Is it possible to grab hidden code in ClientForm?
rdmurray at bitdance.com
rdmurray at bitdance.com
Sun Mar 1 11:27:54 EST 2009
Muddy Coder <cosmo_general at yahoo.com> wrote:
> Nowadays some websites let users to fill in some so-called
> verification code, and the tricky thing is that the CODE is delivered
> from server with an image. For example:
>
> <img src="/jobsearch/captcha.jpg" name="CAPTCHA_IMAGE" border="1" /
> > <a href="#" onClick="changeSource();">Refresh Image</a>
>
> When click Refresh Image, the CODE on the image changes. I wonder:
> does the server really send a new image over to browser, or just send
> a hidden code over? Is it possible to parse out such hidden code?
>
> The other example is:
>
> <img src="/images/verify.png;jsessionid=ahZsBmwyLGuf" alt="Digital
> Signature Code" />
> <input name="jsessionid" type="hidden" value="ahZsBmwyLGuf" />
>
> I did a few REFRESH on browser, and noticed the CODE changed. But,
> when I viewed the HTML source code, the value "ahZsBmwyLGuf" remained
> the same. What is the trick around here? That is why I am wondering
> whether the server really keeps sending new images over, or just
> sending new hidden codes over. If the trick is just keep sending
> hidden codes over, there might be a chance of capturing the codes. Can
> somebody help me out? Thanks a lot!
If there were some way for a program to extract the code from what
the server sent, then the whole point of using the Captcha (preventing
spam robots from posting) would be defeated.
--RDM
More information about the Python-list
mailing list