I manage few online forums that use reCAPTCHA to limit the number of spammy registrations and comments. Lately, I noticed the increase of spam.
I was confused about on how these bots could by pass reCAPTCHA. After searching the matter, I realized i wasn’t the only one suffering and the only valid explanation is: reCAPTCHA have been compromised.
I’m kind of disappointed of reCAPTCHA & Google. I’m sure I’m not the only one!
Stop spam, read books (about how to crack recaptcha) and you will win!
decaptcher.com api services where live humans fill in the captcha for your automated spam bot. been around for ages bruh less than pennies on the dollar
Good keep on smelling…
i can smell spam….
reCAPTCHA is a stupid way to prevent automated registration. It’s only worth using if you want to help the cause. Most CAPTCHAs are grounded in idiocy.
does using a hidden field and checking if its filled then denying the action if it is, work?
It works to some extent - I had a huge problem with spam, and since I’ve implemented something like this, I’ve only had 2 or 3 of them in about 6 months.
That’s one way.
I made a post years ago that explained what I do: I create a field that asks a simple question (e.g., "what is the sum of one and four?"), but if the user has Javascript enabled, Javascript destroys the field and creates a hidden one with a key value. I check for the key on the server end, and if that doesn’t exist, I check for the correct answer to the question.
Sure, a bot could get around it, but most of them aren’t going to bother until the site gets big, and at that point the site owner can simply enlist the help of a moderator (paid or otherwise) to keep out the spam.
I think the hidden field one would probably be comparably effective.
What about asking a question?
challenge question has been my best line of defense so far.
Screw you if you don’t speak english 
Besides xrumer, captacha services can get around anything, doesnt matter how good the thing is.
And if you are doing a question, make sure to not make it a simple equation, those can be automated as well. The best ones i have seen are ones that ask questions to specific board topics, like what is the engine code for this car? or whatever…. shit that only Watson could possible answer.
Can anyone do xrumer blasts here? If so, can we talk.
nah bro. no xrumer blasts on ot. spamming is against the rules.
recaptcha has been cracked. Lookup DEFCON 18. 30% success rate from last year. Its up to 50% right now (so I hear), which basically means, recaptcha is useless.
Even before it was cracked, about less than 10% can be read using basic OCR after reversing little distortion.
Not to even mention you can easily pay for a service that has real live people (usually from india/outsourced) typing in captchas ALL DAY long for about $0.002 a captcha solved.
You need to use custom anti spam bots (randomizing form names and asking non standard questions, like ‘finish this sentence ___’ or bot traps (forms that are hidden with CSS with easy questions. If someone answers it, its a bot because they are not visible to the person).
Also 3d captchas (like ironclad) Just enough you dont fuck over the real guys.
RIGHT