View Issue Details

IDProjectCategoryView StatusLast Update
0010028mantisbtsecuritypublic2014-12-08 00:34
Reporterobooklage Assigned Tograngeway  
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionfixed 
Product Version1.1.2 
Target Version1.3.0-beta.1Fixed in Version1.3.0-beta.1 
Summary0010028: Registrations by bots via captcha exploit
Description

We have abnormal registrations ( names, mails, far countries ) on our French mantisbt. I lock this accounts and ask by mail a confirmation without any answer.

We suppose it is bots using OCR on captcha, and do some tests about changing the captcha system ( random background image )

TagsNo tags attached.

Relationships

child of 0016565 closedgrangeway Implement new captcha library 

Activities

dregad

dregad

2013-11-01 06:50

developer   ~0038414

Marked as resolved following grangeway's implementation of securimage captcha library, as per his commit comment.

Feel free to reopen if you find that the original issue persists.

Related Changesets

MantisBT: master 8dd28f84

2013-10-15 12:02

Paul Richards


Details Diff
New Feature: replace captcha library with open source library. Adds audio support to captcha for accessibility [requires flash on client]

Ported from master-2.x branch

Resolves (Part or all) of bugs:

0010972: openbase_dir breaks captcha generation
0008796: The letters in the catchpa on account creation page are too small
0010976: Remove instances of pass-by-reference (deprecated in PHP 5.3.0)
0010028: Registrations by bots via captcha exploit
0008462: Captcha will benefit supporting other than jpeg format
0008129: Alternative to captchas
Affected Issues
0008129, 0008462, 0008796, 0010028, 0010972, 0010976, 0016565
mod - core/print_api.php Diff File
mod - library/README.libs Diff File
add - library/securimage/AHGBold.ttf Diff File
add - library/securimage/LICENSE.txt Diff File
add - library/securimage/README.FONT.txt Diff File
add - library/securimage/README.txt Diff File
add - library/securimage/WavFile.php Diff File
add - library/securimage/audio/en/0.wav Diff File
add - library/securimage/audio/en/1.wav Diff File
add - library/securimage/audio/en/10.wav Diff File
add - library/securimage/audio/en/11.wav Diff File
add - library/securimage/audio/en/12.wav Diff File
add - library/securimage/audio/en/13.wav Diff File
add - library/securimage/audio/en/14.wav Diff File
add - library/securimage/audio/en/15.wav Diff File
add - library/securimage/audio/en/16.wav Diff File
add - library/securimage/audio/en/17.wav Diff File
add - library/securimage/audio/en/18.wav Diff File
add - library/securimage/audio/en/19.wav Diff File
add - library/securimage/audio/en/2.wav Diff File
add - library/securimage/audio/en/20.wav Diff File
add - library/securimage/audio/en/3.wav Diff File
add - library/securimage/audio/en/4.wav Diff File
add - library/securimage/audio/en/5.wav Diff File
add - library/securimage/audio/en/6.wav Diff File
add - library/securimage/audio/en/7.wav Diff File
add - library/securimage/audio/en/8.wav Diff File
add - library/securimage/audio/en/9.wav Diff File
add - library/securimage/audio/en/A.wav Diff File
add - library/securimage/audio/en/B.wav Diff File
add - library/securimage/audio/en/C.wav Diff File
add - library/securimage/audio/en/D.wav Diff File
add - library/securimage/audio/en/E.wav Diff File
add - library/securimage/audio/en/F.wav Diff File
add - library/securimage/audio/en/G.wav Diff File
add - library/securimage/audio/en/H.wav Diff File
add - library/securimage/audio/en/I.wav Diff File
add - library/securimage/audio/en/J.wav Diff File
add - library/securimage/audio/en/K.wav Diff File
add - library/securimage/audio/en/L.wav Diff File
add - library/securimage/audio/en/M.wav Diff File
add - library/securimage/audio/en/MINUS.wav Diff File
add - library/securimage/audio/en/N.wav Diff File
add - library/securimage/audio/en/O.wav Diff File
add - library/securimage/audio/en/P.wav Diff File
add - library/securimage/audio/en/PLUS.wav Diff File
add - library/securimage/audio/en/Q.wav Diff File
add - library/securimage/audio/en/R.wav Diff File
add - library/securimage/audio/en/S.wav Diff File
add - library/securimage/audio/en/T.wav Diff File
add - library/securimage/audio/en/TIMES.wav Diff File
add - library/securimage/audio/en/U.wav Diff File
add - library/securimage/audio/en/V.wav Diff File
add - library/securimage/audio/en/W.wav Diff File
add - library/securimage/audio/en/X.wav Diff File
add - library/securimage/audio/en/Y.wav Diff File
add - library/securimage/audio/en/Z.wav Diff File
add - library/securimage/audio/en/error.wav Diff File
add - library/securimage/audio/noise/check-point-1.wav Diff File
add - library/securimage/audio/noise/crowd-talking-1.wav Diff File
add - library/securimage/audio/noise/crowd-talking-6.wav Diff File
add - library/securimage/audio/noise/crowd-talking-7.wav Diff File
add - library/securimage/audio/noise/kids-playing-1.wav Diff File
add - library/securimage/backgrounds/bg3.jpg Diff File
add - library/securimage/backgrounds/bg4.jpg Diff File
add - library/securimage/backgrounds/bg5.jpg Diff File
add - library/securimage/backgrounds/bg6.png Diff File
add - library/securimage/captcha.html Diff File
add - library/securimage/database/.htaccess Diff File
add - library/securimage/database/index.html Diff File
add - library/securimage/database/securimage.sq3 Diff File
add - library/securimage/example_form.ajax.php Diff File
add - library/securimage/example_form.php Diff File
add - library/securimage/images/audio_icon.png Diff File
add - library/securimage/images/refresh.png Diff File
add - library/securimage/securimage.php Diff File
add - library/securimage/securimage_play.php Diff File
add - library/securimage/securimage_play.swf Diff File
add - library/securimage/securimage_show.php Diff File
add - library/securimage/words/words.txt Diff File
rm - make_captcha_img.php Diff
mod - signup.php Diff File
mod - signup_page.php Diff File