code, and the tricky thing is that the CODE is delivered
    > from server with an image. For example:
    >
    > <img src="/jobsearch/captcha.jpg" name="CAPTCHA_IMAGE" border="1" /
    > >&nbsp;&nbsp;<a href="#" onClick="changeSource();">Refresh Image</a>

    >
    > When click Refresh Image, the CODE on the image changes. I wonder:
    > does the server really send a new image over to browser, or just send
    > a hidden code over? Is it possible to parse out such hidden code?
    >
    > The other example is:
    >
    > <img src="/images/verify.png;jsessionid=ahZsBmwyLGuf" alt="Digital
    > Signature Code" />
    > <input name="jsessionid" type="hidden" value="ahZsBmwyLGuf" />
    >
    > I did a few REFRESH on browser, and noticed the CODE changed. But,
    > when I viewed the HTML source code, the value "ahZsBmwyLGuf" remained
    > the same. What is the trick around here? That is why I am wondering
    > whether the server really keeps sending new images over, or just
    > sending new hidden codes over. If the trick is just keep sending
    > hidden codes over, there might be a chance of capturing the codes. Can
    > somebody help me out? Thanks a lot!


    If there were some way for a program to extract the code from what
    the server sent, then the whole point of using the Captcha (preventing
    spam robots from posting) would be defeated.

    --RDM
    , Mar 1, 2009
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Matej Cepl

    Seekable output from ClientForm?

    Matej Cepl, Feb 9, 2005, in forum: Python
    Replies:
    2
    Views:
    420
  2. narke

    A ClientForm Question

    narke, Apr 1, 2005, in forum: Python
    Replies:
    5
    Views:
    526
    John J. Lee
    Apr 6, 2005
  3. kostem

    ClientForm question

    kostem, May 23, 2005, in forum: Python
    Replies:
    0
    Views:
    272
    kostem
    May 23, 2005
  4. m0sf3t

    A Clientform question

    m0sf3t, May 24, 2005, in forum: Python
    Replies:
    0
    Views:
    313
    m0sf3t
    May 24, 2005
  5. John J Lee
    Replies:
    4
    Views:
    374
    John J. Lee
    Mar 23, 2006
Loading...

Share This Page