Google Recaptcha Bypass Technique Uses Google’s Own Tools

Google has originally rolled out reCaptcha back in 2014 to most of its public services to defeat the bots and scripts which can easily register hundreds of free web-service accounts in seconds.

A proof of concept to bypass the Google’s reCaptcha V2 verification system was posted online this Tuesday and it uses Google’s own web-based tools to get into the system.

This tool is named ReBreakCaptcha “It lets you easily bypass Google’s reCaptcha v2 anywhere on the web,” according to the author of this, this tool is only identified as East-Ee Security.

READ  Over 1 million Android users downloaded fake WhatsApp app

Google has originally rolled out reCaptcha back in 2014 to most of its public services to defeat the bots and scripts which can easily register hundreds of free web-service accounts in seconds. The word CAPTCHA stands for: Completely Automated Procedures for Telling Computers and Humans Apart. The ReCaptcha is Google’s name for its own technology and service which today uses the image, audio or even text challenges to verify the user signing into an account.

The East-Ee Security’s ReBreakCaptcha method can defeat the reCaptcha V2 security using a script which uses Google’s own APIs to capture the audio challenges as the sound files. And then it uses the speech-to-text technology and converts audio into text answers which are then inputted as text-based solutions to the audio-based challenges used in the reCaptcha V2.

To achieve this, first East-Ee Security made a way to access only audio reCaptcha challenges. This is not very difficult as every challenge contains a link, in the form of a tiny pair of headphones, this indicates an audio challenge request is available.

“Some of you may have notice that instead of facing an audio challenge, sometimes you may get a text challenge,” the researcher writes. “To bypass this and get an audio challenge, you simply has to click the ‘Reload Challenge’ button until you get the required type.”

READ  All Raise is bringing founders together to collaborate on diversity and inclusion
Related  Sony settles PSN hack lawsuit for $15 million

Once the audio challenge is presented reCaptcha allows you to either play the audio file from the webpage or download it.