Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BOT_vs_reCAPTCHA.pdf

 BOT_vs_reCAPTCHA.pdf

9ec2ceee3f782e64fd67fa7d82b6c1b4?s=128

Hazumi Ichijo

July 05, 2018
Tweet

More Decks by Hazumi Ichijo

Other Decks in Programming

Transcript

  1. ©2018 Wantedly, Inc. BOT vs reCAPTCHA 05.July.2018 - Ұᑍ୺੅ and

    Human vs reCAPTCHA
  2. ©2018 Wantedly, Inc. ࣗݾ঺հ Ұᑍ୺੅!IB[VNJSS !SFSPTU 8FC"QQMJDBUJPO&OHJOFFS 3BJMT 3FBDU ʜ

    ۴࿏ߴઐஜ೾େֶ8BOUFEMZ
  3. ©2018 Wantedly, Inc. BOTͷରࡦͯ͠·͔͢ʁ

  4. ©2018 Wantedly, Inc. BOTʹΑΔ߈ܸ ໨త: ECαΠτͳͲ΁ͷSEO໨త ஫ҙ: emailೝূ΋௨ΔBOT͕͍Δ

  5. ©2018 Wantedly, Inc. BOTʹΑΔ߈ܸ ໨త: ECαΠτͳͲ΁ͷSEO໨త ஫ҙ: emailೝূ΋௨ΔBOT͕͍Δ https://en.wikipedia.org/wiki/CAPTCHA

  6. ©2018 Wantedly, Inc.

  7. ©2018 Wantedly, Inc. SF$"15$)"

  8. ©2018 Wantedly, Inc.

  9. ©2018 Wantedly, Inc. ϑϩϯτΤϯυ https://developers.google.com/recaptcha/docs/invisible#auto_render <html> <head> <title>reCAPTCHA demo: Simple

    page</title> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <script> function onSubmit(token) { document.getElementById("demo-form").submit(); } </script> </head> <body> <form id='demo-form' action="?" method="POST"> <button class="g-recaptcha" data-sitekey="your_site_key" data-callback='onSubmit'>Submit</button> <br/> </form> </body> </html>
  10. ©2018 Wantedly, Inc. ϑϩϯτΤϯυ https://developers.google.com/recaptcha/docs/invisible#auto_render <html> <head> <title>reCAPTCHA demo: Simple

    page</title> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <script> function onSubmit(token) { document.getElementById("demo-form").submit(); } </script> </head> <body> <form id='demo-form' action="?" method="POST"> <button class="g-recaptcha" data-sitekey="your_site_key" data-callback='onSubmit'>Submit</button> <br/> </form> </body> </html>
  11. ©2018 Wantedly, Inc. JSͰόϦσʔγϣϯ͍ͨ͠ͱ͖͸ʁ

  12. ©2018 Wantedly, Inc. ϑϩϯτΤϯυ ࢀߟ: https://developers.google.com/recaptcha/docs/invisible#programmatic_execute <html> <head> <title>reCAPTCHA demo:

    Simple page</title> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <script> function onSubmit(token) { document.getElementById("demo-form").submit(); } function onClick() { // όϦσʔγϣϯΛߦ͏ grecaptcha.execute(); } </script> </head> <body> <form id='demo-form' action="?" method="POST"> <div class="g-recaptcha" data-sitekey="your_site_key" data-callback="onSubmit" data-size="invisible"> </div> <button onClick="onClick" /> </form> </body> </html>
  13. ©2018 Wantedly, Inc. ϑϩϯτΤϯυ ࢀߟ: https://developers.google.com/recaptcha/docs/invisible#programmatic_execute <html> <head> <title>reCAPTCHA demo:

    Simple page</title> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <script> function onSubmit(token) { document.getElementById("demo-form").submit(); } function onClick() { // όϦσʔγϣϯΛߦ͏ grecaptcha.execute(); } </script> </head> <body> <form id='demo-form' action="?" method="POST"> <div class="g-recaptcha" data-sitekey="your_site_key" data-callback="onSubmit" data-size="invisible"> </div> <button onClick="onClick" /> </form> </body> </html>
  14. ©2018 Wantedly, Inc. αʔόαΠυ ࢀߟ: https://developers.google.com/recaptcha/docs/verify conn = Faraday.new(:url =>

    'https://www.google.com/') res = conn.post '/recaptcha/api/siteverify', { :secret => ‘RECAPTCHA_SECRET_KEY’, :response => ‘RECAPTCHA_TOKEN’ } is_bot = JSON.parse(res.body)["success"]
  15. ©2018 Wantedly, Inc. αʔόαΠυ https://github.com/ambethia/recaptcha/

  16. ©2018 Wantedly, Inc. αΫοͱಋೖͰ͖Δʂʁ

  17. ©2018 Wantedly, Inc. αΫοͱಋೖͰ͖Δʂʁ => ಋೖͨ͠

  18. ©2018 Wantedly, Inc. https://support.google.com/recaptcha/?hl=en#6081880

  19. ©2018 Wantedly, Inc. ਓؒ΋஄͔Εͯ͠·͏

  20. ©2018 Wantedly, Inc. wਓͰ΋#PUͱٙΘΕΔ͕࣌͋Δ w Ϣʔβʔʢਓʣ͕཭୤͢Δ w ஄͔Εͨͷ͕CPU͔ਓ͔ؒΘ͔Βͳ͍ w#PUͷ਺Λࣄલʹௐࠪ͢Δ͜ͱ͕ࠔ೉ ͦͷޙɾɾɾ

  21. ©2018 Wantedly, Inc. wਓͰ΋#PUͱٙΘΕΔ͕࣌͋Δ w Ϣʔβʔʢਓʣ͕཭୤͢Δ w ஄͔Εͨͷ͕CPU͔ਓ͔ؒΘ͔Βͳ͍ w#PUͷ਺Λࣄલʹௐࠪ͢Δ͜ͱ͕ࠔ೉ ͦͷޙɾɾɾ

    SF$"15$)"WͰશͯղܾʂʁ
  22. ©2018 Wantedly, Inc. SF$"15$)"W https://github.com/rerost/recaptcha_v3_demo

  23. ©2018 Wantedly, Inc. SF$"15$)"W %&.0

  24. ©2018 Wantedly, Inc. SF$"15$)"W // ਓؒ {"success"=>true, "challenge_ts"=>"2018-07-05T06:35:35Z", "hostname"=>"localhost", "score"=>0.9,

    “action"=>"demo"} // BOT {"success"=>true, "challenge_ts"=>"2018-07-05T06:36:36Z", "hostname"=>"localhost", "score"=>0.1, "action"=>"demo"}
  25. ©2018 Wantedly, Inc. SF$"15$)"W // ਓؒ {"success"=>true, "challenge_ts"=>"2018-07-05T06:35:35Z", "hostname"=>"localhost", "score"=>0.9,

    “action"=>"demo"} // BOT {"success"=>true, "challenge_ts"=>"2018-07-05T06:36:36Z", "hostname"=>"localhost", "score"=>0.1, "action"=>"demo"}
  26. ©2018 Wantedly, Inc. ·ͱΊ wSF$"15$)"ͷํ͕Ϣʔβʔͷख͕ؒݮΔ wW͸#PU͕஄͚Δ͕ίϯόʔδϣϯ͕Լ͕Γ͔Ͷͳ͍ w ਓखͰ཭୤͕#05͔ਓ͔ؒͲ͏͔֬ೝ͠΍͍͢෦෼ʹಋೖͯ͠νΣοΫͨ͠ w ݪҼ͸ը૾λΠϧ͕ग़Δ͜ͱʹΑΔϒϩοΫ

    wW͸#FUB൛͕ͩίϯόʔδϣϯ͸Լ͕Βͳ͍