Defeating reddit’s CAPTCHA

cap

Here’s something we’re sure SEO specialists, PR reps, and other marketeers already know: how to write a script to game reddit.

The course of upvotes and downvotes controls which submission makes it to the front page of reddit. These submissions are voted on by users, and new accounts must log in and complete a CAPTCHA to vote. [Ian] discovered that reddit’s CAPTCHA is not really state-of-the-art, and figured out how to get a bot to solve it

The method exploits the 8-bit nature of the distorted grid in the CAPTCHA. Because this grid isn’t pure black or pure white, it’s at a lower intensity than the letters in the CAPTCHA. Putting the CAPTCHA through a threshold filter, deleting any blocks of pixels smaller than 20 pixels, and running it through a classifier (PDF there), a bot can guess what the letters of the CAPTCHA should be.

Out of the 489 CAPTCHAs [Ian] fed into his algorithm, only 28 – or 5.73% – were guessed correctly. However, because he knows which CAPTCHAs had failed segmentation, ignoring those can increase the success rate to 10%. Theoretically, by requesting new CAPTCHAs, [Ian] can get the accuracy of his CAPTCHA bot up to about 30%.

Combine this with a brilliant auto voting script that only requires someone to enter CAPTCHAs, and you’ve got the recipe for getting anything you want directly to the front page of reddit. Of course you could do the same with a few memes and pictures of cats, but you knew that already.

One-button scan to email using Raspberry Pi

one-button-scan-to-email-raspberry-pi

We’ve come across extremely expensive photocopiers that also fax, scan to email, and generally have too many features to list. [Eduardo Luis] figured out how to implement some of this type office magic using very inexpensive components. Specifically, he can press one button to scan a document and send it to an email address.

The user controls patch into the RPi GPIO header. There’s the button we already mentioned, a red LED for “System Busy”, and a green one for “System Status”. A set of scripts montor the button and drive the LEDs. When it’s time to scan, the RPi uses the scanimage package to capture a .PNM file, then converts it to .JPG before sending it via email using the mutt package.

We’d love to see a character LCD and a few more buttons added to the setup. This way you could select between different recipients (or even send via fax). And there’s always the possibility of connecting a printer to the other USB port on the RPi to make it work as a photocopier too.

You can catch a demo video after the jump.

[Read more...]

Parametric script makes laser cutter designs a snap

[Tinkerer] bought a small cupboard from an antique store to fit nicely into his kitchen decor. After getting it home, he realized that some of the cubbyholes had originally housed drawers. The originals were long gone but this provided an opportunity for him to make the replacements seen above.

The first design approach that popped into [Tinkerer's] mind was to draw the pieces in an editor like Inkscape. Some consultation with others at the local Hackerspace led him to this script-based parametric SVG design tool. We jumped right in to give it a whirl, clicking on Load –> Construction (category) –> Better Box. Once you’ve chosen the script, click on ‘Parameters’ on the left column and enter the sizing you want for your box. When all values are correct, click the renter tab, then export it as a Scalable Vector Graphic.

We’ve lamented time and again about our lack of a laser cutter, so we were unable to test this out. But we can’t see why it wouldn’t reproduce the same results that [Tinkerer] achieved.

LG TV hacking via serial connection or IR codes

[Brendan Robert] has been sending us forum thread links outlining the things he’s learned while hacking LG televisions. They were a bit hard to follow for the uninitiated, so we asked if he could give us an overview of what he’s been working on. Not only did he do that, but he made a little Hackaday shout-out seen above by adding the skull and cross-wrenches as one of the menu overlays.

He’s using a TV as his computer monitor, which he picked up at a discount because it was a display model. Without the original remote, and wanting to have features like power-saving mode which is standard on monitors but not on this TV, he decided to see what he could accomplish. A couple of things made this quite a bit easier. First, there’s an RS232 port built into the back which removes the need to investigate and solder your own onto the board. Secondly, since LG built on the Linux kernel for the set, you can download some of the firmware sources from their website.

What he came up with is a script that will find and communicate with the TV over the serial connection. The test script used during development polled every possible command, looking for valid return values. Once [Brendan] established which commands work and what they do, he was able to take command of the unit, writing scripts to adjust brightness based on the ambient light in the room as seen from the computer’s webcam. Make sure you check out the sub-pages to his post that detail the brightness adjustments, stand-by functionality, custom overlay graphics, and the extra commands he uncovered.

Crash course in HTML manipulation from a shell script

Automating something involving data from the Internet can be confusing when it comes to pages generated by user input. For instance, let’s say you want to scrape data from a page that loads after using a search box. [Andrew Peng] posted a quick and dirty example to help you write your own scripts. The example he used checks stock on one of the websites he frequents. His process outlines finding the link that all searches are submitted to, establishing the method used to send the search string, and grabbing the resulting data. He parses it and sends off an email if it finds what he’s looking for. But this could be used for a lot of things, and it shouldn’t be a problem to make it alert you in any way you can imagine. Maybe we’ll use this to add some functionality to our rat.

Reddit hacking for votes and profit

Looks like someone figured out how to game the Reddit system. This probably has been done before, but as far as we know nobody’s actually shared the methods in detail. [Esrun] wrote some scripts that allow him to register multiple accounts and use them to up-vote stories.

The hack goes something like this. A script registers a group of accounts. Each uses a different IP and the only part that requires intervention is typing in the Captcha. This doesn’t take long. You can see the script interface above as well as a demonstration video after the break.

Once the accounts have been acquired a story is submitted and the new accounts vote on it. They’re not all up-votes though, as having both up and down votes puts the article into the controversial section of Reddit (which is desirable), and doesn’t rouse as much suspicion from the moderators. He ran a few tests that he shares and it seems that as long as the article is interesting, this can be quite successful.

Great, more spam with our social media please.

[Read more...]

Now you see me, now you don’t, face detection scripts

Straight out of Ghost in the Shell, the Laughing Man makes his appearance in these security camera shots. [William Riggins] wrote us to let us know about his teams Famicam scripts. After taking a screen shot, faces are detected and counted, ‘anonymized’, and the final image is uploaded to Twitter.

The process is rather simple, and sure beats wearing a bunch of white reflective camouflage. All that’s left is detecting specific faces to make anonymous, and of course uploading the script to every camera in the world. Easy, right?