CAPTCHA Bot Beats New Are You A Human PlayThru Game

What do you put on your pancakes? Butter and syrup but not a pair of shoes? This makes sense to us, and it’s the premise of the new CAPTCHA game PlayThru. The space that is normally filled by nearly illegible text is now taken up by a little graphic-based game where you drag the appropriate items to one part of the screen. In addition to being easier than deciphering letters, this new platform shouldn’t require localization. But alas, it seems the system is already broken. [Stephen] sent us a link to a bot that can pass the PlayThru CAPTCHA.

Take a look at the video after the break to see the four test-runs. It looks like the bot is just identifying the movable objects and trying them out. Sometimes this is quick, sometimes not. But it does eventually succeed. For the PlayThru developers this should be pretty easy to fix, just make an error limit for trying the wrong item. At any rate, we can’t think defeating the current system is nearly as hard as defeating reCaptcha was.

Update: [Tyler] over at Are You A Human wrote in to share their side of this story. Apparently we’re seeing the bot play the game, but not necessarily pass it. It isn’t until the game if finished and the playing information is sent to their servers that a decision is made on whether it is successful or not. This way they can change the authentication parameters from the server side at any time.

At the same time, [Stephen] updated his bot and made a video of it playing the game without any shoes on the pancakes.

javascript:(function(){var vidID = prompt(‘Enter YouTube video ID’);‘’ + vidID + ‘/0.jpg’)})()

27 thoughts on “CAPTCHA Bot Beats New Are You A Human PlayThru Game

  1. Sure, the only way to make a reliable captcha is to use problems unsolvable by machines such as the halting problem :) Boy, I can’t wait to verify programs.

    1. I got through every time I tried by clicking and dragging stuff randomly in the game window without having to look at the screen. The biggest impediment to that was accidentally clicking the reload button, which a bot wouldn’t have to worry about.

  2. you send the client a blob of javascript that is a game that needs to be completed. within that blob of javascript must be the code that needs to be executed to say “game completed successfully”.

    so the game method is only as strong as the obfuscation applied to the games source.

    It also appears to completely ignore a big reason text captchas are hard to read. anything that can be predicted about the image will be exploited. So text captchas can vary massively and randomly. this makes it hard to develop an algorithm that is human but not machine readable.

    this is a problem for a game because attackers can just attack each game individually. Once a human has solved the game the machine can just copy it. a way around that is to have a massive number of potential games. then you just end up with the same problem, procedurally generated random games some of which are hard for a human to solve.

    1. except it does not send a “PASS” or “FAIL” from the javascript but instead “A1B7f44” (made up example) that describes the users actions, this is corrolated with the id of the game and only if they match will a PASS be issued.
      That said, there are (at the moment) a scrictly limited number of possible games, objects winning senarios.

    2. this reminds me when Microsoft tried to create a CAPTCHA out of puppy pictures. The source of the data was the daily infux of new pound puppies, directly to avoid the possibility of spammers obtaining a copy of the database of “dog” images, this new CAPTCHA systems seems to fall foul of the “given enough time and bandwidth” the bad guys can get all the relevant data they need to break this a high percentage of the time.
      The only way I can see round this is if they invite the public to create lots and lots of images and games.
      But they would need some much new material that the crooks could not keep up and that sounds unlikey to impossible.

  3. How about your given two images from Google at random, one has already been assigned a word of what it is by a person, the other hasn’t.

    You have to correctly type the writer word for the image already assigned as well as specify one for the new image.
    The system could be somewhat fussy and accept the top 5 words people have used to describe that image.

    Its all essentially a image based recapture, but it should be easier for most humans then distorted words are no?

    (and yes, the “brute force” approach to spamming the association would still be a vulnerability, but theres workarounds to that; purhapes have a huge delay between a word been assigned and one being tested. Or allow dissociative voting somehow too “is this a pensis?”…)

  4. I can’t help thinking that all this work in building “unbeatable captcha” vs breaking “unbeatable captcha” is a really great way to crowd source the development of artificial intelligence.

    1. “Daisy, Daisy, give me your answer do…”

      “No, no! How many times? NO! Pod bay doors not pot plant!”

      Yeah, I wouldn’t say that breaking this specific captcha is much of a feat, considering that the solution is included in the challenge.

    1. Looks like your average researchers site and it appears that they’re only showing things, not sharing, so it’s not like we’re going to get flooded with bots because of their work. Paranoia much? I can’t see anything wrong with the site other than the fact that it has ‘spam’ in the domain name.

      If people like spamtech weren’t doing experiments like this then the technology would never get improved in the first place.

      1. The site does clearly describe how to “turn forum users into drones”, “automatically submit a form using javascript” and “Positioning content within an iframe” with the goal of “to just show part of it, can be useful for a number of things, from clickjacking to showing selected third party content on your site.”

        Now admittedly none of this is groundbreaking in terms of “exploits,” but the site does make many references to using such stuff for nefarious purposes

  5. I hate CAPTCHAs. I have a mild form of dyslexia. Add to that the distorted letters and more often than not I have to have some one else do the CAPTCHA for me. They are also a problem for the blind. The math based ones are easy for me, don’t even have to think about them. Different people are better at different things. The bots are good at doing some tasks very well, and others not so much.

    I had the idea of multiple challenge-responses and the user gets to pick a specific number of each to do. If they try too many or few, they fail. The trick is to split up the instructions, tasks, and confirmations in such a way as to make it hard for the bots to correlate what is what.

  6. Rather than doing something that seems a lot like hardcoding (I’m referring to the updated version), Stephen could just have his program copy the challenge into a new tab, where he could brute-force everyhing as he did in his first version. Then the program could check for the red X that gives away wrong moves, continue until the game is over and “remember” which items belong where. Afterwards, it would only have to find the proper items on the actual page and replicate the proper actions. Since most of each challenge is stored in an image file, this image file could be cropped to the proper size and hashed. Everytime one of the captchas is opened, the image could also be cropped and hashed to see if the solution is already available in the database. Depending on whether it is available, the program would either start at the beginning of the algorithm or just replicate the proper solution…

    The easiest way to prevent the database would be randomly changing the colors. And then having a few challenges that look almost similar to fool programs that check the similarity between the stored and the current challenge. Also, it would be possible to have challenges like “take the tools out of the toolbox”, “put shoes on the pancakes”, etc.

    To impede duplication of the page, one could use random numbers generated by the client in a way that they a) affect the gameplay and b) are somehow sent back to the server to check validity…

    Since this post is only based on some thought experiments, it might have limited use in real life. However, I hope that it might still help the folks over at areyouhuman to improve their product’s security.

  7. Assuming the method used it to check for movement in the “game area” the method to stop trying the same object could be to check how many objects are still moving on the canvas then sample the color of the pixel under the mouse and x,y location of the object then check all other attempts based on the pixel color and a range of the x and y into which the object might have moved then disregard it until all other objects had been tried, not perfect as other objects could move into the x,y range and have the same pixel color as well as the object having moved and a different pixel color being under the mouse but it would create a slight speed increase as long as after trying all objects the ones in the block list were tried again.

  8. GAH!!! that sounds awful, just globs of javascript!
    How do blind people play it!?!
    how about people on research oses (plan9 riscos etc)!?!


    The idea behind it though is rather neat, I really prefer re-capatchas idea of solving HIT problems though…

  9. i have one that intercepts the data sent to the server manipulating it to saying you have passed the test.
    there is no filling in the captcha, just fakes the “OK you can go past” part

    dont ask me how, thats how the guy whom made it for me explained it..

    it works on every captcha ive seen..

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.