{"id":13842974,"url":"https://github.com/f0ng/captcha-killer-modified","last_synced_at":"2025-05-14T16:14:14.095Z","repository":{"id":37675778,"uuid":"471363277","full_name":"f0ng/captcha-killer-modified","owner":"f0ng","description":"captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite","archived":false,"fork":false,"pushed_at":"2025-03-17T06:45:49.000Z","size":2380,"stargazers_count":1660,"open_issues_count":1,"forks_count":159,"subscribers_count":20,"default_branch":"main","last_synced_at":"2025-04-13T03:59:45.198Z","etag":null,"topics":["burp","burp-extensions","burp-plugin"],"latest_commit_sha":null,"homepage":"https://f0ng.github.io/2022/03/24/burp%E9%AA%8C%E8%AF%81%E7%A0%81%E7%88%86%E7%A0%B4%E6%8F%92%E4%BB%B6%E4%BA%8C%E6%94%B9/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/f0ng.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-18T12:41:58.000Z","updated_at":"2025-04-12T16:42:37.000Z","dependencies_parsed_at":"2023-01-30T18:45:51.645Z","dependency_job_id":"19f9fc4d-8660-4036-af9d-59a9ae618cc1","html_url":"https://github.com/f0ng/captcha-killer-modified","commit_stats":null,"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f0ng%2Fcaptcha-killer-modified","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f0ng%2Fcaptcha-killer-modified/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f0ng%2Fcaptcha-killer-modified/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/f0ng%2Fcaptcha-killer-modified/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/f0ng","download_url":"https://codeload.github.com/f0ng/captcha-killer-modified/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248661706,"owners_count":21141450,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp","burp-extensions","burp-plugin"],"created_at":"2024-08-04T17:01:52.647Z","updated_at":"2025-04-13T03:59:51.042Z","avatar_url":"https://github.com/f0ng.png","language":"Java","funding_links":[],"categories":["Java","burpsuite插件"],"sub_categories":[],"readme":"# captcha-killer-modified 适配新版Burpsuite\n[![Repo stars](https://img.shields.io/github/stars/f0ng/captcha-killer-modified)](https://github.com/f0ng/captcha-killer-modified/stargazers)\n[![Downloads total](https://img.shields.io/github/downloads/f0ng/captcha-killer-modified/total?label=Downloads)](https://github.com/f0ng/captcha-killer-modified/releases)\n[![Repo tags](https://img.shields.io/github/v/tag/f0ng/captcha-killer-modified?label=Latest)](https://github.com/f0ng/captcha-killer-modified/tags)\n[![Downloads latest total](https://img.shields.io/github/downloads/f0ng/captcha-killer-modified/latest/total?label=Downloads@latest)](https://github.com/f0ng/captcha-killer-modified/releases)\n\n\n\n## 原项目地址：  https://github.com/c0ny1/captcha-killer\n\n# [用法与常见报错](https://github.com/f0ng/captcha-killer-modified/blob/main/FAQ.md)\n\n## 免责声明\n\n该工具仅用于安全自查检测\n\n由于传播、利用此工具所提供的信息而造成的任何直接或者间接的后果及损失，均由使用者本人负责，作者不为此承担任何责任。\n\n本人拥有对此工具的修改和解释权。未经网络安全部门及相关部门允许，不得善自使用本工具进行任何攻击活动，不得以任何方式将其用于商业目的。\n\n### 文章案例\n\u003ehttps://github.com/c0ny1/captcha-killer  [插件源项目]\n\u003e\n\u003ehttps://gv7.me/articles/2019/burp-captcha-killer-usage/ [原插件用法]\n\u003e\n\u003ehttps://github.com/sml2h3/ddddocr [验证码识别项目]\n\u003e\n\u003ehttps://github.com/PoJun-Lab/blaster [验证码登录爆破]\n\u003e\n\u003ehttps://www.cnblogs.com/4geek/p/17145385.html#!comments [captcha-killer-modified详细用法及部分问题解决方案(如验证码识别位数问题)]\n\n交流群\n\n\u003cimg width=\"100\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/204838629-e289f0fe-3bd8-4393-82ef-a2a19d7b7f4c.png\"\u003e\n\n\n二维码失效请加微信`f-f0ng`、备注captchakillermodified交流\n\n关注主页公众号（only security），回复`captchakillermodified`获取下载地址】\n\n\n### 提issue之前请说明如下字段：\n1. burp版本\n2. 启动burp的jdk版本\n3. burp的Extender中Options配置的jdk版本\n\n### 安全培训\n\n![brzif4oz b4w](https://github.com/user-attachments/assets/dd24bae0-d672-40f6-bd04-144671b67187)\n\n学网络安全，就选玲珑安全！专业漏洞挖掘，精准定位风险；助力技能提升，塑造安全精英;玲珑安全，为您的数字世界保驾护航！  \n在线免费学习网络安全，涵盖src漏洞挖掘，0基础安全入门。适用于小白，进阶，高手: https://space.bilibili.com/602205041  \n玲珑安全往期学员报喜🎉: https://www.ifhsec.com/list.html  \n玲珑安全漏洞挖掘培训学习联系微信: `f-f0ng`  \n备注：玲珑安全培训\n\n\n\n# 捐赠 （如果项目有帮助到您，可以选择捐赠一些费用用于captcha-killer-modified的后续版本维护，本项目长期维护）\n\n\u003cimg width=\"251\" alt=\"image\" src=\"https://github.com/f0ng/autoDecoder/assets/48286013/5151b992-b98a-4cef-a6c7-e83e068eb363\"\u003e\n\n\u003cimg width=\"251\" alt=\"image\" src=\"https://github.com/f0ng/autoDecoder/assets/48286013/e9318b91-2521-4c14-93d8-9737fd7a4729\"\u003e\n\n\n## 插件优化的地方\n1. 修改了原项目中`sun.misc.BASE64Encoder`报错的问题\n\n2. 优化了验证码`data:image`识别问题\n\n3. 添加了ddddocr验证码识别库\n\n4. 增加自定义关键词获取验证码\n\n\u003cimg width=\"1439\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/159115886-7e482f8e-d36a-416a-8b67-c535e741d114.png\"\u003e\n\n\n\n \u003cimg src=\"https://user-images.githubusercontent.com/48286013/159009462-b028fb9f-05de-4c82-ae72-f576fa0adf8c.png\" width=\"160\" height=\"800\" /\u003e\n \n  \u003cimg src=\"https://user-images.githubusercontent.com/48286013/159009480-b4dcb61e-7798-49cc-a118-dfd1e02ae592.png\" width=\"115\" height=\"650\" /\u003e\n    \n识别成功率在85%左右。\n\n具体修改请查看微信公众号文章\nhttps://mp.weixin.qq.com/s/_P6OlL1xQaYSY1bvZJL4Uw\n\n\n## 更新日志\n\n【2022-3-21】 增加可识别情况，~~当出现关键字为B/base64时，进行验证码识别~~\n\n【2022-3-24】 增加自定义关键字，删减锁定按钮\n\n\u003cimg width=\"630\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/159827943-7ee4480c-b090-42e6-a5c7-485fc6fb500e.png\"\u003e\n\n\u003cimg width=\"614\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/159828004-821758a5-3626-4446-b951-0527377c8c14.png\"\u003e\n\n【2022-3-30】适配`data:image\\/png`与base64中出现`\\r\\n`情况\n\n\u003cimg width=\"627\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/160766851-c5b4a872-9be6-4afb-a547-1af843a1e101.png\"\u003e\n\n【2022-4-12】提升准确性，修改识别验证码端代码，主要修改如下：\n\n1. 增加basic认证，方便部署在公网，使用`tmux`在后台运行即可\n\n2. 对验证码识别部分进行修改，针对识别出来多位，可以进行自行删改，举例，如验证码是四位，但是ddddocr识别出来了五位，那么可以截取`text=ocr.classification(img_bytes)[0:4]`前四位；\n   \n   如ddddocr对特定类验证码的识别中字母`O`与数字`0`识别混淆，可以进行替换`text=ocr.classification(img_bytes).replace(\"0\",\"O\")`\n\n【2022-7-2】\n\n1. 优化验证码对于base64的识别#10 ，原因在于base64编码中存在`\\n`，`0.16`版本增加对`\\n`的处理，感谢@DreamAndSun 师傅反馈\n\n【2022-11-30】 0.17\n\n1. 添加响应提取，针对获取验证码请求中有类似token字段，在登录包的同时需要token校验的情况，在需要token校验的字段使用`@captcha-killer-modified@`\n\u003cimg width=\"650\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/204822669-7ea6022e-8028-4526-a653-03488a196d48.png\"\u003e\n\n2. 增加对验证码进行二次处理的案例(验证码为gif图，且验证码具体是在gif图的第二帧，无法直接识别)，见[用法与常见报错](https://github.com/f0ng/captcha-killer-modified/blob/main/FAQ.md)\n\n【2022-12-9】 0.18\n1. 添加`@captcha@`参数替代验证码，方便在repeater参数内进行测试\n\n\u003cimg width=\"804\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/206609271-5cc8bdcf-2141-4616-9a60-7ab9493f18c2.png\"\u003e\n\n【2022-12-14】 0.19\n\n增加URL解码、过滤图片编码中的`.`\n\n【2022-12-23】 0.20\n\n修复了url识别问题、爆破顺序错乱问题、响应包直接为base64编码导致爆破失败问题\n\n【2023-2-1】 0.21\n\n- 增加默认验证码模板`ddddocr`，适配`codereg.py`\n\n\u003cimg width=\"675\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/215937694-d494a9b9-0b31-4c5c-adf8-0cb24e60f43c.png\"\u003e\n\n- 增加识别结果关键字显示，方便查看关键字是否与验证码对应\n\u003cimg width=\"493\" alt=\"image\" src=\"https://user-images.githubusercontent.com/48286013/215937812-f43d592e-170b-4fb0-86e4-2f34fc16bb0e.png\"\u003e\n\n【2023-2-10】 0.21-beta    \n- 优化验证码编码中的`\\n`处理\n- 优化`@captcha@`的判断方式\n\n【2023-3-14】 0.22 重要问题修复\n- 修复了装载插件会影响proxy选项卡的问题\n\n【2023-3-28】 0.23 \n- 增加[验证码返回包中明文返回验证码爆破案例](https://github.com/f0ng/captcha-killer-modified/blob/main/FAQ.md#13-%E9%AA%8C%E8%AF%81%E7%A0%81%E5%93%8D%E5%BA%94%E5%8C%85%E6%9C%89%E6%98%8E%E6%96%87%E9%AA%8C%E8%AF%81%E7%A0%81%E5%A6%82%E4%BD%95%E9%85%8D%E5%90%88%E5%B7%A5%E5%85%B7%E4%BD%BF%E7%94%A8)\n- base64编码中应对`fromUrlSafe`函数(`-`转义为`+`,`_`转义为`/`)\n\n【2023-5-22】 0.24\n- 修复验证码在intruder中无法显示的bug\n- 再次修复了装载插件会影响proxy选项卡的问题\n\n【2023-7-2】 0.24.1\n- 修复加载插件影响intruder速度的问题(临时增加了一个按钮控制是否开启该插件)\n\n\u003cimg width=\"642\" alt=\"image\" src=\"https://github.com/f0ng/captcha-killer-modified/assets/48286013/8c8132ac-dd38-494f-aa47-80b6db4a7c93\"\u003e\n\n【2023-9-15】 0.24.2\n- 优化@captcha-killer-modified@关键字\n\n【2023-12-5】 0.24.3\n- 修复新版burp获取不到验证码问题\n\n【2024-1-4】 0.24.4\n- 服务端识别代码增加算术接口，可以进行算术验证码的识别\n\n【2024-4-2】 0.24.5\n1. 针对复杂算数验证码，进行训练获得模型，若有训练验证码的需求，可以联系作者代为训练，需捐赠，捐赠具体费用可以联系作者。这里取若依的验证码(默认配置)进行演示，测试了109个验证码，识别错误1个，准确率98%+\n\u003cimg width=\"159\" alt=\"image\" src=\"https://github.com/f0ng/captcha-killer-modified/assets/48286013/077968b6-97ba-4366-baf9-ceba078020e7\"\u003e\n\n2. 添加两个接口，添加reg2【识别无混淆的四则运算，项目默认模板】、reg3模板【识别混淆变形的若依四则运算验证码，默认模板不支持，需额外捐赠，捐赠具体费用可以联系作者】\n\n\n![f](https://starchart.cc/f0ng/captcha-killer-modified.svg)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ff0ng%2Fcaptcha-killer-modified","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ff0ng%2Fcaptcha-killer-modified","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ff0ng%2Fcaptcha-killer-modified/lists"}