On 15/02/2011 16:55, Michele Orru wrote: > 2011/2/14 MustLive<mustl...@websecurity.com.ua>: >> Hello Michele! >> >> Few days ago I saw your advisory about Drupal's captcha. It's interesting >> advisory, but I have one note concerning it - your research is very close to >> mine ;-) (it concerns similar holes which I found before you). > > I didn't found anything in FD or other public lists mentioning > this issue before, so.... :)
Its not just Drupal - a number of captcha systems are open to attacks of this form. For instance hotfile.com is randomly open, allowing downloads of multiple files because of capcha "cookie replay". I have seen this - by accident I should point out - on a number of (commercial) sites where captcha is employed for login or download sanity checks. The most recent system to be borked during upgrade was http://www.nextgenserver.com/calculator/ Jacqui _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/