SQL INJECTION TRUTHS: recaptcha in classic asp

Tuesday, 23 April 2013

recaptcha in classic asp

Recaptcha In Classic ASP

----------------------------------------------------------------------------------------------------------
Visit the below URLS
https://www.google.com/recaptcha/admin/create
https://developers.google.com/recaptcha/docs/asp
https://developers.google.com/recaptcha/docs/customization

(OR)

download free captcha code in the below URL
http://sqlinjectiontruths.blogspot.in/2013/04/download-free-captcha-code-in-asp.html

Recaptcha Code Steps

Step1:

Place the following code, above the <form> tag

<script type="text/javascript">
var RecaptchaOptions = {
theme : 'clean',
};
</script>

Step2:

Place the following code between <form></form> tags (or) above the <submit> button
Replace the public_key with re

Complete a quick security check, Type both words separated by a space below*
<script type="text/javascript"
src="http://www.google.com/recaptcha/api/challenge?k=public_key">
</script>
<noscript>
<iframe src="http://www.google.com/recaptcha/api/noscript?k=public_key"
height="300" width="500" frameborder="0"></iframe>
<br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40">
</textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge">
</noscript>

Step3:

Place the following code in the action page


<% if server_response <> "" or newCaptcha then %>
<% if newCaptcha = False then %>

Wrong Captcha value entered!
<%
Response.End
end if
%>
<%end if%>

Step4:

Create recaptcha.asp in includes folder, Replace public_key,private_key

<%
dim recaptcha_challenge_field,recaptcha_response_field,recaptcha_public_key,recaptcha_private_key
dim server_response,newCaptcha
recaptcha_challenge_field = Request.Form("recaptcha_challenge_field")
recaptcha_response_field = Request.Form("recaptcha_response_field")
recaptcha_public_key = "public_key" ' your public key
recaptcha_private_key = "private_key" ' your private key

' returns the HTML for the widget
function recaptcha_challenge_writer()

recaptcha_challenge_writer = _
"<script type=""text/javascript"">" & _
"var RecaptchaOptions = {" & _
" theme : 'clean'," & _
" tabindex : 0" & _
"};" & _
"</script>" & _
"<script type=""text/javascript"" src=""http://www.google.com/recaptcha/api/challenge?k=" & recaptcha_public_key & """></script>" & _
"<noscript>" & _
"<iframe src=""http://www.google.com/recaptcha/api/noscript?k=" & recaptcha_public_key & """ frameborder=""1""></iframe><>" & _
"<textarea name=""recaptcha_challenge_field"" rows=""3"" cols=""40""></textarea>" & _
"<input type=""hidden"" name=""recaptcha_response_field""value=""manual_challenge"">" & _
"</noscript>"

end function

' returns "" if correct, otherwise it returns the error response
function recaptcha_confirm(rechallenge,reresponse)

Dim VarString
VarString = _
"privatekey=" & recaptcha_private_key & _
"&remoteip=" & Request.ServerVariables("REMOTE_ADDR") & _
"&challenge=" & rechallenge & _
"&response=" & reresponse

Dim objXmlHttp
Set objXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXmlHttp.open "POST", "http://www.google.com/recaptcha/api/verify", False
objXmlHttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXmlHttp.send VarString

Dim ResponseString
ResponseString = split(objXmlHttp.responseText, vblf)
Set objXmlHttp = Nothing

if ResponseString(0) = "true" then
'They answered correctly
recaptcha_confirm = ""
else
'They answered incorrectly
recaptcha_confirm = ResponseString(1)
end if

end function

server_response = ""
newCaptcha = True
if (recaptcha_challenge_field <> "" or recaptcha_response_field <> "") then
server_response = recaptcha_confirm(recaptcha_challenge_field, recaptcha_response_field)
newCaptcha = False
end if
%>

Source:

https://developers.google.com/recaptcha/docs/asp

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)