Cracking and Design of graphic verification Codes

The graphic Verification Code is designed to prevent automatic identification by machines by making use of the implications of the human brain. However, a low-level graphic
The Verification Code (which can be quickly cracked) has no significance except for increasing network traffic. There are too many "generate verification codes" on the Internet"
The tutorial focuses on how to generate images, but its practicality is almost zero.

Graph Generation is a basic skill. Any platform provides a memory graphical environment and a device context (DC) for you to operate.
The graphics in CDC and Java/. Net all provide more drawing APIs than you need.
Necessary. (in some cases, we can see that the image is superimposed as a watermark. The image watermark refers to a picture that can be separated but not visible after synthesis.
Transparent channels for encryption and verification technologies such as electronic seals). To design a complex and hard-to-crack graphic verification code, you need to understand
Common technical types that can crack graphic verification codes.

The session lifetime is used to determine whether to use the same graphic verification code infinitely after the other one is set by the naked eye. This is not counted as a cracking of the graphic verification code.
It is just a logic bug designed by inexperienced programmers. That is, the session retention period of the graphic verification code is global, rather than for a certain
The verification process is as follows:

The client requests a graphical verification code. The server generates a graphical verification code and places the content of the verification code in the session.
After the client submits the verification code content through the input box, the content in the server and session is compared.
After successful verification, log on successfully.
However, the verification code session has not expired, and the client can use the same content for another verification. Therefore, each verification
Sessions with verification codes should be destroyed immediately. Such logic bugs can be cracked by people without any technical experience.

Most of the attempts to crack the graphic identification code are to cut and compare the verification code.
Assume that the number on the image generated by the graphic verification code is 1234.

I. Cutting: first, a certain algorithm can be used to cut the image into the smallest four images, and the surrounding blank space can be removed as much as possible.
2. Fading: fades the color image into black and white. The two poles are used, and the values between 0 and 128 are regarded as black, and those between 128 and 255 are regarded as white.
3. Remove the acute point and make the continuous black range less than a certain value, for example, the area smaller than the midpoint of the minimum stroke into white.
4. Perform the minimum cutting.
5. Comparison: Use a well-established graphics library for Pixel comparison. Because the image has been processed above, it has become both black and white.
First, compare the clean specimen image in the image library with the target image without any verbose points.
Whether or not Suru exists in the target. If there are any black spots in the target image, the black spots that do not exist in the specimen image should be click.
The black pixels of the target image are compared to the specimen image to check whether the image exists.
This process can only serve as a reference. passing is a sufficient condition and not a necessary rejection condition.

From the above comparison process, we can see that the most important step of comparison is cutting. How can we ensure that the target image is successfully cut to an existing one?
Specimen size matching is the most critical technique.

If your image content is generated according to the rules, for example, you can draw a complete line of content string in drawstring.
The interval is fixed, and the character size is fixed. Even if you only draw one word at a time, each word has a different meaning, but you only need to follow the minimum cut
Cut, that is, to remove the blank spaces with no valid points in all rows and columns, and then compare them with a set of specimens with the minimum cut.
Font size and style (italic, underline, bold), body (,) changes are not difficult to increase, as long as according to different font size and style
There are several sets of specimen libraries for the sample and body types. Of course, the more the changes, the higher the possibility of errors, but the changes in the font size and style are not fundamental.
Means.

If your verification code only has two colors: black and white, it really makes the hacker so grateful. The complicated color can make it increase in the fading process.
Add error probability.

A long bar is similar to a stroke. It does not play a major role in comparison, because it can be used to find the target image corresponding to the pixel of the specimen image.
Vertices are redundant, but the broken points and irregular intervals of Long-stripe strokes play a major obstacle to cutting.
The main point is overlapping technology.

The overlap between two words is basically no obstacle for visual recognition, but it is fatal for machines that depend on the cut ratio.
Therefore, make sure that your Verification Code contains some overlapping text content. If the number of words is long, for example, eight characters, two to three of them
Then the basic cracking program will die. Some advanced cracking programs use color difference cutting, and different colors at the intersection of the two words
As the cutting boundary, the overlapping words can be set to the same color here, increasing the cutting difficulty.

As long as the data cannot be cut, other methods are not feasible. Therefore, designing a hard-to-cut verification code is the most effective way to prevent cracking.
Yes.

The text content only adds the comparison time. If you use 18030 Chinese characters and 10 numbers, the comparison process may increase by more than 1000 times.
Machine comparison is not difficult, but it greatly enhances the difficulty of making a specimen Image Library. the following is a simple example using C. complex Design is illustrated in a simple way. In fact, the most important thing to grasp is to ensure at least one
This is just an example. When it is practical, I will make more than three overlaps. I use different font sizes to identify the irregularity of the interval.
Save both the original ampersand number and the converted number. You can enter only ampersand numbers or
All content is acceptable. Note that if the input content contains bad words, you should provide an input interface such as a soft keyboard.

Using system;
Using system. drawing;

Namespace testword
{
/// <Summary>
/// Summary of class1.
/// </Summary>
Class class1
{
/// <Summary>
/// Main entry point of the application.
/// </Summary>
[Stathread]
Static void main (string [] ARGs)
{
//
// Todo: Add code here to start the application
//
String charlist = "0123456789 ";
Int [] size = {10, 12, 14 };
String [] fm = {"", "_ gb2312"," "};
 

Datetime dt = datetime. now;
Random r = new random ();
Int x = R. Next (10000,100 000 );

String TMP = "";
String src = x. tostring ();

Bitmap BMP = new Bitmap (100, 20); // generates a BMP object with a width of 100 and a height of 20 pixels.
Graphics G = graphics. fromimage (BMP );
G. fillrectangle (brushes. Whites, 0, 0,100, 20 );
Console. writeline (SRC );
Int lastsize = 0;
Color lastcolor = color. blue;
Bool into = false;
For (INT I = 0; I <5; I ++)
{
Char CH = charlist [convert. toint32 (SRC [I]. tostring ()];
TMP + = CH;
Int SZ = size [R. Next (0, 3)];
If (I = 3 &&! Into) // five words in total. When there are 4th overlapping words, the fourth character should be set to 14 characters.
// Ensure overlap
SZ = 14;
Int Cr = R. Next (0,200 );
Int CG = R. Next (0,200 );
Int cb = R. Next (0,200 );
Color c = color. fromargb (Cr, CG, CB );
Int sub = 0;
If (lastsize = 14)
{// If the last word is "14", the next word will intrude into the left to ensure overlap.
// The visualization of overlapping large font sizes is better than that of small font sizes.
// Set the color of the current character to the color of the previous character when overlapping
C = lastcolor;
Into = true;
Sub = 8;
}
G. drawstring (ch. tostring (),
New font (New fontfamily (FM [R. Next (0, FM. Length)]), SZ ),
New solidbrush (c ),
New Point (I * 20-sub, 0 ));
// Here, because the font size is different and the interval is different, but the start point of each word is the same, you can modify it according to the previous word
// Adjust the starting point.
Lastsize = SZ;
Lastcolor = C;
}
BMP. Save ("D:/aaa.gif ");
Console. writeline (TMP );

}
}
}