Saturday, June 16, 2012

Stiltwalker reCAPTCHA killer

Stiltwalker is a proof of concept tool that defeats Google's reCAPTCHA with an insanely high accuracy (99%). We have released all of our research, code, tools and examples used in the reCAPTCHA domination. You can get the slides here and the video is at the bottom of the page.

We accomplished this with a combination of Machine Learning, hashing methods, keyspace reduction tactics, and taking advantage of an overall limited number of captchas. Specifically, Stiltwalker goes head to head against reCAPTCHA'S audio captcha system and defeats all but a sliver of it's challenges.

For all questions, comments, and fuckyous, please email the team at

We developed everything using Ubuntu 10.04, Ubuntu 11.04, and Debian 6, however it should work on any Linux distribution without too much effort. The one thing we noticed when testing it on Ubuntu 12.04 is that it comes with a slightly different version of SoX, which has some changes which drops accuracy from 99% to around 60%. So for best results, you'll want to use SoX v14.3.0 (or v14.3.1), but we'd advice to steer clear of v14.3.2 unless you want to collect tens of thousands of samples, solve them manually and then train the neural net using this version of SoX. If you go through the hassle of retraining, the newer version of SoX should work just fine.

So, for those running [any version of] Ubuntu, the easiest way to get started will be to just add our repository to /etc/apt/sources.list like so (if you're using something other than lucid, just change the codename accordingly):

deb lucid main

Now you're just a simple `apt-get update` and `apt-get install stiltwalker stiltwalker-md5solver stiltwalker-phashsolver stiltwalker-training` away from having everything you need.

For those of you who don't have Ubuntu, you'll have to download the tar.gz version (and optionally the 380 MB md5 files) and make sure you have all the dependencies (octave, python2.7, curl, sox, libsox-fmt-all, libphash0-dev, libphash0, cimg-dev). As an aside, you can use python 2.6, but you'll need to go out and get python-argparse and python-imaging as these libraries aren't included by default until 2.7.

So at this point you should have everything you need to get started, so now what? Well, you can play with our sample programs like One way to run it would be thusly:

python -s 1 md5 -s 1 neural 32 theta_values_both_32_1536_500.mat -l 5

This will solve 5 captcha (from the recaptcha demo page) using the md5 solver, and if that can't find the answer, it'll use the neural network. For more help, use --help and check out all the options.

Read more: Defcon Group 949

Posted via email from Jasper-Net