================================================================ Introduction: ============================== Captcha Intruder is an automatic pentesting tool to bypass captchas. ================================================================ Options and features: ============================== cintruder [OPTIONS] Options: --version show program's version number and exit -h, --help show this help message and exit -v, --verbose active verbose mode output results --proxy=PROXY use proxy server (tor: http://localhost:8118) --gui run GUI (CIntruder Web Interface) --update check for latest stable version ->Tracking: --track=TRACK download captchas from url (to: 'inputs/') --track-num=S_NUM set number of captchas to download (default: 5) --tracked-list list last tracked captchas (from: 'inputs/') ->Configuration (training/cracking): --set-id=SETIDS set colour's ID manually (use -v for details) ->Training: --train=TRAIN train using common OCR techniques ->Cracking: --crack=CRACK brute force using local dictionary ->Modules (training/cracking): --mod=NAME set a specific OCR exploiting module --mods-list list available modules (from: 'mods/') ->Post-Exploitation (cracking): --xml=XML export result to xml format --tool=COMMAND replace suggested word on commands of another tool. use 'CINT' marker like flag (ex: 'txtCaptcha=CINT') ================================================================ Examples of usage: ============================== ------------------- * View help: $ ./cintruder --help ------------------- * Update to latest version: $ ./cintruder --update ------------------- * Launch web interface (GUI): $ ./cintruder --gui ------------------- * Simple crack from file: $ ./cintruder --crack "inputs/captcha.gif" ------------------- * Simple crack from URL: $ ./cintruder --crack "http://host.com/path/captcha_url" ------------------- * Simple crack from local, exporting results to a xml file: $ ./cintruder --crack "inputs/captcha.gif" --xml "test.xml" ------------------- * Simple crack from url, with proxy TOR and verbose output: $ ./cintruder --crack "http://host.com/path/captcha_url" --proxy="http://127.0.0.1:8118" -v ------------------- * Train captcha(s) from url, with proxy TOR and verbose output: $ ./cintruder --train "http://host.com/path/captcha_url" --proxy "http://127.0.0.1:8118" -v ------------------- * Track 50 captcha(s) from url, with proxy TOR: $ ./cintruder --track "http://host.com/path/captcha.gif" --track-num "50" --proxy "http://127.0.0.1:8118" ------------------- * List available modules (from "mods/"): $ ./cintruder --list ------------------- * Launch an OCR module to train a specific local captcha: $ ./cintruder --train "inputs/easycaptcha.gif" --mod "module_invocation_name" ------------------- * Launch an OCR module to crack a specific online captcha, with verbose output: $ ./cintruder --crack "http://host.com/path/captcha_url" --mod "module_invocation_name" -v ------------------- * Replace suggested word by CIntruder after cracking a remote url on commands of another tool (ex: "XSSer"): $ ./cintruder --crack "http://host.com/path/captcha_url" --tool "xsser -u http://host.com/path/param1=foo¶m2=bar&txtCaptcha=CINT" -------------------