Breaking the MintEye CAPTCHA one more time

minteye

A while back we saw the MintEye CAPTCHA system  - an ‘are you human’ test that asks you to move a slider until an image is de-swirled and de-blurred – cracked wide open by exploiting the accessibility option. Later, and in a clever bit of image processing, the MintEye CAPTCHA was broken yet again by coming up with an algorithm to detect if an image is de-swirled and de-blurred.

It appears we’re not done with the MintEye CAPTCHA yet (Russian, translation). Now the MintEye CAPTCHA can be broken without any image processing or text-to-speech libraries. With 31 lines of Java, you too can crack MintEye wide open.

The idea behind the hack comes from the fact that blurred images will be much smaller than their non-blurred counterpart. This makes sense; the less detail in an image, the smaller the file size can be. Well, all the pictures MintEye delivers to your computer – 30 of them, one for each step of swirl and blurring – are the same size, meaning the ‘wrong answer’ images are padded with zeros at the end of the file.

There’s a 31 line program on the build page that shows how to look at thirty MintEye images and find the image with the fewest zeros at the end of the file. This is, by the way, the correct answer for the MintEye CAPTCHA, and has a reproducibility of 100%.

So, does anyone know if MintEye is a publicly traded company? Also, how exactly do you short a stock?

Breaking the minteye captcha again

cap

A few days ago we saw a post from [samuirai] at the Shackspace hackerspace in Stuttgart on breaking the minteye captcha system. Like most other captcha cracks, [samuirai] used the voice accessibility option that provides an audio captcha for blind users. Using the accessibility option is a wonderful piece of work, but [Jack] came up with an even more elegant way to defeat the minteye captcha.

For those unfamiliar, the minteye captcha provides a picture tossed through a swirl filter with a slider underneath. Move the slider left or right to eliminate the swirl and you’ve passed the, “are you human” test. Instead of looking for straight lines, [Jack] came up with a solution that easily defeats the minteye captcha in 23 lines of Python: just minimize the length of all the edges found in the pic.

The idea behind the crack is simply the more you swirl an image, the longer the edges in the image become. Edge detection is a well-studied problem, so the only thing the minteye cracking script needed to do was to move the slider for the captcha from the left to the right and measure the lengths of all the edges.

[Jack] included the code for  image processing part of his crack, fortunately leaving out the part where he returns an answer to the minteye captcha. For that, and a very elegant way to crack a captcha, we thank him.