

The Vulnerabilities of the New “No CAPTCHA ReCAPTCHA” - FunCaptcha_Jim
https://www.funcaptcha.co/2015/01/06/recaptcha-is-still-vulnerable-perhaps-even-more-than-ever-before/

======
FunCaptcha_Jim
Hey all, this is a blog post that aims to simplify the findings from Egor
Homakov in early December ([http://homakov.blogspot.in/2014/12/the-no-captcha-
problem.ht...](http://homakov.blogspot.in/2014/12/the-no-captcha-
problem.html)). We've included a video
([http://youtu.be/718EOIoWKAE](http://youtu.be/718EOIoWKAE)) of a major
exploit in action and chat about the implications of Mr. Homakov's findings.
Hope you enjoy reading it as much as I enjoyed writing it. Any questions, fire
away!

~~~
mtmail
So issue #2 is about click jacking. The same security consultant tweeted 3
days later it was fixed.
[https://twitter.com/homakov/status/541636430712156160](https://twitter.com/homakov/status/541636430712156160)

~~~
FunCaptcha_Jim
We actually tested the theory as of yesterday and it was still possible, re:
the video we posted up:
[https://www.youtube.com/watch?v=718EOIoWKAE](https://www.youtube.com/watch?v=718EOIoWKAE)

~~~
mtmail
thanks! I didn't notice the video was new.

~~~
FunCaptcha_Jim
No problem :)

