Cатсн²² (in)sесuяitу / ChrisJohnRiley

Back in October 2009 I wrote a technical review of the http://scr.im service (a captcha protection for email addresses). I pointed out some issues with the way they use captchas, as well as some technical issues with the way the site functioned. At the time I didn’t think it was worth putting out a Proof of Concept tool to exploit the site, but after the issue was brought up again on Twitter a year later, I decided to write a quick Python script to extract email addresses from scr.im directly using some of these flaws.

A friend of mine has also written a Selenium script to do the same (script | video)

So, I proudly present scr.im-jim (a play on the slim-jim tool used to break into cars without keys). It’s not the prettiest code ever, but as with everything, I learnt something from writing the tool, so for that it makes it worthwhile.

The Python script uses BeautifulSoup (easy_install beautifulsoup).

usage:

 Pass a single userID variable to the script and allow it to crack the captcha used by scr.im.

 -i / --id= scr.im ID to be checked
 -v verbose output

Example:

 ./scr.im-jim.py -i 12345
 ./scr.im-jim.py --id=12345

A video of the tool in action (short and sweet) can be seen below (direct link)

The video is bet viewed in HD quality, you can click through on the video above, or use the shortcut below to directly access it on the Vimeo site.

Warning: This may be against the Terms of Service for scr.im, use at your own risk! This is a Proof of Concept to show a vulnerability, not an attack tool!

Links:

• Download the PoC script –> scr.im-jim.py
• Watch the video –> demo