Introducing the CakePHP SecurImage Component
I’ve just released a CakePHP Component for displaying CAPTCHA images in your CakePHP based applications.
The component is fairly easy to integrate into your projects and displays dynamically generated CAPTCHA images each time the page loads. You can grab the component from here or from its GitHub repository.
The component requires the SecurImage Captcha Library to function properly.
Details about installation and usage of the component (along with code samples) can be found on it’s homepage.
Any comments / suggestions are most welcome.
The SecurImage library is far from secure, on the day you released this Component an authentication bypass was for SecurImage/PHPcaptcha was also released.
http://www.idontplaydarts.com/2011/05/exploit-phpcaptcha-securimage/
Phil » Whoa !!! Thanks for bringing that to my notice – made a very good read. I guess it’s only a matter of time before things are patched… anyway, I still haven’t created a proper mechanism in my component for outputting the audio files.
Cheers,
m^e
The SecurImage library is far from secure, on the day you released this Component an authentication bypass was for SecurImage/PHPcaptcha was also released.
http://www.idontplaydarts.com/2011/05/exploit-phpcaptcha-securimage/
Phil » Whoa !!! Thanks for bringing that to my notice – made a very good read. I guess it’s only a matter of time before things are patched… anyway, I still haven’t created a proper mechanism in my component for outputting the audio files.
Cheers,
m^e
You would have thought a patch was on the way, the author was made aware 2 months before the exploit was released and has chosen not to develop a patch for it.
You would have thought a patch was on the way, the author was made aware 2 months before the exploit was released and has chosen not to develop a patch for it.
This is a useful post, but I was wondering how do I suscribe to the RSS feed?
This is a useful post, but I was wondering how do I suscribe to the RSS feed?