Captcha Bypass -> Missing Parameter
CAPTCHA Is a type of challenge–response test used in computing to determine whether the user is human or a bot. Sometimes, web application fails to validate captcha if captcha parameter or value is not provided.
Exploitation
We will enter a wrong answer and intercept the request in burp.
Let’s remove the value of captcha and see what will happen
We got redirection to the capcha page, which means Our trick didn’t work.
Let’s try to remove the capcha parameter catcha= to see if we can bypass it.
Nice!, We have bypassed the captcha.