Login or Register  • Home • Downloads • Your Account • Forums •

Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in Tired of the same old dreary Security Graphic? Goto page Previous  1, 2 View next topic View previous topic   Web RavenPHPScripts (This Site)      Ravens PHP Scripts And Web Hosting Forum Index » phpnuke 6.9 Author Message nickeby New Member Joined: Jan 28, 2004 Posts: 2 Posted: Wed Jan 28, 2004 1:40 pm Only registered users can see links on this board! Get registered or login to the forums! just wanted to post that link, to point out where (i think) the idea for that code came from and give the original author a little credit. by the way, the output that that script creates is far from un-readable by OCR programs. the contrast is far too high; simply adding background color behind some text doesn't make it more difficult to decipher. Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 16987 Location: Kansas Posted: Wed Jan 28, 2004 2:01 pm I'm not sure what code you are referring to, but my original post was not pirated from anywhere. I do not do that, nor do I need to. The image routines are far from anyone's intellectual property and are standard API calls. There are countless "How To's" out there that use these calls and are way older than that article of 10/18/2003 from NC. And nowhere do I state about trying to be unreadable by OCR! The subject line says it all "Tired of the same old dreary Security Graphic". nickeby wrote: just wanted to post that link, to point out where (i think) the idea for that code came from and give the original author a little credit. In the future if you think that someone needs credit I would appreciate an email or a PM before you accuse or state what you think in public. nickeby New Member Joined: Jan 28, 2004 Posts: 2 Posted: Wed Jan 28, 2004 2:13 pm sorry, got too close to the pirated-code accusation. i thought you might have used that other algorithm as the basis for yours; since both are basically the same- write some colored arcs/ellipses in random colors, with a random string on top. i apologize for the original tone of that posting. the code you posted is not ripped from that code on nukecops. to the other point... the function these security graphics are supposed to serve is to be unreadable by character-recognition programs, right? because if it's easily readable by an OCR, then somebody can write a few scripts to fill out your forms or whatnot, almost as easily as if the security graphic weren't there at all. Raven Site Admin/Owner Joined: Aug 27, 2002 Posts: 16987 Location: Kansas Posted: Wed Jan 28, 2004 2:19 pm I'll stand down from defcon 1 now . As a developer myself I am very careful, as I can be, to give credit where credit is due. I appreciate your follow-up. Actually, in the case of Nuke, the graphic is meant more to discourage bots and automated programs from getting at your site by guessing the algorithm. For that purpose it bodes quite well. To your point though, if you are a security nut , then you will require more of a smear type graphic. beetraham Regular Joined: Dec 13, 2003 Posts: 94 Location: Finland (EU) Posted: Sun Nov 21, 2004 10:31 pm Cheers, As per reading the Raven's post today "initially", I decided to make some experiments based on the presented Code Examples. The attached piece of code is an indirect shameless application based on Raven's Code Example (functional!) and the NC Code Example (disfunctional!). The set goal was to have the output being distorded in such "deterministic" way that the Security Code would be more harder to read by an OCR - this was achieved by applying a provocative DUPLICATE key generation in close vicinity of each "main key". (=> Gone fishing. Me thinks me fisherman, OCR fish.) Emphasized: Quote: * random size constraints narrowed --> higher probability for appearing non-overlapping visible DUPLICATE KEYS (X-axis; Y-axis) * randow x-axis deviation offset increased --> higher probability for appearing non-overlapping (X-axis shift/drift) <=> All this carried out to require "more human intelligence" around to read it out, ie. to make it harder for OCR. The OCR resistance can be hardened/fine-tuned accordingly even further, however this will suit to my personal purposes in the first place (time will tell, whether I should reconsider updating "Security Code" generation mechanism in the future). In case that you are interested in the actual output, you may want see "Security Code" in action at URL : Only registered users can see links on this board! Get registered or login to the forums! Code: function gfx($random_num) {     global $prefix, $db, $module_name;     require("config.php");     $datekey = date("F j");     $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));     $code = substr($rcode, 2, 6);     // constants (variables) declaration     $circles=5;     $width=100;     $height=20;     // initializing with random image generation     Header("Content-type: image/jpeg");     $image = ImageCreate($width,$height);     // limiting RGB outputs to range 128:255 [absolute range : 0:255] //        for ($i=1;$i<=$circles;$i++) {         $randomcolor = imagecolorallocate ($image , rand(128,255),rand(128,255),rand(128,255));         imagefilledellipse($image,rand(0,$width-10),rand(0,$height-3),rand(20,70),rand(20,70),$randomcolor);     }     // limiting RGB outputs to range 192:255 [absolute range : 0:255] //     for ($cnt=0; $cnt<12; $cnt++) {         $text_color = ImageColorAllocate($image, intval(rand(192,255)), intval(rand(192,255)), intval(rand(192,255)));         ImageArc($image,($cnt*8),10,intval(rand(15,30)),intval(rand(15,30)),0,360, $text_color);     }     // limiting RGB outputs to range 0:63 [absolute range : 0:255] //     for ($idx=0; $idx<24; $idx++) {         $text_color  = ImageColorAllocate($image, intval(rand(0,63)), intval(rand(0,63)), intval(rand(0,63)));         $text_color1 = ImageColorAllocate($image, intval(rand(0,63)), intval(rand(0,63)), intval(rand(0,63)));         ImageString ($image, intval(rand(1,2)), 9+($idx*14), 2, substr($code,$idx,1), $text_color);         ImageString ($image, intval(rand(1,5)), 11+($idx*14), 2, substr($code,$idx,1), $text_color1);     }     // outputting the image     ImageJPEG($image, '', 100);     ImageDestroy($image);     die(); } Just my 1.99 cents. BR, -beetraham Mesum Useless Joined: Aug 23, 2002 Posts: 213 Location: Chicago Posted: Mon Nov 22, 2004 1:42 am Man your security code is really hard to read. Coldy Hangin' Around Joined: Apr 24, 2004 Posts: 40 Location: Austria Posted: Fri Jul 01, 2005 2:52 am This is an nice hack, but it's realy hard to see the numbers. How can i make this a little bit better for use? Coldy myrtletrees Involved Joined: Sep 13, 2005 Posts: 259 Location: Cornfields of Indiana Posted: Wed Jul 19, 2006 12:40 pm is there an update for this in newer version of PHP-Nuke that do not have the function gfx in the moduel/Your_Account/index.php file? Raven's distro 7.6 Also, I have searched and found various suggestions in the forums here for changing the length of the code, form 6 digits to 8, but nothing works that was suggested Guardian2003 Site Admin Joined: Aug 28, 2003 Posts: 6373 Location: Vsetin, Czech Republic Posted: Wed Jul 19, 2006 3:00 pm I am not usre I understand your question myrtletrees. The security image should display depending on it's setting in config.php myrtletrees Involved Joined: Sep 13, 2005 Posts: 259 Location: Cornfields of Indiana Posted: Wed Jul 19, 2006 5:33 pm Hi Guardian, I was referring to first thread in this topic discussion. My security image shows as it should using the settings in config.php, however, I would like to know how to "spice up" the security image using the code Raven posted, and also how to make the Security image code more than 6 digits. nextgen Worker Joined: Sep 28, 2006 Posts: 135 Location: Maryland Posted: Wed Nov 15, 2006 2:29 pm If anyone knows of an easy mod to add a trie captcha like in IPB or VB could they pass along the link please ? jakec Site Admin Joined: Feb 06, 2006 Posts: 3038 Location: United Kingdom Posted: Wed Nov 15, 2006 4:11 pm Sorry what's a 'trie captcha'? I assume this is different to the standard nuker captcha? Display posts from previous:   All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First        Ravens PHP Scripts And Web Hosting Forum Index » phpnuke 6.9 Goto page Previous  1, 2  Jump to:  Select a forum Read Me First!!!----------------Board Rules and Regulations Web Hosting Services----------------RWH GeneralRWH Pre Sale QuestionsRWH Client Center Application OnlyRWH OtherFAQ - PHP5 w/phpSuExec Conversion From PHP4PHP5 Conversion Issues From PHP4 RavenNuke(tm) Programming Standards/Approaches/Philosophy----------------RavenNuke / Raven CMS CMS WikiSecurity IssuesConverting/Creating BlocksConverting/Creating ModulesConverting/Creating ThemesConverting/Creating OtherConverting/Creating General DiscussionCertification - Submit Scripts For RavenNuke(tm) CertificationCertification - Modules, Blocks, Other Scripts/Applications Converted For RavenNuke(tm)Certification - All Discussion RavenNuke(tm) v2.5x----------------RavenNuke(tm) v2.5x RavenNuke(tm) v2.4x----------------v2.4 RN Announcementsv2.4 RN Documentationv2.4 RN Issues RavenNuke(tm) v2.3x----------------v2.3 RN Announcementsv2.3 RN Quick Fixesv2.3 RN Issuesv2.3 RN Documentationv2.3 RN Feedback/Suggestionsv2.30.01 RN Security Issuesv2.30.01 RN New Installation Issuesv2.30.01 RN Upgrade Issuesv2.30.01 RN All Other Issues RavenNuke(tm) v2.2x----------------RN v2.20.00 - AnnouncementsRN v2.20.00 - All IssuesRN v2.20.00 - Feedback RavenNuke(tm) Addons----------------FCKeditor/WYSIWYG IssuesnukeFeed/FeedCreatorForum Attachment ModnukeSEOShortLinks/TegoNukeNukePie/SimplePieeCommerce Site Specific Stuff----------------READ ME FIRSTAnnouncementsRaven's v7.0 Customized DistroHack Attempt ScriptRaven's Customized Distribution PacksBUGS/FIXES - Raven's v7.3 Customized DistroCache Lite Admin ModuleNuke Tool Box (TM)Captcha SecurityRaven's RavenNuke(tm) v1.x DistroRaven's RavenNuke(tm) v2.00.00 - v2.02.00 DistroWYSIWYG - Raven's RavenNuke(tm) v2.x DistroRaven's Collapsing Forums BlockGT - Raven's RavenNuke(tm) v2.x DistroRaven's RavenNuke(tm) v2.02.02 DistroPost Fixes - Raven's RavenNuke(tm) v2.02.02 DistroPublic Testing of RavenNuke(tm) v2.10.00HtAccesserIssues/Problems With This Site Security----------------NukeSentinel(tm) Country and IP2Country UpdatesSecurity - PHP NukeSecurity - OtherNukeSentinel(tm) v2.6.xNukeSentinel(tm) v2.5.xNukeSentinel(tm) v2.4.xNukeSentinel(tm)NukeSentinel(tm) Bug ReportsNukeSentinel(tm) Enhancement RequestsNukeSentinel(tm) AnnouncementsPHP-Nuke Patched Series By Chatserv Information About Forums----------------PHPBBBB2NukePunBB PHP-Portal Project (Not General phpnuke!)----------------AnnouncementsDesign Discussions Scripts - General----------------Bug FixesGeneral/Other StuffHow To'sInstallation HelpPost Installation HelpGT - Next Gen and StandardSeeking applications ...ThemesBlocksModulesMaking Nuke Efficientphpnuke 8.1phpnuke 8.0phpnuke 7.9phpnuke 7.8phpnuke 7.7phpnuke 7.6phpnuke 7.6 Bugs/Fixesphpnuke 7.5phpnuke 7.4phpnuke 7.3phpnuke 7.2phpnuke 7.1phpnuke 7.0phpnuke 6.9phpnuke 6.8Bug Fixes for phpnuke 6.5phpnuke 6.5Gallery/Gallery2CNB Your AccountBrowser Specific IssuesUpgrading NukeNuke Treasury NSN Scripts----------------NSN NewsNSN GroupsNSN OtherNSN Gr Downloads - a.k.a NukeDepositoryNSN NukeProject Other CMS/Portal Applications----------------Post NukeNuke PlatinumNuke Evolution PHPBB----------------Stand Alonew/Nuke 6.5w/Nuke 6.9BBtoNuke ModsBBtoNuke General Programming - Server Help----------------PHPMySQLFor HireApacheHTMLCSSJavaScriptServer Help Guestbook Application (KISGB)----------------KISGB General Support Stock Quote Application (KISSQ)----------------KISSQ General Support RavenNuke(tm) v2.10.01----------------RN v2.10.01 - All IssuesRN v2.10.01 - Feedback RavenNuke(tm) v2.10.00----------------RN AnnouncementsRN FAQRN Bug FixesRN Not BugsRN Documentation Issues/SuggestionsRN Enhancement Requests and SuggestionsRN NSN Groups IssuesRN Themes IssuesRN NukeSentinel(tm) issuesRN Installer/Setup IssuesRN Bug Reports - Other IssuesRN Conversion Issues From v2.02RN Conversion Issues From Standard phpNukeRN The Good, The Bad, The Ugly 6.5 Hacks----------------Old Articles Hack Nuke News Module Hack To Allow Ordering of Articles----------------News Module Hack - AnnouncementsNews Module Hack - BugsNews Module Hack - Enhancement RequestsNews Module Hack - Discussion Other Stuff----------------Other - DiscussionOther - Sites To VisitOther - Chit ChatOther - PoliticsOther - Movie ReviewsOther - Humor Religion----------------Religion - GeneralPrayer/Praise Requests Potpourri----------------Rants & Raves Private----------------Reading - AnnouncementsReading - Digital BooksReading - Hard/Soft cover BooksReading - Digital MagazinesReading - Printed Magazines  View next topic View previous topic You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Forums ©

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2011 by Raven

You can syndicate our news using the file



Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.


:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
:: :: ::

zerosum