BrunoBernardino
commented
7 years ago Thanks for submitting this issue @rogerioefonseca !
I suppose it is possible to check if the "correct" image was set before, its index, and if so, make sure the next value is different, but we're getting into a situation where then you can predict where the next "valid image" will be, if you can always rule out the previous failed image.
I'd be happy to look over a PR for that, though!
If you chooseto use a low number of images on your configuration, Visual Captcha can be broken if you keep continue clicking on the same image all the time.
Reason: At sometime the image that is been requested to be clicked will be on the position that you are clicking, because there are a very low number of possibilities. In the end if you are using a BadBoy you can easily break the Visual Captcha algorithm.
Possibility to resolve the security violation: Change the image position anwser to be different to the last click in the random image creating process.