B1tUnl0ck3r (OP)
Sr. Member
 Offline
Activity: 854
Merit: 277
liife threw a tempest at you? be a coconut !
|
 |
May 31, 2019, 07:56:22 PM
Last edit: August 11, 2019, 02:56:39 PM by B1tUnl0ck3r |
|
0
|
When the people of the world will get that covid was intentionally released to frame china, steal the election from trump, assure massive bail outs and foster the forced vaccination agendas...they will forget, like 911, wmds in irak, uss liberty or pedogate.
|
|
|
Vod
Legendary
Offline
Activity: 3752
Merit: 3099
Licking my boob since 1970
|
 |
May 31, 2019, 08:01:10 PM |
|
I mean it's super great system. Thank you for making it !!! https://bitcointalk.org/captcha_code.phpSince it's activated? And maybe the only one who didn't knew that this necessary option existed...  . My BPIP scraper has been using it since it was introduced. A very nice feature indeed. |
|
|
|
|
posi
|
|
May 31, 2019, 08:03:35 PM |
|
The Captcha bypass code have been in existence for more than 8months if I cab remember correctly and like you said it super great but you need to be aware of the vulnerability involve if the code leak out.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
Vod
Legendary
Offline
Activity: 3752
Merit: 3099
Licking my boob since 1970
|
|
May 31, 2019, 08:04:38 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? |
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2912
Merit: 4101
Top Crypto Casino
|
|
May 31, 2019, 08:07:02 PM |
|
He should have installed a breathalyzer for alcohol level check instead to install a Captcha  |
|
|
|
suchmoon
Legendary
Offline
Activity: 3710
Merit: 8990
https://bpip.org
|
|
May 31, 2019, 08:34:48 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? Someone could bruteforce your password. |
|
|
|
|
Vod
Legendary
Offline
Activity: 3752
Merit: 3099
Licking my boob since 1970
|
|
May 31, 2019, 08:42:33 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? Someone could bruteforce your password. As they could before the code was created. The code does not decrease security in any way. |
|
|
|
TryNinja
Legendary
Offline
Activity: 2884
Merit: 7119
Top Crypto Casino
|
|
May 31, 2019, 08:45:19 PM |
|
As they could before the code was created. The code does not decrease security in any way.
But there is a captcha on every attempt. Imagine bruteforcing an password and having to fill Google’s reCAPTCHA every single time. Impossible. If someone finds your code, they can try thousands of combinations in seconds. |
|
|
|
suchmoon
Legendary
Offline
Activity: 3710
Merit: 8990
https://bpip.org
|
|
May 31, 2019, 09:32:52 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? Someone could bruteforce your password. As they could before the code was created. The code does not decrease security in any way. As TryNinja said, it allows to do it much cheaper and quicker. However, with a strong password the chance of that happening is still much lower than the chance of buses and chimneys making me go insane, so I don't hesitate to use it. |
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3304
Merit: 3032
BTC price road to $80k
|
|
May 31, 2019, 10:27:44 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? Someone could bruteforce your password. As they could before the code was created. The code does not decrease security in any way. As TryNinja said, it allows to do it much cheaper and quicker. However, with a strong password the chance of that happening is still much lower than the chance of buses and chimneys making me go insane, so I don't hesitate to use it. Don't forget the reset button as it helps to generate a new bypass link and disable/remove the old one. So if you don't want your account to be compromised use the reset button whenever you log out and it's a good practice to keep your account safe. |
|
|
|
Vod
Legendary
Offline
Activity: 3752
Merit: 3099
Licking my boob since 1970
|
|
May 31, 2019, 11:14:47 PM |
|
As they could before the code was created. The code does not decrease security in any way.
But there is a captcha on every attempt. Imagine bruteforcing an password and having to fill Google’s reCAPTCHA every single time. Impossible. If someone finds your code, they can try thousands of combinations in seconds. Without a comprised database, wouldn't the forum firewall limit you to one attempt per second on average? |
|
|
|
TryNinja
Legendary
Offline
Activity: 2884
Merit: 7119
Top Crypto Casino
|
|
May 31, 2019, 11:16:23 PM |
|
Without a comprised database, wouldn't the forum firewall limit you to one attempt per second on average?
Maybe... but in that case, wouldn’t you be able to use multiples IPs to make multiple consecutive tries. |
|
|
|
|
Thirdspace
|
|
May 31, 2019, 11:56:57 PM |
|
If someone finds your code, they can try thousands of combinations in seconds.
I checked the stay logged in option during login to avoid re-logging in and completing captcha everytime is there also a security risk having my account always stay logged in? I think it's been over a year+ |
|
|
|
TryNinja
Legendary
Offline
Activity: 2884
Merit: 7119
Top Crypto Casino
|
|
June 01, 2019, 12:04:48 AM |
|
I checked the stay logged in option during login to avoid re-logging in and completing captcha everytime
is there also a security risk having my account always stay logged in? I think it's been over a year+
If someone manages to log in to your wallet, they will be able to stay logged in forever (until you log in with a specific expire time, which will log out everyone). Also, if someone gets your browser cookies, they can spoof your session and stay logged. That’s all I’ve noticed. |
|
|
|
sowns
Jr. Member
Offline
Activity: 67
Merit: 3
|
|
June 01, 2019, 03:27:15 AM |
|
As they could before the code was created. The code does not decrease security in any way.
But there is a captcha on every attempt. Imagine bruteforcing an password and having to fill Google’s reCAPTCHA every single time. Impossible. If someone finds your code, they can try thousands of combinations in seconds. Am I stupid or something? What’s stopping them from using their own code to brute force an account? |
|
|
|
|
suchmoon
Legendary
Offline
Activity: 3710
Merit: 8990
https://bpip.org
|
|
June 01, 2019, 04:07:06 AM |
|
Am I stupid or something? What’s stopping them from using their own code to brute force an account?
Codes are unique to each account. If you use your code on a different account you get "Invalid ccode" even if you enter the correct password. |
|
|
|
|
|
posi
|
|
June 01, 2019, 06:39:27 PM |
|
but you need to be aware of the vulnerability involve if the code leak out.
What vulnerability? Someone could bruteforce your password. As they could before the code was created. The code does not decrease security in any way. Suchmoon understand the vulnerability I'm talking about and the same thing still applied after the code was created. Go to the link provided by OP this is what you'll get You can bypass the CAPTCHA on the login page by bookmarking this link and using it to login: https://bitcointalk.org/index.php?action=login;ccode=xxxxxxxxxxxxxccxcxxxxThis link is unique to your account. You cannot use it with other accounts. It only works on the login page. If someone else gains access to your unique captcha-bypass link, then they could try to brute-force your password. In that case, you should reset it: |
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|
zenhu
|
|
June 01, 2019, 07:08:57 PM |
|
Suchmoon understand the vulnerability I'm talking about and the same thing still applied after the code was created. Go to the link provided by OP this is what you'll get You can bypass the CAPTCHA on the login page by bookmarking this link and using it to login: https://bitcointalk.org/index.php?action=login;ccode=xxxxxxxxxxxxxccxcxxxxThis link is unique to your account. You cannot use it with other accounts. It only works on the login page. If someone else gains access to your unique captcha-bypass link, then they could try to brute-force your password. In that case, you should reset it: well, look like everyone can login without captcha then. i try to open this at incognito and i dont see any captcha. edit: oh fuck silly me, just try to login and it says invalid code |
|
|
|
TryNinja
Legendary
Offline
Activity: 2884
Merit: 7119
Top Crypto Casino
|
|
June 01, 2019, 07:12:58 PM |
|
well, look like everyone can login without captcha then. i try to open this at incognito and i dont see any captcha.
They can...? What's the issue? The first time you log in with the captcha, grab your bypass captcha code and can use that link to log in (to your account) anywhere without having to fill the captcha ever again. This only works if you're logging with your account's bypass-captcha code. |
|
|
|
|
zenhu
|
|
June 01, 2019, 07:16:03 PM |
|
They can...? What's the issue?
The first time you log in with the captcha, grab your bypass captcha code and can use that link to log in (to your account) anywhere without having to fill the captcha ever again.
Yeah get that, im talking about quoted msg from posi. and i try to open then link profided. i just though since no capthca there i can login, turn out its show as invalid code when im using my username and password. |
|
|
|
|
