The Hackr

Bypass Google’s reCAPTCHA using Google’s Speech Recognition API

Now you can bypass Google’s reCAPTCHA using Google’s another service, speech recognition API.

A researcher has discovered a “logic vulnerability” that allowed him to create a Python script that is fully capable of bypassing Google’s reCAPTCHA fields using its another service, the Speech Recognition API.

The researcher has gone online only by the name of East-EE. He has released proof=of-concept code on GitHub.

ReBreakCaptcha Vulnerability

East-EE discovered this vulnerability in 2016, and named it as ReBreakCaptcha. He said that the vulnerability was still unpatched.

The proof-of-concept code allows attackers to automate the process of bypassing reCAPTCHA fields, currently used on millions of sites to keep out spam bots.

ReBreakCaptcha works in three stages :

1. Audio Challenge – Getting the correct challenge type.

2. Recognition – Converting the audio challenge audio and sending it to Google’s Speech Recognition API.

3. Verification – Verifying the Speech Recognition result and bypassing the ReCaptcha.

Stage 1  Audio Challenge

The challenge contains an audio recording, The user is requested to enter the digits that are heard. This attack only works on Google reCAPTCHA v2, the current version of the reCAPTCHA service.

When clicking the “I’m not a robot” checkbox of ReCaptcha v2, we are often presented with the following popup :

 

reCAPTCHA audio challenge

 

In addition, older browsers with no audio playback support, one can download audio challenge in one click. The audio file will be downloaded in MP3.

 

reCAPTCHA download audio file

 

Instead of an audio challenge, rather you get an another challenge. That is text challenge which displays different texts on pop up to select. We can also divert this step to audio challenge by clicking on refresh button.

 

reCAPTCHA text challenge

 

Stage 2  Recognition

Download the audio file and send it to Google Speech Recognition API. Before doing so, convert it to a ‘wav’ format which is requested by Google’s Speech Recognition API.

There is a great Python library named SpeechRecognition for performing speech recognition, with support for several engines and APIs, online and offline.

After the library implementation of Google Speech Recognition API,  the Speech Recognition will send us back the result in a string (e.g. ‘25143’).

 

Stage 3    Verification

Finally, Copy-paste the output string from Stage 2 into the textbox, and click ‘Verify’ on the ReCaptcha widget.

As a result, we semi-automatically used Google’s Services to bypass another service of its own.

Therefore, you can sucessfully bypass reCAPTCHA with above easy methods.

Furthermore, Google is working on reCAPTCHA v3, which needs minimal user interaction and is currently referred to as Invisible reCapTCHA.

A trio of researchers found a way to bypass both Google and Facebook’s CAPTCHA solutions, with a 70.78% success rate for Google, and 83.5% for Facebook.

 

Abhilash

It was a hobby I got into a long time ago, hacking cameras. And I am here making posts @TheHackr today!

Chat With Our Bot ☎️

IntroducingTheHackr Chatbot,now anyone can interact with our messenger bot and get daily crunches about Cyber-Security in just a clicks away!

up