After numerous requests we have finally released a completely new
Dracon Flash CAPTCHA v2.1 for your everyday use. It addresses OCR attacks and comes with a
fully AJAXed test email form with
anti-hammering measures and facilitates a
128bit AES encryption between PHP and Flash.
Your server needs to run
PHP compiled with
MCrypt support, but if you are an advanced user you can easily write your own scripts using your preferred programming language.
Quick and simple version
|
Random zoom with mouse interaction
Strong against timed-OCR attacks
|
Multi-colored version
|
Requirements:
PHP w/ MCrypt library
Important: These CAPTCHAs are FREE to download and use according to the
Dracon License. In simple words it means you can modify anything you wish but you need to keep the
backlink intact. Or buy a domain certificate for $10 and enjoy a complete ownership and an encrypted flash file that's
not possible to
reverse engineer to get your secret keypass.
A
CAPTCHA (an
initialism for "
Completely
Automated
Public
Turing test to tell
Computers and
Humans
Apart", trademarked by
Carnegie Mellon University) is a type of
challenge-response test used in
computing to determine whether or not the user is human. The term was coined in 2000 by
Luis von Ahn,
Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University, and
John Langford of
IBM. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.
Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a CAPTCHA is sometimes described as a
reverse Turing test. This term is ambiguous because it could also mean a Turing test in which the participants are both attempting to prove they are the computer.
For further information visit the
The CAPTCHA Project
Older version of Dracon CAPTCHA v1.3 uses letter scrambling and no real encryption. It is just as prone to OCR attack as other image based solutions. But if you are interested in trying it you can download it for testing from
here.
The
Dracon CAPTCHA Visual Flash System below is a combination of PHP Sessions, JavaScript and Macromedia Flash, it doesn't require any special modules installed on the server and while it's
very difficult to break it with
OCR it is
nearly impossible to break it with a
workaround method (flashvars, javascript, sessions) and can't be done with publicly available CAPTCHA breaking tools, requires highly professional customized approach.
This
Flash CAPTCHA script has two versions, one is extremely simple to install and is less secure, but takes
less than 1 minute to install. If you have only a
small web form that is targeted by
spam only thanks to google and other search engines, but there is no reason why to attack your site for a
special purpose, you can choose the simple version because no general tool will break it automatically without extensive tweaking.
The second version is
more secure, can protect against
automatic submissions of your forms, comments, blogs or url submissions and reverse engineering would take a while, if anyone feels like proving it
inefficient.
Update: The third version is
even more secure. Thanks to reports of vulnerability in previous versions the communication and code transaction has been encrypted to prevent packet sniffing from gaining direct access to the security code. There also have been thoughts about
OCR and
XSS style attacks, but that is a different approach requiring
different skills and we will deal with them after a report of success. As before, please feel free to try to
break it with a robot and kindly let us know if you succeeded.