| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTi=rkdfiY=E6HUKFMQhKZRgqYZn9cbHWev6i=io0@mail.gmail.com>
Date: Sat, 4 Sep 2010 23:53:20 +0200
From: Christian Sciberras <uuf6429@...il.com>
To: BlackHawk <hawkgotyou@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: reCaptcha secret key - where is the point?
Given a set of plain-text generations and correct answers, together with the
key, one could theoretically reverse engineer the method.
I don't know how it works, this is just a presumption of mine.
Regards,
Chris
On Sat, Sep 4, 2010 at 11:38 PM, BlackHawk <hawkgotyou@...il.com> wrote:
> Reading here & there i found lot of people scared about they "secret
> key" of reCaptcha coud be publically discovered;
> But, at this moment, is kind of useless for an attacker, right? or at
> least until we find out how the reCaptcha response is calculated..
>
> Am i right? Suggestions?
>
> --
> BlackHawk - hawkgotyou@...il.com
>
> Sent with Gmail
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists