Home  About  Editorial Board  Archives  Current Issue  Indexing  Submission  FaQ  Contact

Smart Inventory System for Expiry Date Tracking
Volume-7 | Issue-2

Deep Fake Images and Videos Detection using Deep Learning
Volume-7 | Issue-2

Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA
Volume-7 | Issue-2

A Review on Cryptocurrency and its Advancements in Present World
Volume-4 | Issue-4

Investigating Process Scheduling Techniques for Optimal Performance and Energy Efficiency in Operating Systems
Volume-6 | Issue-4

AI-Powered Data Interaction: A Natural Language Chatbot for CSV, Excel, and SQL Files
Volume-7 | Issue-1

Navigating the Cloud: Security, Compliance, and Risk Challenges in SME Adoption
Volume-7 | Issue-3

Edge Computing Research – A Review
Volume-5 | Issue-1

Gamification in Mobile Apps: Assessing the Effects on Customer Engagement and Loyalty in the Retail Industry
Volume-5 | Issue-4

AI based Identification of Students Dress Code in Schools and Universities
Volume-6 | Issue-1

AUTOMATION USING IOT IN GREENHOUSE ENVIRONMENT
Volume-1 | Issue-1

Principle of 6G Wireless Networks: Vision, Challenges and Applications
Volume-3 | Issue-4

Classification of Remote Sensing Image Scenes Using Double Feature Extraction Hybrid Deep Learning Approach
Volume-3 | Issue-2

Light Weight CNN based Robust Image Watermarking Scheme for Security
Volume-3 | Issue-2

VIRTUAL REALITY GAMING TECHNOLOGY FOR MENTAL STIMULATION AND THERAPY
Volume-1 | Issue-1

Design of Digital Image Watermarking Technique with Two Stage Vector Extraction in Transform Domain
Volume-3 | Issue-3

Analysis of Natural Language Processing in the FinTech Models of Mid-21st Century
Volume-4 | Issue-3

PROGRESS AND PRECLUSION OF KNEE OSTEOARTHRITIS: A STUDY
Volume-3 | Issue-3

Image Augmentation based on GAN deep learning approach with Textual Content Descriptors
Volume-3 | Issue-3

Comparative Analysis for Personality Prediction by Digital Footprints in Social Media
Volume-3 | Issue-2

Home / Archives / Volume-7 / Issue-2 / Article-3
Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA
Mohammad Shinaz Bhanu ,  Durgam Varshini,  Poosala Srikanth,  Payyavula Lokesh
Open Access
Volume - 7 • Issue - 2 • june 2025
119-129  1602 pdf-white-icon PDF
Abstract

This research focuses on identifying vulnerabilities in the CAPTCHA implementation of the Damn Vulnerable Web Application (DVWA). We utilize Optical Character Recognition (OCR) with Tesseract, capture internet traffic using OWASP ZAP, and develop Python-based automated scripts to bypass substandard CAPTCHA implementations. Throughout the study, we uncover critical vulnerabilities, including the lack of CAPTCHA verification for sensitive actions such as password changes. We provide a detailed step-by-step analysis of how attackers can exploit these vulnerabilities. We conclude by comparing these weak CAPTCHA methods with more robust alternatives, such as Google reCAPTCHA, and recommend best practices, including server-side validation, CAPTCHA obfuscation, and the implementation of multi-layered security systems. The research employs software tools including Tesseract OCR v5.3, OWASP ZAP 2.12.0, Python 3.10, and DVWA 1.10 on XAMPP.

Cite this article
Chicago APA MLA Vancouver IEEE Harvard BibTeX
Bhanu, Mohammad Shinaz, Durgam Varshini, Poosala Srikanth, and Payyavula Lokesh. "Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA." Journal of Information Technology and Digital World 7, no. 2 (2025): 119-129. doi: 10.36548/jitdw.2025.2.003
Copy Citation
Bhanu, M. S., Varshini, D., Srikanth, P., & Lokesh, P. (2025). Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA. Journal of Information Technology and Digital World, 7(2), 119-129. https://doi.org/10.36548/jitdw.2025.2.003
Copy Citation
Bhanu, Mohammad Shinaz, et al. "Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA." Journal of Information Technology and Digital World, vol. 7, no. 2, 2025, pp. 119-129. DOI: 10.36548/jitdw.2025.2.003.
Copy Citation
Bhanu MS, Varshini D, Srikanth P, Lokesh P. Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA. Journal of Information Technology and Digital World. 2025;7(2):119-129. doi: 10.36548/jitdw.2025.2.003
Copy Citation
M. S. Bhanu, D. Varshini, P. Srikanth, and P. Lokesh, "Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA," Journal of Information Technology and Digital World, vol. 7, no. 2, pp. 119-129, Jun. 2025, doi: 10.36548/jitdw.2025.2.003.
Copy Citation
Bhanu, M.S., Varshini, D., Srikanth, P. and Lokesh, P. (2025) 'Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA', Journal of Information Technology and Digital World, vol. 7, no. 2, pp. 119-129. Available at: https://doi.org/10.36548/jitdw.2025.2.003.
Copy Citation 
@article{bhanu2025,
  author    = {Mohammad Shinaz Bhanu and Durgam Varshini and Poosala Srikanth and Payyavula Lokesh},
  title     = {{Exploiting Vulnerabilities in Weak CAPTCHA Mechanisms within DVWA}},
  journal   = {Journal of Information Technology and Digital World},
  volume    = {7},
  number    = {2},
  pages     = {119-129},
  year      = {2025},
  publisher = {Inventive Research Organization},
  doi       = {10.36548/jitdw.2025.2.003},
  url       = {https://doi.org/10.36548/jitdw.2025.2.003}
}
Copy Citation
Keywords
DVWA CAPTCHA Vulnerabilities Exploitation OCR CAPTCHA Bypass XAMPP OWAS ZAP
Published
30 May, 2025
e-ISSN: 2582-418X
4 issues per year
DOI: https://doi.org/10.36548/jitdw
Indexing
GoogleScholar | Crossref | MicrosoftAcademic | ScienceGate | J-Gate
Publisher
publisherLogo
Inventive Research Organization
Publication Charges: Nil
inthenticate logo
Support us through subscription: click here
Subscription form: click here
×

Currently, subscription is the only source of revenue. The subscription resource covers the operating expenses such as web presence, online version, pre-press preparations, and staff wages.

To access the full PDF, please complete the payment process.

Subscription Details

Category Fee
Article Access Charge
15 USD
Open Access Fee Nil
Annual Subscription Fee
200 USD
paypal proceed
townscript proceed
After payment,
please send an email to irojournals.contact@gmail.com / journals@iroglobal.com requesting article access.
Subscription form: click here